>> OK, I'll get on it, but before that I need to ask whether you have the >> "magical" NFACCT keyword for me to use after the ";" symbol (i.e. >> "INLINE ; NFACCT(all)" to place the nfacct match as well as include >> nfacct executable statements to create that object)? >> > > There is none -- everything after ';' is up to you. > Damn! Is there a chance to add this or implement something similar? I guess if I could include custom actions able to generate output (a string) which is then used to create that part of the rule, then that should work. Something like:
action.test ~~~~~~~~~~~ [execute "nfacct add" to create $1 object] RETURN "-m nfacct --nfacct-name $1" and then accounting ~~~~~~~~~~ SECTION INPUT INLINE ; test(all) to generate -A accountin -m nfacct --nfacct-name all as well as execute "nfacct add all" as part of executing the action body of "test". Anyway, found a bug: accounting ~~~~~~~~~~ SECTION INPUT INLINE - +dmz-net ; -m nfacct --nfacct-name test produces -A accountin -m nfacct --nfacct-name test-m set --match-set dmz-net src (note the absence of space character between "test" and "-m"). ------------------------------------------------------------------------------ Precog is a next-generation analytics platform capable of advanced analytics on semi-structured data. The platform includes APIs for building apps and a phenomenal toolset for data science. Developers can use our toolset for easy data analysis & visualization. Get a free account! http://www2.precog.com/precogplatform/slashdotnewsletter _______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
