Based on feedback from Mr Dash Four, I've made several changes:
1) An 'audit' option has been added to the
/etc/shorewall/blacklist file which causes the packets matching
the entryto be audited. 'audit' may not be specified together
with 'accept'.
2) With the exception of 'Limit', the builtin actions
(dropBroadcast, rejNonSyn, etc.) now support
an 'audit' parameter which causes all ACCEPT, DROP and REJECTs
performed by the action to be audited. This allows creation of
audited versions of the Shorewall-provided default actions
(action.Drop and action.Reject).
3) When an audited action is specified in shorewall.conf
(BLACKLIST_DISPOSITION, etc.), auditing is now done in-line
rather than in a separate chain.
-Tom
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
PGP.sig
Description: This is a digitally signed message part
------------------------------------------------------------------------------ What Every C/C++ and Fortran developer Should Know! Read this article and learn how Intel has extended the reach of its next-generation tools to help Windows* and Linux* C/C++ and Fortran developers boost performance applications - including clusters. http://p.sf.net/sfu/intel-dev2devmay
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
