I have recently started blacklisting by accumulating lines in the blrules file, e.g.
DROP net:200.62.170.200 all The number of lines is growing fairly quickly, so it occurred to me that I could improve maintenance by defining a macro to hide the fixed elements of these lines. I read http://shorewall.net/Macros.html carefully, but found it somewhat confusing because of the changes to macro support in recent releases. I thought I could code my entries very simply like this: KillHost 200.62.170.200 I am running shorewall 4.5.5.3, so I tried to use the format1 style in my macro.KillHost as follows: #ACTION SOURCE DEST DROP net:PARAM all ... but that was rejected "unknown destination zone (all)". Although this message does not really describe my syntax error, I take it to mean that I can only associate PARAM with the first field (ACTION). Is that correct? I read the section titled "Shorewall 4.4.16 and Later". I found the description of multiple parameters and default values confusing. I tried several permutations, although I am unsure what features would be acceptable (because I don't have 4.5.10), e.g. #ACTION SOURCE DEST DEFAULT 1 DROP $1 net:$2 all Could you help me with the correct syntax? If you are confident that something like this should work, I will try upgrading to a newer version. Thanks, Brian ------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
