On 9/10/2014 12:45 AM, Tom Robinson wrote: > # shorewall version > 4.5.20 > CentOS 5.10 > > Hi, > > I hope that I'm just being completely blinkered by something and an idiot. > Maybe someone can > enlighten me. Please hit me with a clue stick! > > I don't understand why, when I've set ACCOUNTING_TABLE=mangle in > /etc/shorewall/shorewall.conf: > > # grep '^ACCOUNTING_TABLE' /etc/shorewall/shorewall.conf > ACCOUNTING_TABLE=mangle > > I get this error when checking shorewall: > > # shorewall check > Checking... > Processing /etc/shorewall/params ... > Processing /etc/shorewall/shorewall.conf... > Loading Modules... > Checking /etc/shorewall/zones... > Checking /etc/shorewall/interfaces... > Checking /etc/shorewall/hosts... > Determining Hosts in Zones... > Locating Action Files... > Checking /etc/shorewall/policy... > Running /etc/shorewall/initdone... > Adding Anti-smurf Rules > Adding rules for DHCP > Checking TCP Flags filtering... > Checking Kernel Route Filtering... > Checking Martian Logging... > Checking /etc/shorewall/tcinterfaces... > Checking /etc/shorewall/tcpri... > Checking /etc/shorewall/masq... > Checking MAC Filtration -- Phase 1... > Checking /etc/shorewall/blrules... > Checking /etc/shorewall/rules... > Checking MAC Filtration -- Phase 2... > Applying Policies... > Checking /usr/share/shorewall/action.Reject for chain Reject... > Checking /usr/share/shorewall/action.Broadcast for chain Broadcast... > Checking /usr/share/shorewall/action.Drop for chain Drop... > Checking /etc/shorewall/accounting... > Use of uninitialized value in string eq at > /usr/lib/perl5/vendor_perl/5.8.8/Shorewall/Accounting.pm > line 126, <$currentfile> line 13. > ERROR: The PREROUTING SECTION is not allowed when ACCOUNTING_TABLE=filter > /etc/shorewall/accounting (line 13) > > What am I missing? >
You're missing nothing -- my bad. Patch attached. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Accounting.pm
b/Shorewall/Perl/Shorewall/Accounting.pm
index 69c6257..add7313 100644
--- a/Shorewall/Perl/Shorewall/Accounting.pm
+++ b/Shorewall/Perl/Shorewall/Accounting.pm
@@ -155,8 +155,6 @@ sub process_accounting_rule1( $$$$$$$$$$$ ) {
my ($action, $chain, $source, $dest, $proto, $ports, $sports, $user,
$mark, $ipsec, $headers ) = @_;
- $acctable = $config{ACCOUNTING_TABLE};
-
$jumpchainref = 0;
$asection = LEGACY if $asection < 0;
@@ -453,6 +451,8 @@ sub setup_accounting() {
set_section_function( &process_section );
+ $acctable = $config{ACCOUNTING_TABLE};
+
first_entry "$doing $fn...";
my $nonEmpty = 0;
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
