Beta 3 is now available for testing. Corrections in this release: 1) Corrections included in Shorewall 4.4.21.1. 2) Several problems reported by Steven Springl. The rest is largely cleanup of the new rule infrastructure. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ 10 Tips for Better Web Security Learn 10 ways to better secure your business today. Topics covered include: Web security, SSL, hacker attacks & Denial of Service (DoS), private keys, security Microsoft Exchange, secure Instant Messaging, and much more. http://www.accelacomm.com/jaw/sfnl/114/51426210/
Tom The attached config. generates the following iptables rule: -A OUTPUT -m policy --dir out --pol none -j fw2err which produces the following error message: iptables-restore v1.4.11.1: Couldn''t load target `fw2err'':No such file or directory Steven. ------------------------------------------------------------------------------ 10 Tips for Better Web Security Learn 10 ways to better secure your business today. Topics covered include: Web security, SSL, hacker attacks & Denial of Service (DoS), private keys, security Microsoft Exchange, secure Instant Messaging, and much more. http://www.accelacomm.com/jaw/sfnl/114/51426210/
Tom In the attached config. the entry in secmarks produces the following error messages: Use of uninitialized value in numeric gt (>) at /usr/share/shorewall/Shorewall/Chains.pm line 1264. ERROR: Internal error in Shorewall::Chains::decrement_reference_count at /usr/share/shorewall/Shorewall/Chains.pm line 1264 Steven. ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
Tom The attached minimal config. produces the following messages: Use of uninitialized value in string eq at /usr/share/shorewall/Shorewall/Providers.pm line 1098. Use of uninitialized value in string eq at /usr/share/shorewall/Shorewall/Providers.pm line 1131. Steven. ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Sat, 2011-07-23 at 13:51 +0100, Steven Jan Springl wrote:> In the attached config. the entry in secmarks produces the following error > messages: > > Use of uninitialized value in numeric gt (>) > at /usr/share/shorewall/Shorewall/Chains.pm line 1264. > > ERROR: Internal error in Shorewall::Chains::decrement_reference_count > at /usr/share/shorewall/Shorewall/Chains.pm line 1264Steven, Ouch! This is a difficult one that affects many versions of Shorewall. I''ll have to think about the best way to correct it. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Sat, 2011-07-23 at 14:36 +0100, Steven Jan Springl wrote:> The attached minimal config. produces the following messages: > > Use of uninitialized value in string eq > at /usr/share/shorewall/Shorewall/Providers.pm line 1098. > > Use of uninitialized value in string eq > at /usr/share/shorewall/Shorewall/Providers.pm line 1131.Steven, This one was easier. Patch attached. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Saturday 23 July 2011 15:19:20 Tom Eastep wrote:> On Sat, 2011-07-23 at 14:36 +0100, Steven Jan Springl wrote: > > The attached minimal config. produces the following messages: > > > > Use of uninitialized value in string eq > > at /usr/share/shorewall/Shorewall/Providers.pm line 1098. > > > > Use of uninitialized value in string eq > > at /usr/share/shorewall/Shorewall/Providers.pm line 1131. > > Steven, > > This one was easier. Patch attached. > > Thanks, > -TomTom Confirmed. The patch works. Thanks. Steven. ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Sat, 2011-07-23 at 06:58 -0700, Tom Eastep wrote:> On Sat, 2011-07-23 at 13:51 +0100, Steven Jan Springl wrote: > > > In the attached config. the entry in secmarks produces the following error > > messages: > > > > Use of uninitialized value in numeric gt (>) > > at /usr/share/shorewall/Shorewall/Chains.pm line 1264. > > > > ERROR: Internal error in Shorewall::Chains::decrement_reference_count > > at /usr/share/shorewall/Shorewall/Chains.pm line 1264> Ouch! This is a difficult one that affects many versions of Shorewall. > I''ll have to think about the best way to correct it.Steven, This patch is a bit of a hack but it will have to do. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Sat, 2011-07-23 at 07:33 -0700, Tom Eastep wrote:> > This patch is a bit of a hack but it will have to do.In looking at the patch, I see that I neglected to commit the previous fix prior to generating this patch; so the second hunk will fail, but that''s harmless. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Saturday 23 July 2011 15:33:20 Tom Eastep wrote:> On Sat, 2011-07-23 at 06:58 -0700, Tom Eastep wrote: > > On Sat, 2011-07-23 at 13:51 +0100, Steven Jan Springl wrote: > > > In the attached config. the entry in secmarks produces the following > > > error messages: > > > > > > Use of uninitialized value in numeric gt (>) > > > at /usr/share/shorewall/Shorewall/Chains.pm line 1264. > > > > > > ERROR: Internal error in Shorewall::Chains::decrement_reference_count > > > at /usr/share/shorewall/Shorewall/Chains.pm line 1264 > > > > Ouch! This is a difficult one that affects many versions of Shorewall. > > I''ll have to think about the best way to correct it. > > Steven, > > This patch is a bit of a hack but it will have to do. > > Thanks, > -TomTom I backed off the SAME.diff. The patch then applied with the following offsets: patching file Chains.pm Hunk #2 succeeded at 715 (offset -1 lines). Hunk #3 succeeded at 953 (offset 1 line). Hunk #4 succeeded at 970 (offset 1 line). Hunk #5 succeeded at 1014 (offset 1 line). Hunk #6 succeeded at 4486 (offset -42 lines). Hunk #7 succeeded at 4988 (offset -42 lines). I now get the following messages: Use of uninitialized value in numeric gt (>) at /usr/share/shorewall/Shorewall/Chains.pm line 1269. ERROR: Internal error in Shorewall::Chains::decrement_reference_count at /usr/share/shorewall/Shorewall/Chains.pm line 1269 Steven. ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Saturday 23 July 2011 16:18:11 Tom Eastep wrote:> On Sat, 2011-07-23 at 16:01 +0100, Steven Jan Springl wrote: > > On Saturday 23 July 2011 15:33:20 Tom Eastep wrote: > > m > > > > I backed off the SAME.diff. The patch then applied with the following > > offsets: > > > > patching file Chains.pm > > Hunk #2 succeeded at 715 (offset -1 lines). > > Hunk #3 succeeded at 953 (offset 1 line). > > Hunk #4 succeeded at 970 (offset 1 line). > > Hunk #5 succeeded at 1014 (offset 1 line). > > Hunk #6 succeeded at 4486 (offset -42 lines). > > Hunk #7 succeeded at 4988 (offset -42 lines). > > > > I now get the following messages: > > > > Use of uninitialized value in numeric gt (>) > > at /usr/share/shorewall/Shorewall/Chains.pm line 1269. > > > > ERROR: Internal error in Shorewall::Chains::decrement_reference_count > > at /usr/share/shorewall/Shorewall/Chains.pm line 1269 > > Crap -- sent you the 4.4.21 Chains.pm. Here''s 4.4.22.Tom I replaced Chains.pm with the version you sent me. I now get the following messages: Use of uninitialized value in numeric gt (>) at /usr/share/shorewall/Shorewall/Chains.pm line 1268. ERROR: Internal error in Shorewall::Chains::decrement_reference_count at /usr/share/shorewall/Shorewall/Chains.pm line 1268 Steven. ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Sat, 2011-07-23 at 16:37 +0100, Steven Jan Springl wrote:> O > I replaced Chains.pm with the version you sent me. I now get the following > messages: > > Use of uninitialized value in numeric gt (>) > at /usr/share/shorewall/Shorewall/Chains.pm line 1268. > > ERROR: Internal error in Shorewall::Chains::decrement_reference_count > at /usr/share/shorewall/Shorewall/Chains.pm line 1268Yep -- I must have tested in the wrong window when I thought that the problem was resolved. Back to the drawing board. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Jul 23, 2011, at 8:41 AM, Tom Eastep wrote:> On Sat, 2011-07-23 at 16:37 +0100, Steven Jan Springl wrote: >> O >> I replaced Chains.pm with the version you sent me. I now get the following >> messages: >> >> Use of uninitialized value in numeric gt (>) >> at /usr/share/shorewall/Shorewall/Chains.pm line 1268. >> >> ERROR: Internal error in Shorewall::Chains::decrement_reference_count >> at /usr/share/shorewall/Shorewall/Chains.pm line 1268 > > Yep -- I must have tested in the wrong window when I thought that the > problem was resolved. > > Back to the drawing board.Okay -- this seems to really fix it. Thanks, Steven -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Jul 23, 2011, at 11:08 AM, Tom Eastep wrote:> > Okay -- this seems to really fix it.Here''s an additional one-line typo fix. -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Saturday 23 July 2011 19:28:27 Tom Eastep wrote:> On Jul 23, 2011, at 11:08 AM, Tom Eastep wrote: > > Okay -- this seems to really fix it. > > Here''s an additional one-line typo fix. > > -Tom > > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________Tom PORTLIST1.patch applied. PORTLIST2.patch failed. I have attached chains.pm.rej and the corresponding lines in chains.pm Steven ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
Tom In the attached minimal config. the two Limit actions produce the following messages: Use of uninitialized value in string eq at /usr/share/shorewall/Shorewall/Chains.pm line 2347. Use of uninitialized value in hash element at /usr/share/shorewall/Shorewall/Chains.pm line 2676. Use of uninitialized value in hash element at /usr/share/shorewall/Shorewall/Chains.pm line 2676. Steven. ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
On Fri, 2011-07-22 at 23:46 +0100, Steven Jan Springl wrote:> The attached config. generates the following iptables rule: > > -A OUTPUT -m policy --dir out --pol none -j fw2err > > which produces the following error message: > > iptables-restore v1.4.11.1: Couldn''t load target `fw2err'':No such file or > directorySteven, The attached patch seems to correct this issue. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
On Sunday 24 July 2011 15:24:03 Tom Eastep wrote:> On Fri, 2011-07-22 at 23:46 +0100, Steven Jan Springl wrote: > > The attached config. generates the following iptables rule: > > > > -A OUTPUT -m policy --dir out --pol none -j fw2err > > > > which produces the following error message: > > > > iptables-restore v1.4.11.1: Couldn''t load target `fw2err'':No such file or > > directory > > Steven, > > The attached patch seems to correct this issue. > > Thanks, > -TomTom Confirmed, the patch corrects the issue. Thanks. Steven. ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
On Sun, 2011-07-24 at 15:50 +0100, Steven Jan Springl wrote:> > Confirmed, the patch corrects the issue. >Thanks, Steven -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
On Sun, 2011-07-24 at 15:15 +0100, Steven Jan Springl wrote:> In the attached minimal config. the two Limit actions produce the following > messages: > > Use of uninitialized value in string eq > at /usr/share/shorewall/Shorewall/Chains.pm line 2347. > > Use of uninitialized value in hash element > at /usr/share/shorewall/Shorewall/Chains.pm line 2676. > > Use of uninitialized value in hash element > at /usr/share/shorewall/Shorewall/Chains.pm line 2676.Steven, The attached simple patch eliminates these diagnostics. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
On Sunday 24 July 2011 16:19:06 Tom Eastep wrote:> On Sun, 2011-07-24 at 15:15 +0100, Steven Jan Springl wrote: > > In the attached minimal config. the two Limit actions produce the > > following messages: > > > > Use of uninitialized value in string eq > > at /usr/share/shorewall/Shorewall/Chains.pm line 2347. > > > > Use of uninitialized value in hash element > > at /usr/share/shorewall/Shorewall/Chains.pm line 2676. > > > > Use of uninitialized value in hash element > > at /usr/share/shorewall/Shorewall/Chains.pm line 2676. > > Steven, > > The attached simple patch eliminates these diagnostics. > > Thanks, > -TomTom Confirmed, the message are eliminated. Thanks. Steven. ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
On Jul 24, 2011, at 9:35 AM, Steven Jan Springl wrote:> > Confirmed, the message are eliminated. >Thanks, Steven -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
Tom In the attached minimal config. the following rule: Broadcast(0,audit) all all tcp 100 produces the following error message: ERROR: ERROR: Internal error in Shorewall::Chains::find_chain at /usr/share/shorewall/Shorewall/Chains.pm line 1694 : /usr/share/shorewall/action.Broadcast (line 71) Steven. ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
On Jul 24, 2011, at 11:00 AM, Steven Jan Springl wrote:> In the attached minimal config. the following rule: > > Broadcast(0,audit) all all tcp 100 > > produces the following error message: > > ERROR: ERROR: Internal error in Shorewall::Chains::find_chain > at /usr/share/shorewall/Shorewall/Chains.pm line > 1694 : /usr/share/shorewall/action.Broadcast (line 71)Steven, The attached patch corrects this in the new parameterized actions. -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
On Jul 24, 2011, at 11:00 AM, Steven Jan Springl wrote:> In the attached minimal config. the following rule: > > Broadcast(0,audit) all all tcp 100 > > produces the following error message: > > ERROR: ERROR: Internal error in Shorewall::Chains::find_chain > at /usr/share/shorewall/Shorewall/Chains.pm line > 1694 : /usr/share/shorewall/action.Broadcast (line 71)Steven, The attached patch corrects this in the new parameterized actions. -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
On Jul 24, 2011, at 11:00 AM, Steven Jan Springl wrote:> In the attached minimal config. the following rule: > > Broadcast(0,audit) all all tcp 100 > > produces the following error message: > > ERROR: ERROR: Internal error in Shorewall::Chains::find_chain > at /usr/share/shorewall/Shorewall/Chains.pm line > 1694 : /usr/share/shorewall/action.Broadcast (line 71)Steven, The attached patch corrects this in the new parameterized actions. -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
On Jul 24, 2011, at 11:43 AM, Tom Eastep wrote:> On Jul 24, 2011, at 11:00 AM, Steven Jan Springl wrote: >> In the attached minimal config. the following rule: >> >> Broadcast(0,audit) all all tcp 100 >> >> produces the following error message: >> >> ERROR: ERROR: Internal error in Shorewall::Chains::find_chain >> at /usr/share/shorewall/Shorewall/Chains.pm line >> 1694 : /usr/share/shorewall/action.Broadcast (line 71) > > > Steven, > > The attached patch corrects this in the new parameterized actions. >Sigh -- I''m trying to do too many things at once. The first hunk should not have been included. I''ve deleted it from this copy. Thanks, again -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
On Sunday 24 July 2011 19:57:46 Tom Eastep wrote:> On Jul 24, 2011, at 11:43 AM, Tom Eastep wrote: > > On Jul 24, 2011, at 11:00 AM, Steven Jan Springl wrote: > >> In the attached minimal config. the following rule: > >> > >> Broadcast(0,audit) all all tcp 100 > >> > >> produces the following error message: > >> > >> ERROR: ERROR: Internal error in Shorewall::Chains::find_chain > >> at /usr/share/shorewall/Shorewall/Chains.pm line > >> 1694 : /usr/share/shorewall/action.Broadcast (line 71) > > > > Steven, > > > > The attached patch corrects this in the new parameterized actions. > > Sigh -- I''m trying to do too many things at once. The first hunk should not > have been included. > > I''ve deleted it from this copy. > > Thanks, again > -Tom > > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________Tom Confirmed. That''s fixed the issue. Thanks. Steven. ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
On Jul 24, 2011, at 12:48 PM, Steven Jan Springl wrote:> On Sunday 24 July 2011 19:57:46 Tom Eastep wrote: > > Confirmed. That''s fixed the issue. >Thanks, Steven -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Magic Quadrant for Content-Aware Data Loss Prevention Research study explores the data loss prevention market. Includes in-depth analysis on the changes within the DLP market, and the criteria used to evaluate the strengths and weaknesses of these DLP solutions. http://www.accelacomm.com/jaw/sfnl/114/51385063/
Tom In the attached config. rule: Broadcast(ACCEPTX,audit) all all tcp 100 generates the following iptables rule: -A %Broadcast -m addrtype --dst-type BROADCAST -j AUDIT --type acceptx which produces the following error message: iptables-restore v1.4.11.1: Bad action type value "acceptx" Steven. ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Mon, 2011-07-25 at 16:45 +0100, Steven Jan Springl wrote:> In the attached config. rule: > > Broadcast(ACCEPTX,audit) all all tcp 100 > > generates the following iptables rule: > > -A %Broadcast -m addrtype --dst-type BROADCAST -j AUDIT --type acceptx > > which produces the following error message: > > iptables-restore v1.4.11.1: Bad action type value "acceptx"Steven, I seem to be making a career out of correcting this one defect. Patch attached. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Monday 25 July 2011 16:59:06 Tom Eastep wrote:> On Mon, 2011-07-25 at 16:45 +0100, Steven Jan Springl wrote: > > In the attached config. rule: > > > > Broadcast(ACCEPTX,audit) all all tcp 100 > > > > generates the following iptables rule: > > > > -A %Broadcast -m addrtype --dst-type BROADCAST -j AUDIT --type acceptx > > > > which produces the following error message: > > > > iptables-restore v1.4.11.1: Bad action type value "acceptx" > > Steven, > > I seem to be making a career out of correcting this one defect. Patch > attached. > > Thanks, > -TomTom Confirmed. That''s fixed it. Thanks. Steven. ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
On Mon, 2011-07-25 at 17:14 +0100, Steven Jan Springl wrote:> > Confirmed. That''s fixed it. >Thanks, Steven -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/