thr3ads.net - Shorewall devel - [PATCH] Allow numerical range of ids in uid/gid matching. [Jun 2012]

If this information is useful, please help other people find it:
Share via:

Gergely Risko

2012-Jun-19 08:28 UTC

[PATCH] Allow numerical range of ids in uid/gid matching.

Hi,

I use this rule in my rules file:
DROP            $FW             net             -       -       -              
-               -               2000-2999
to disable everyone in the range from accessing the net, without knowing
apriori the list of users I want to disable.

This used to work with shorewall 4.0.15 (debian lenny), but doesn''t
work
anymore because of an additional regex check that has been added.

I attached a patch that fixes the issue for me.

Thanks,
Gergely Risko



------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today''s security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

Tom Eastep

2012-Jun-19 13:21 UTC

head link

Re: [PATCH] Allow numerical range of ids in uid/gid matching.

On 06/19/2012 01:28 AM, Gergely Risko wrote:> Hi,
>
> I use this rule in my rules file:
> DROP            $FW             net             -       -       -          
-               -               2000-2999
> to disable everyone in the range from accessing the net, without knowing
> apriori the list of users I want to disable.
>
> This used to work with shorewall 4.0.15 (debian lenny), but
doesn''t work
> anymore because of an additional regex check that has been added.
>
> I attached a patch that fixes the issue for me.
Applied.

Thanks,
-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today''s security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

Shorewall devel - Jun 2012 - [PATCH] Allow numerical range of ids in uid/gid matching.

[PATCH] Allow numerical range of ids in uid/gid matching.

Re: [PATCH] Allow numerical range of ids in uid/gid matching.