Tom Eastep
2003-May-21 14:45 UTC
[Shorewall-users] Call for Testers of Shorewall/Fireparse (take 2)
The version of Shorewall in the \Shorewall CVS project has my next attempt at Fireparse integration. a) The LOGMARKER variable is gone and is replaced with LOGFORMAT b) LOGFORMAT contains a printf (1) formatting template that accepts three arguments: 1) The Chain Name 2) The Logging Rule Number within Chain 3) The disposition of the packet (DROP,REJECT,ACCEPT) c) To use Shorewall with Fireparse, I believe that the correct setting is: LOGFORMAT="fp=%d:%s a=%d" I don''t have time to install fireparse and test this so I''m looking for volunteers. You will need to be running 1.4.3 to test. The two files that you need from CVS are: firewall: Install in /usr/share/shorewall/firewall shorewall: Install in /usr/bin You will want to add the appropriate LOGFORMAT setting in your /etc/shorewall/shorewall.conf. You can get the shorewall.conf from CVS if you want to get my commentary and the default setting. I''m also interested in testers that are running Bering even if they aren''t interested in Fireparse because I want to be sure that ash and the meager toolset on Bering doesn''t throw up over the new code. Thanks, -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
Tom Eastep
2003-May-21 15:53 UTC
[Shorewall-users] Call for Testers of Shorewall/Fireparse (take 2)
On Wed, 21 May 2003 14:45:00 -0700, Tom Eastep <teastep@shorewall.net> wrote:> > c) To use Shorewall with Fireparse, I believe that the correct setting > is: > > LOGFORMAT="fp=%d:%s a=%d" >I grabbed a copy of fireparse and smoke-tested and it looks like this is better (note the trailing space): LOGFORMAT="fp=%d:%s a=%d " -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net