search for: rulenum

I think you can change the existing firewall logging code for log_rule_limit (where you have one case for for LOGRULENUMBERS and another almost identical case without) down to this slightly shorter version with no duplication (excerpt): if [ -n "$LOGRULENUMBERS" ]; then eval rulenum=\$${chain}_logrules [ -z "$rulenum" ] && rulenum=1 fi case $level in U...

Any BFD/AFP softwares available for FreeBSD 4.10? Im getting flooded with ssh and ftp attempts.

Let''s move this to the Shorewall Development list.... On Tuesday 10 February 2004 03:14 pm, xavier wrote: > here is a patch to allow this : > |ACCEPT<10/sec:20>:debug fw lan:$ntp_servers udp 123 - - - - ntp > > a problem with the patch is that now the logprefix is mandatory. > i''m trying to debug it, but i can''t find the flaw. Also, with

Hi all, I am having an issue with a multiple ISP setup. I have followed the docs online and I think I have everything setup correctly but I can get the desired traffice to go out my secondary ISP. A quick run down on what I am trying to acomplish. I want to send all sip/iax traffic out one ISP in the net zone and then send all other traffic out my secondary ISP in the dsl zone. Attached is

...t -j DROP iptables -A FORWARD -m ipp2p --tcp --edk --soul -j DROP same error. but if I use iptables -m ipp2p -help I get the help page: [root@router iptables]# iptables -m ipp2p --help iptables v1.2.9 Usage: iptables -[AD] chain rule-specification [options] iptables -[RI] chain rulenum rule-specification [options] iptables -D chain rulenum [options] . IPP2P v0.7.1 options: --ipp2p Grab all known p2p packets --ipp2p-data Identify all known p2p download commands (obsolete) --edk [TCP&UDP] All known eDonkey/eMule/Overnet packets --dc...

...Try `iptables -h'' or ''iptables --help'' for more information. Fixing this means checking the length of the expansion of the LOGFORMAT variable after printf has had its way. Perhaps change this: --log-prefix ''"$(printf "$LOGFORMAT" $chain $rulenum $disposition)"'' to this: --log-prefix ''"$(Logprintf "$LOGFORMAT" $chain $rulenum $disposition)"'' Logprintf () { fmt="$1" shift temp=$( printf "$fmt" $* ) if [ ${#temp} -gt 29 ]; then save="$temp"...

...+ [ -n info ] + log_rule info newnotsyn DROP + local level=info + local chain=newnotsyn + local disposition=DROP + shift + shift + shift + log_rule_limit info newnotsyn DROP --match limit --limit 1/second \ --limit-burst 60 + local level=info + local chain=newnotsyn + local disposition=DROP + local rulenum= + local limit=--match limit --limit 1/second --limit-burst 60 local: --limit: bad variable name + shift + shift + shift + shift + [ -n ] + eval iptables -A newnotsyn --match -j LOG --log-level info --log-prefix "`printf "$LOGFORMAT" $chain $disposition`" + printf Shorewall:%s...

...arguments xtables-events: fix missing newline in table and chain events nft: fix built-in chain ordering of the nat table src: use nft_*_list_add_tail nft: break chain listing if only one if looked for nft: fix selective chain display via -S xtables: add -I chain rulenum xtables: remove bogus comment regarding rule replacement nft: no need for rule lookup if no position specified via -I xtables: fix typo in add_entry for the IPv6 case nft: fix match revision lookup for IPv6 etc: add default IPv6 table and chain definitions xtable...

As suggested here: http://lists.shorewall.net/pipermail/shorewall-users/2004-October/015097.html I''ve run: adam@shrike:~$ /sbin/iptables -m policy --help iptables v1.2.11 Usage: iptables -[AD] chain rule-specification [options] iptables -[RI] chain rulenum rule-specification [options] iptables -D chain rulenum [options] --snip-- And: adam@shrike:~$ sudo /sbin/iptables -N foo adam@shrike:~$ sudo /sbin/iptables -N foo -m policy --pol none iptables v1.2.11: policy match: neither --in nor --out specified Try `iptables -h'' or ''...

http://bugzilla.netfilter.org/show_bug.cgi?id=578 Summary: Inserting Rule requires rulename as first argument (instead of the rulenumber) Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: trivial Priority: P1 Component: iptables AssignedTo: laforge at netfilter.org ReportedBy: felix.schuster at...

https://bugzilla.netfilter.org/show_bug.cgi?id=861 Summary: Repeated arguments with known final state Product: iptables Version: 1.4.x Platform: arm OS/Version: other Status: NEW Severity: minor Priority: P5 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy:

Hello list, I''m newbie in this list. Well, i''m going crazy with ipp2p. Googling i find a mini-howto but i''ve got problems. 1) Download: * iptables-dev (apt-get) * kernel-headers-2.x.x (your kernel, "uname -r") * src of your iptables (iptables -V and apt-get source) * ipp2p-0.8.0.tar.gz (stable) 2) untar ipp2p and cd ipp2p 3) Edit Makefile, if it''s

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I''m running systems with openswan and modified _updown script supporting shorewall dynamic hosts. Because on problems with cvs head version of openswan I found a error from shorewall dynamic hosts support. When host is already in zone shorewall aborts adding process with error. This is not good thing(tm). I found out that deleting host from

I am getting the following message when Shorewall stops can anybody shed any light on this message and where I should be looking? Thanks root@bobshost:~# shorewall stop Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Stopping Shorewall...Processing /etc/shorewall/stop ... IP Forwarding Enabled