Hello, I''ve been using shorewall ever since Mandrake started shipping it, and am passably familiar with the config files and the simple setups. Recently I''ve discovered the "recent" module (no pun intended!) and want to setup a few rules that use this module. I searched all through the shorewall site (including http://www.google.com/search?q=site%3Alists.shorewall.net%20custom ) and cant figure out how to add a set of rules of my own. There seemed to be some help at http://www.shorewall.net/User_defined_Actions.html#id2495779 which I tried but it didn''t work (in the sense the rules didn''t seem to take effect. FWIW, this is what they look like, with just one rule for testing: # cat actions recent # cat action.recent # This file is empty # cat recent run_ptables -A INPUT -d 1.2.3.4 -m recent --name RECENTEST --set -j ACCEPT I know it''s a meaningless rule but I just want to see it come up if I then do: iptables -v -L -n | grep -i recent But nothing comes up. What am I missing...? Or *completely* misunderstanding :-( Thanks, Sitaram -- Sitaram Chamarty
Sitaram Chamarty wrote:> > # cat actions > recent > > # cat action.recent > # This file is empty > > # cat recent > run_ptables -A INPUT -d 1.2.3.4 -m recent --name RECENTEST --set -j ACCEPT > > > I know it''s a meaningless rule but I just want to see it come up if I > then do: > > iptables -v -L -n | grep -i recent > > But nothing comes up. > > What am I missing...? Or *completely* misunderstanding :-( >You must INVOKE the ''recent'' action for Shorewall to generate it. Shorewall only generates iptables chains for those actions which are actually used. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
on 02/08/2005 09:01 PM Tom Eastep wrote:>You must INVOKE the ''recent'' action for Shorewall to generate it. >Shorewall only generates iptables chains for those actions which are >actually used. > > >Thanks. In case it helps someone, the RPM that ships with Mandrake 10.0 official is crap. Too much missing stuff. I downloaded the latest one from http://www.monkeynoodle.org/tmp/ (linked from your download page) and things work fine. Sitaram