similar to: Logging and Actions

I managed to inadvertently purge my ''Shorewall'' email folder recently :-( so I''m unable to reply directly to Ian''s last post on this subject. One of the complicating aspects of actions is that an action can (and often does) invoke other actions. The current algorithm for processing actions is: a) read /etc/shorewall/actions and /usr/share/shorewall/actions.std

>From a diff of my current shorewall firewall script with the new one from the CVS today : $ diff -w /usr/share/shorewall/firewall /usr/src/shorewall/s/firewall [...] 673c910 < for network in $networks; do --- > for networks in $networks; do I don''t think that "for networks in $networks" works well. -- -IAN! Ian! D. Allen Ottawa, Ontario,

I think you can change the existing firewall logging code for log_rule_limit (where you have one case for for LOGRULENUMBERS and another almost identical case without) down to this slightly shorter version with no duplication (excerpt): if [ -n "$LOGRULENUMBERS" ]; then eval rulenum=\$${chain}_logrules [ -z "$rulenum" ] && rulenum=1 fi case

I am running shorewall 2.1.5, recently upgraded from 1.4 and am intrigued with these new actions and have two questions, first, if I create a action.Allow, just like there exists action.Drop and action.Reject, will the actions included in action.Allow be processed just like those in action.Drop? (whether I use this file in /etc/shorewall or /usr/share/shorewall) the most important question:

rsync-2.4.6-2mdk I ran an rsync into a file system that filled up. I got no error message out of rsync - it just stopped and exited sliently. I stuck an fprintf into the receiving code and verified that the proper error was being generated - it just never gets printed by the rsync sending process. I submitted a bug report about it; but, I can't believe that other people haven't had

Hello ext3-users, We have a RH71 machine running 2.4.16 kernel with e2fsprogs 1.25. I noticed many of these errors in our logs. EXT3-fs error (device sd(8,1)): ext3_readdir: bad entry in directory #884828: directory entry across blocks - offset=0, inode=404600689, rec_len=23080, name_len=59 EXT3-fs error (device sd(8,1)): ext3_readdir: bad entry in directory #966714: rec_len % 4 != 0 -

I am trying to get the AllowFTP action to work for Net > DMZ traffic and FTP pasv. I know it is kind of working, as the user can log in, however, it fails at the port. I have had to open up some high ports for pasv to work. Now I know this aint cool, so does anyone know what a person has to do to get the AllowFTP action to work the same way it does if I was just ftp to the firewall, which does

On Fri 07 January 2011 08:14:17 Hubert Kario wrote: > I''d suggest at least > mkfs.btrfs -m raid1 -d raid0 /dev/sdc /dev/sdd > if you really want raid0 I don''t fully understand -m or -d. Why would this make a truer raid0 that with no options? Is it necessary to use fdisk on new drives in creating a BTRFS multi-drive array? Or is this all that''s needed: #

Dear All, Firstly, thank you very much - shorewall is great. I''m not a member of this list, and please forgive me if I am suggesting something stupid, but the following occurs to me, and I thought it might be useful. Why no make it possible to specify zones as well as interfaces in the /etc/shorewall/masq file ? Eg: instead of: eth0 eth1 one might write: net loc (or masq in

I want to use --min-size to copy just large files (and their necessary parent directories), but everything I've tried copies *all* the source directories, and creates them empty on the destination even if they don't have any big files in them. I only want the minimal directory hierarchies that contain the big files. This doesn't work: $ rm -rf /tmp/foo $ rsync -ai --min-size

Hi RedHat 7.2, ext3 on /, kernel 2.4.18p1. whilst updatedb was running, i had these messages appear... Jan 6 22:18:42 jaguar kernel: EXT3-fs error (device ide0(3,3)): ext3_readdir: bad entry in directory #147553: rec_len %% 4 != 0 - offset=0, inode=1651076143, rec_len=19527, name_len=85 Jan 6 22:18:42 jaguar kernel: EXT3-fs error (device ide0(3,3)): ext3_readdir: bad entry in directory

Hi all, I was trying to test ROUTE specific code with a multi-isp serviced box. There is a bug somewhere, but I''m not able to understand what the real problem is: when I issue a "shorewall show capabilities" I get: Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Shorewall has

I would like to get some opinions on a backup method using rsync. I already have a script written to mirror the data over to a backup script from a cron that is run every night. I've also been tempted to use the "--delete" option to keep everything up to date on the backup server. However, this is probably a bad idea in the event my data is deleted from the "/home"

http://bugzilla.netfilter.org/show_bug.cgi?id=590 Summary: iptables unknown target data Product: iptables Version: CVS (please indicate timestamp) Platform: i386 OS/Version: Ubuntu Status: NEW Severity: normal Priority: P1 Component: iptables AssignedTo: laforge at netfilter.org ReportedBy:

I promise - this time all buffers in the editor are saved! Here mon shorewall # /etc/init.d/shorewall start * Starting firewall... Warning: default route ignored on interface eth0 iptables: No chain/target/match by that name ERROR: Command "/sbin/iptables -t mangle -A outtos -p tcp -d 0.0.0.0/0 --dpor t ssh -j TOS --set-tos 16" Failed /sbin/runscript.sh: line 532: 14701

As 2.2.0 is nearing release, I''ve begun to think about what I''ll do for 2.3 and I think that it is time for Shorewall to add support for IPV6. Because of parsing ambiguities, the need to maintain upward compatibility with both Shorewall and 6Wall, and different available functionality in IPV4 and IPV6 Netfilter, I believe that it is going to be necessary for some files to be

http://bugzilla.mindrot.org/show_bug.cgi?id=120 ------- Additional Comments From markus at openbsd.org 2002-02-19 04:29 ------- can you allocate ptys as non-root? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

https://bugzilla.samba.org/show_bug.cgi?id=2781 wayned@samba.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Additional Comments From wayned@samba.org 2005-06-09 09:34 ------- Rsync doesn't output "uptodate" for

This rule with a long name and logging: AllowInternetPrintingProtocol:debug causes this iptables error: Processing /etc/shorewall/rules... Rule "AllowSSH:info net fw" added. Rule "AllowPing:info net fw" added. Rule "AllowWeb:debug net fw" added. iptables v1.2.9: Maximum prefix length 29 for --log-prefix Try `iptables

I know these forums are typically for questions and such, but I thought some of you may be interested in this... For the past couple months I''ve been working on a Windows based IDE for Rails development in my spare time. It closely resembles Visual Studio in many respects, so if you''re a former ASP .NET developer like me, you''ll feel right at home. RIDE-ME is still