diff --git a/Shorewall-perl/Shorewall/Chains.pm b/Shorewall-perl/Shorewall/Chains.pm index 79aea823c..f18158774 100644 --- a/Shorewall-perl/Shorewall/Chains.pm +++ b/Shorewall-perl/Shorewall/Chains.pm @@ -462,6 +462,7 @@ sub new_chain($$) $ch{log} = 1 if $globals{LOGRULENUMBERS}; $ch{rules} = []; $ch{table} = $table; + $ch{loglevel} = ''; $chain_table{$table}{$chain} = \%ch; \%ch; } diff --git a/Shorewall-perl/Shorewall/Policy.pm b/Shorewall-perl/Shorewall/Policy.pm index 0b29974b6..f9240decd 100644 --- a/Shorewall-perl/Shorewall/Policy.pm +++ b/Shorewall-perl/Shorewall/Policy.pm @@ -205,7 +205,7 @@ sub validate_policy() push @policy_chains, ( $chainref ); } - $chainref->{loglevel} = $loglevel if $loglevel; + $chainref->{loglevel} = $loglevel if defined $loglevel && $loglevel ne ''; $chainref->{synparams} = $synparams if $synparams; $chainref->{default} = $default if $default; @@ -243,7 +243,7 @@ sub policy_rules( $$$$ ) { add_rule $chainref, "-j $default" if $default && $default ne 'none'; - log_rule $loglevel , $chainref , $target , '' if $loglevel; + log_rule $loglevel , $chainref , $target , '' if $loglevel ne ''; fatal_error "Null target in policy_rules()" unless $target; diff --git a/Shorewall-perl/Shorewall/Rules.pm b/Shorewall-perl/Shorewall/Rules.pm index 3081d720a..0956c6d58 100644 --- a/Shorewall-perl/Shorewall/Rules.pm +++ b/Shorewall-perl/Shorewall/Rules.pm @@ -249,7 +249,7 @@ sub setup_syn_flood_chains() { my $synchainref = new_chain 'filter' , syn_chain $chainref->{name}; add_rule $synchainref , "-m limit --limit $limit ${burst}-j RETURN"; log_rule_limit $level , $synchainref , $chainref->{name} , 'DROP', '-m limit --limit 5/min --limit-burst 5' , '' , 'add' , '' - if defined $level && $level ne ''; + if $level ne ''; add_rule $synchainref, '-j DROP'; } } @@ -1171,7 +1171,7 @@ sub process_rule ( $$$$$$$$$ ) { if ( ( ( my $policy ) = $policychainref->{policy} ) ne 'NONE' ) { if ( $optimize > 0 ) { my $loglevel = $policychainref->{loglevel}; - if ( defined $loglevel && $loglevel ne '' ) { + if ( $loglevel ne '' ) { next if $target eq "${policy}:$loglevel}"; } else { next if $action eq $policy; @@ -1191,7 +1191,7 @@ sub process_rule ( $$$$$$$$$ ) { if ( ( ( my $policy ) = $policychainref->{policy} ) ne 'NONE' ) { if ( $optimize > 0 ) { my $loglevel = $policychainref->{loglevel}; - if ( defined $loglevel && $loglevel ne '') { + if ( $loglevel ne '') { next if $target eq "${policy}:$loglevel}"; } else { next if $action eq $policy; @@ -1212,7 +1212,7 @@ sub process_rule ( $$$$$$$$$ ) { if ( ( ( my $policy ) = $policychainref->{policy} ) ne 'NONE' ) { if ( $optimize > 0 ) { my $loglevel = $policychainref->{loglevel}; - if ( defined $loglevel && $loglevel ne '' ) { + if ( $loglevel ne '' ) { next if $target eq "${policy}:$loglevel}"; } else { next if $action eq $policy;