extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-29 02:54:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Correct handling of AUDIT_TARGET is both cli libraries.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2011-05-30 11:39:21 -07:00
parent 26d08b92c0
commit 2dec3a8ecb
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Shorewall/lib.cli
View File

@ -1706,6 +1706,7 @@ determine_capabilities() {
MARK_ANYWHERE= MARK_ANYWHERE=
HEADER_MATCH= HEADER_MATCH=
ACCOUNT_TARGET= ACCOUNT_TARGET=
AUDIT_TARGET=
chain=fooX$$ chain=fooX$$
@ -1845,7 +1846,7 @@ determine_capabilities() {
qt $IPTABLES -A $chain -j LOG || LOG_TARGET= qt $IPTABLES -A $chain -j LOG || LOG_TARGET=
qt $IPTABLES -A $chain -j MARK --set-mark 5 && MARK_ANYWHERE=Yes qt $IPTABLES -A $chain -j MARK --set-mark 5 && MARK_ANYWHERE=Yes
qt $IPTABLES -A $chain -j ACCOUNT --addr 192.168.1.0/29 --tname $chain && ACCOUNT_TARGET=Yes qt $IPTABLES -A $chain -j ACCOUNT --addr 192.168.1.0/29 --tname $chain && ACCOUNT_TARGET=Yes
qt $IPTABLES -A $chain -j AUDIT --type drop && ACCOUNT_TARGET=Yes qt $IPTABLES -A $chain -j AUDIT --type drop && AUDIT_TARGET=Yes
qt $IPTABLES -F $chain qt $IPTABLES -F $chain
qt $IPTABLES -X $chain qt $IPTABLES -X $chain
@ -1928,6 +1929,7 @@ report_capabilities() {
report_capability "Mark in any table" $MARK_ANYWHERE report_capability "Mark in any table" $MARK_ANYWHERE
report_capability "Header Match" $HEADER_MATCH report_capability "Header Match" $HEADER_MATCH
report_capability "ACCOUNT Target" $ACCOUNT_TARGET report_capability "ACCOUNT Target" $ACCOUNT_TARGET
report_capability "AUDIT Target" $AUDIT_TARGET
fi fi
[ -n "$PKTTYPE" ] || USEPKTTYPE= [ -n "$PKTTYPE" ] || USEPKTTYPE=
@ -1995,6 +1997,7 @@ report_capabilities1() {
report_capability1 MARK_ANYWHERE report_capability1 MARK_ANYWHERE
report_capability1 HEADER_MATCH report_capability1 HEADER_MATCH
report_capability1 ACCOUNT_TARGET report_capability1 ACCOUNT_TARGET
report_capability1 AUDIT_TARGET
echo CAPVERSION=$SHOREWALL_CAPVERSION echo CAPVERSION=$SHOREWALL_CAPVERSION
echo KERNELVERSION=$KERNELVERSION echo KERNELVERSION=$KERNELVERSION

5
Shorewall6/lib.cli
View File

@ -1345,6 +1345,7 @@ determine_capabilities() {
MARK_ANYWHERE= MARK_ANYWHERE=
HEADER_MATCH= HEADER_MATCH=
ACCOUNT_TARGET= ACCOUNT_TARGET=
AUDIT_TARGET=
chain=fooX$$ chain=fooX$$
@ -1569,7 +1570,8 @@ report_capabilities() {
report_capability "fwmark route mask" $FWMARK_RT_MASK report_capability "fwmark route mask" $FWMARK_RT_MASK
report_capability "Mark in any table" $MARK_ANYWHERE report_capability "Mark in any table" $MARK_ANYWHERE
report_capability "Header Match" $HEADER_MATCH report_capability "Header Match" $HEADER_MATCH
report_capability "ACCOUNT Match" $ACCOUNT_TARGET report_capability "ACCOUNT Target" $ACCOUNT_TARGET
report_capability "AUDIT Target" $AUDIT_TARGET
fi fi
[ -n "$PKTTYPE" ] || USEPKTTYPE= [ -n "$PKTTYPE" ] || USEPKTTYPE=
@ -1634,6 +1636,7 @@ report_capabilities1() {
report_capability1 MARK_ANYWHERE report_capability1 MARK_ANYWHERE
report_capability1 HEADER_MATCH report_capability1 HEADER_MATCH
report_capability1 ACCOUNT_TARGET report_capability1 ACCOUNT_TARGET
report_capability1 AUDIT_TARGET
echo CAPVERSION=$SHOREWALL_CAPVERSION echo CAPVERSION=$SHOREWALL_CAPVERSION
echo KERNELVERSION=$KERNELVERSION echo KERNELVERSION=$KERNELVERSION