extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-18 20:30:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

Another fix for auditone

Browse Source
This commit is contained in:
Tom Eastep 2011-05-30 16:37:56 -07:00
parent e6275ba31d
commit 4f296b62ae
2 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Shorewall/Perl/Shorewall/Misc.pm
View File

@ -203,8 +203,10 @@ sub setup_blacklist() {
my $chainref;
my $chainref1;
my ( $level, $disposition ) = @config{'BLACKLIST_LOGLEVEL', 'BLACKLIST_DISPOSITION' };
my $audit = $disposition =~ /^A_/;
my $target = $disposition eq 'REJECT' ? 'reject' : $disposition;
my $audit = $disposition =~ /^A_/;
my $target = $disposition eq 'REJECT' ? 'reject' : $disposition;
my $orig_target = $target;
#
# We go ahead and generate the blacklist chains and jump to them, even if they turn out to be empty. That is necessary
# for 'refresh' to work properly.
@ -280,7 +282,9 @@ sub setup_blacklist() {
} else {
warning_message "Duplicate 'audit' option ignored" if $auditone > 1;
$tgt = verify_audit( 'A_' . $target );
$tgt = verify_audit( 'A_' . $target, $orig_target );
}
}

4
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -1632,12 +1632,12 @@ sub process_macro ( $$$$$$$$$$$$$$$$$ ) {
#
# Confirm that we have AUDIT_TARGET capability and ensure the appropriate AUDIT chain.
#
sub verify_audit($) {
sub verify_audit($;$) {
my ($target, $audit ) = @_;
require_capability 'AUDIT_TARGET', "$target rules", '';
return ensure_audit_chain $target;
return ensure_audit_chain $target, $audit;
}
#