From 8e7af2e95e2fc470ec4b6c7bddc63b184779f852 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Sun, 13 Mar 2016 15:28:49 -0700
Subject: [PATCH] Additional editing of audit action parameters.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Config.pm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index 92281c831..b5b58e90e 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -3303,7 +3303,8 @@ sub setup_audit_action( $ ) {
 
     if ( supplied $audit ) {
 	fatal_error "Invalid parameter ($audit) to action $action" if $audit ne 'audit';
-	$actparms{1} = "A_$target";
+	fatal_error "Only ACCEPT, DROP and REJECT may be audited" unless $target =~ /^(?:A_)?(?:ACCEPT|DROP|REJECT)\b/;
+	$actparms{1} = "A_$target" unless $target =~ /^A_/;
     }
 }