From a96f86c36c373f80e01e6e9ba3ff6cd630b1dff1 Mon Sep 17 00:00:00 2001 From: teastep Date: Tue, 8 May 2007 02:34:58 +0000 Subject: [PATCH] More fixes for logging rules git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6278 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-perl/Shorewall/Config.pm | 6 +++--- Shorewall-perl/Shorewall/Rules.pm | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Shorewall-perl/Shorewall/Config.pm b/Shorewall-perl/Shorewall/Config.pm index 53836b472..b106ebca0 100644 --- a/Shorewall-perl/Shorewall/Config.pm +++ b/Shorewall-perl/Shorewall/Config.pm @@ -867,9 +867,9 @@ sub get_configuration( $ ) { $globals{ORIGINAL_POLICY_MATCH} = $capabilities{POLICY_MATCH}; if ( $config{LOGRATE} || $config{LOGBURST} ) { - $globals{LOGLIMIT} = '-m limit'; - $globals{LOGLIMIT} .= " --limit $config{LOGRATE}" if $config{LOGRATE}; - $globals{LOGLIMIT} .= " --limit-burst $config{LOGBURST}" if $config{LOGBURST}; + $globals{LOGLIMIT} = '-m limit '; + $globals{LOGLIMIT} .= "--limit $config{LOGRATE} " if $config{LOGRATE}; + $globals{LOGLIMIT} .= "--limit-burst $config{LOGBURST} " if $config{LOGBURST}; } else { $globals{LOGLIMIT} = ''; } diff --git a/Shorewall-perl/Shorewall/Rules.pm b/Shorewall-perl/Shorewall/Rules.pm index a50116dfa..3127078f7 100644 --- a/Shorewall-perl/Shorewall/Rules.pm +++ b/Shorewall-perl/Shorewall/Rules.pm @@ -260,7 +260,7 @@ sub setup_syn_flood_chains() { $burst = $burst ? "--limit-burst $burst " : ''; my $synchainref = new_chain 'filter' , syn_chain $chainref->{name}; add_rule $synchainref , "-m limit --limit $limit ${burst}-j RETURN"; - log_rule_limit $level , $synchainref , $chainref->{name} , 'DROP', '-m limit --limit 5/min --limit-burst 5' , '' , 'add' , '' + log_rule_limit $level , $synchainref , $chainref->{name} , 'DROP', '-m limit --limit 5/min --limit-burst 5 ' , '' , 'add' , '' if $level ne ''; add_rule $synchainref, '-j DROP'; }