extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-15 12:14:32 +01:00
Code Issues Packages Projects Releases Wiki Activity

More fixes for logging rules

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6278 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-05-08 02:34:58 +00:00
parent 18fd54baf7
commit a96f86c36c
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Shorewall-perl/Shorewall/Config.pm
View File

@ -867,9 +867,9 @@ sub get_configuration( $ ) {
$globals{ORIGINAL_POLICY_MATCH} = $capabilities{POLICY_MATCH}; $globals{ORIGINAL_POLICY_MATCH} = $capabilities{POLICY_MATCH};
if ( $config{LOGRATE} || $config{LOGBURST} ) { if ( $config{LOGRATE} || $config{LOGBURST} ) {
$globals{LOGLIMIT} = '-m limit'; $globals{LOGLIMIT} = '-m limit ';
$globals{LOGLIMIT} .= " --limit $config{LOGRATE}" if $config{LOGRATE}; $globals{LOGLIMIT} .= "--limit $config{LOGRATE} " if $config{LOGRATE};
$globals{LOGLIMIT} .= " --limit-burst $config{LOGBURST}" if $config{LOGBURST}; $globals{LOGLIMIT} .= "--limit-burst $config{LOGBURST} " if $config{LOGBURST};
} else { } else {
$globals{LOGLIMIT} = ''; $globals{LOGLIMIT} = '';
} }

2
Shorewall-perl/Shorewall/Rules.pm
View File

@ -260,7 +260,7 @@ sub setup_syn_flood_chains() {
$burst = $burst ? "--limit-burst $burst " : ''; $burst = $burst ? "--limit-burst $burst " : '';
my $synchainref = new_chain 'filter' , syn_chain $chainref->{name}; my $synchainref = new_chain 'filter' , syn_chain $chainref->{name};
add_rule $synchainref , "-m limit --limit $limit ${burst}-j RETURN"; add_rule $synchainref , "-m limit --limit $limit ${burst}-j RETURN";
log_rule_limit $level , $synchainref , $chainref->{name} , 'DROP', '-m limit --limit 5/min --limit-burst 5' , '' , 'add' , '' log_rule_limit $level , $synchainref , $chainref->{name} , 'DROP', '-m limit --limit 5/min --limit-burst 5 ' , '' , 'add' , ''
if $level ne ''; if $level ne '';
add_rule $synchainref, '-j DROP'; add_rule $synchainref, '-j DROP';
} }