mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-22 14:20:40 +01:00
Add an Audit action.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep
parent
374489c3cf
commit
c0a2f19500
54
Shorewall/action.Audit
Normal file
54
Shorewall/action.Audit
Normal file
@ -0,0 +1,54 @@
|
|||||||
|
#
|
||||||
|
# Shorewall 4 - AUDIT Action
|
||||||
|
#
|
||||||
|
# /usr/share/shorewall/action.AUDIT
|
||||||
|
#
|
||||||
|
# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
|
||||||
|
#
|
||||||
|
# (c) 2011 - Tom Eastep (teastep@shorewall.net)
|
||||||
|
#
|
||||||
|
# Complete documentation is available at http://shorewall.net
|
||||||
|
#
|
||||||
|
# This program is free software; you can redistribute it and/or modify
|
||||||
|
# it under the terms of Version 2 of the GNU General Public License
|
||||||
|
# as published by the Free Software Foundation.
|
||||||
|
#
|
||||||
|
# This program is distributed in the hope that it will be useful,
|
||||||
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
# GNU General Public License for more details.
|
||||||
|
#
|
||||||
|
# You should have received a copy of the GNU General Public License
|
||||||
|
# along with this program; if not, write to the Free Software
|
||||||
|
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||||
|
#
|
||||||
|
# AUDIT[(type)]
|
||||||
|
#
|
||||||
|
# Default type is drop
|
||||||
|
#
|
||||||
|
##########################################################################################
|
||||||
|
FORMAT 2
|
||||||
|
|
||||||
|
DEFAULTS drop
|
||||||
|
|
||||||
|
?BEGIN PERL;
|
||||||
|
|
||||||
|
use Shorewall::IPAddrs;
|
||||||
|
use Shorewall::Config;
|
||||||
|
use Shorewall::Chains;
|
||||||
|
|
||||||
|
my ( $type ) = get_action_params( 1 );
|
||||||
|
|
||||||
|
fatal_error "Invalid AUDIT type ($type)" unless $type =~ /^(?:accept|drop|reject)$/;
|
||||||
|
|
||||||
|
require_capability('AUDIT_TARGET', 'The AUDIT action', 's');
|
||||||
|
|
||||||
|
my $chainref = get_action_chain;
|
||||||
|
|
||||||
|
add_ijump( $chainref, j=> 'AUDIT', targetopts => "--type $type" );
|
||||||
|
|
||||||
|
allow_optimize( $chainref );
|
||||||
|
|
||||||
|
1;
|
||||||
|
|
||||||
|
?END PERL;
|
||||||
@ -35,6 +35,7 @@
|
|||||||
#ACTION
|
#ACTION
|
||||||
A_Drop # Audited Default Action for DROP policy
|
A_Drop # Audited Default Action for DROP policy
|
||||||
A_Reject # Audited Default action for REJECT policy
|
A_Reject # Audited Default action for REJECT policy
|
||||||
|
Audit # Audits a request
|
||||||
Broadcast # Handles Broadcast/Multicast/Anycast
|
Broadcast # Handles Broadcast/Multicast/Anycast
|
||||||
Drop # Default Action for DROP policy
|
Drop # Default Action for DROP policy
|
||||||
DropSmurfs # Drop smurf packets
|
DropSmurfs # Drop smurf packets
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user