holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Allow parameterized Limit to use log tags

Browse Source
This commit is contained in:
Tom Eastep 2010-12-29 12:20:18 -08:00
parent 230d284980
commit 1c55143524
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -760,7 +760,14 @@ sub allowinUPnP ( $$$ ) {
sub Limit( $$$ ) { sub Limit( $$$ ) {
my ($chainref, $level, $tag, $param ) = @_; my ($chainref, $level, $tag, $param ) = @_;
my @param = split /,/, $param ? $param : $tag; my @param;
if ( $param ) {
@param = split /,/, $param;
} else {
@param = split /,/, $tag;
$tag = '';
}
fatal_error 'Limit rules must include <set name>,<max connections>,<interval> as the log tag or as parameters' unless @param == 3; fatal_error 'Limit rules must include <set name>,<max connections>,<interval> as the log tag or as parameters' unless @param == 3;
@ -778,7 +785,7 @@ sub Limit( $$$ ) {
if ( $level ne '' ) { if ( $level ne '' ) {
my $xchainref = new_chain 'filter' , "$chainref->{name}%"; my $xchainref = new_chain 'filter' , "$chainref->{name}%";
log_rule_limit $level, $xchainref, $param[0], 'DROP', '', '', 'add', ''; log_rule_limit $level, $xchainref, $param[0], 'DROP', $tag, '', 'add', '';
add_rule $xchainref, '-j DROP'; add_rule $xchainref, '-j DROP';
add_jump $chainref, $xchainref, 0, "-m recent --name $set --update --seconds $param[2] --hitcount $count "; add_jump $chainref, $xchainref, 0, "-m recent --name $set --update --seconds $param[2] --hitcount $count ";
} else { } else {