Earlier validation of log level used in action invocation

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6985 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-perl/Shorewall/Actions.pm

@@ -35,7 +35,6 @@ our @ISA = qw(Exporter);
 our @EXPORT = qw( merge_levels
 		  isolate_basic_target
 		  add_requiredby
-		  createlogactionchain
 		  createactionchain
 		  find_logactionchain
 		  process_actions1
@@ -261,6 +260,10 @@ sub createlogactionchain( $$ ) {
     my $actionref = $actions{$action};
     my $chainref;
     
+    my ($lev, $tag) = split ':', $level;
+
+    validate_level $lev;
+
     $chain = substr $chain, 0, 28 if ( length $chain ) > 28;
 
     while ( $chain_table{'%' . $chain . $actionref->{actchain}} ) {
@@ -269,8 +272,6 @@ sub createlogactionchain( $$ ) {
 
     $actionref = new_action $action unless $actionref;
 
-    $level = 'none' unless $level;
-
     $logactionchains{"$action:$level"} = $chainref = new_chain 'filter', '%' . $chain . $actionref->{actchain}++;
 
     mark_referenced $chainref; # Just in case the action body is empty.

Shorewall-perl/Shorewall/Chains.pm

@@ -1274,7 +1274,7 @@ sub log_rule_limit( $$$$$$$$ ) {
 
     my $prefix;
 
-    $level = validate_level $level;
+    $level = validate_level $level; # Do this here again because this function can be called directly from user exits.
 
     return 1 if $level eq '';