Menu
▾
▴
Re: [Shorewall-users] Syntax?
|
From: Seth B. <se...@in...> - 2015-08-21 21:01:05
|
Thanks for the patch and fixes so quickly. Let me get the first 2 installed / changed and then I'll check again if the 3600 parameter was really the issue. Thanks again for such quick fixes. Sincerely, Seth Bardash Integrated Solutions and Systems 1510 Old North Gate Road Colorado Springs, CO 80921 719-495-5866 Shop 719-337-4779 Cell http://www2.iss-1.com Failure can not cope with knowledge and perseverance! -----Original Message----- From: Tom Eastep [mailto:te...@sh...] Sent: Friday, August 21, 2015 2:56 PM To: sho...@li... Subject: Re: [Shorewall-users] Syntax? On 08/21/2015 01:38 PM, Tom Eastep wrote: > > > On 08/21/2015 01:20 PM, Seth Bardash wrote: >> -----Original Message----- >> From: Tom Eastep [mailto:te...@sh...] >> Sent: Friday, August 21, 2015 2:12 PM >> To: sho...@li... >> Subject: Re: [Shorewall-users] Syntax? >> >>> >>> Any help with syntax would be appreciated. >> >> AutoBL(NS1,30,20,-,1200,DROP,none) ... >> >> This gives an error: >> >> Compiling /usr/share/shorewall/action.AutoBL for chain AutoBL... >> Perl Script Returned False /usr/share/shorewall/action.AutoBL >> (line 37) >> from /etc/shorewall/rules (line 343) >> >> That is why I used err instead. >> >> Also note that if 30 is used in the hitcount field the program >> abort on resart- ie: >> >> AutoBL(NS1,30,30,-,1200,DROP,err):none >> >> or a time of 3600 also aborts the restart. >> >> Running >> [root@fw20m shorewall]# shorewall version >> 4.6.8 > > The attached patch will allow you to specify 'none' in the last > parameter. I'll look at the other issues. > The maximum hitcount is determined by the 'ip_pkt_list_tot' parameter to the xt_recent module. The default appears to be 20. So if you want to use a value larger than 20, you need to adjust that parameter. I'm unable to reproduce the issue with 3600 -- what shows up in the system log when you experience the failure? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ----- No virus found in this message. Checked by AVG - www.avg.com Version: 2015.0.6125 / Virus Database: 4392/10472 - Release Date: 08/20/15 |