Discussion:
[Shorewall-users] Warning Message on following rule ADD(SW_DBL4:src):info net $FW
Nigel Aves
2017-02-23 00:56:51 UTC
Permalink
I recently implemented "blacklist if connection attempt on unused port"
from Tom's help and one of the rules was the following:-

ADD(SW_DBL4:src):info net $FW

When I do a configuration check I get the following warning

Checking /usr/share/shorewall/action.Drop for chain Drop... Checking
/usr/share/shorewall/action.Broadcast for chain Broadcast... *WARNING:
Log Prefix shortened to "Shorewall:net-fw:ADD(SW_DBL4 "
/etc/shorewall/rules (line 121)* Checking /etc/shorewall/conntrack...
Checking MAC Filtration -- Phase 2...

not sure if this is causing an issue or not, but thought I should pass
it along.

Nigel Aves.
--
from the desk of Nigel

http://soft-focus-imagining.com
http://twin-peaks-video.com
Bill Shirley
2017-02-23 02:41:16 UTC
Permalink
Look at the LOGTAGONLY section of this page:
http://www.shorewall.org/shorewall_logging.html

It has an example of using a more meaningful tag (IPv6 tunneling).

Bill
I recently implemented "blacklist if connection attempt on unused port" from Tom's help and one of the rules was the following:-
ADD(SW_DBL4:src):info net $FW
When I do a configuration check I get the following warning
Checking /usr/share/shorewall/action.Drop for chain Drop... Checking /usr/share/shorewall/action.Broadcast for chain
Broadcast... *WARNING: Log Prefix shortened to "Shorewall:net-fw:ADD(SW_DBL4 " /etc/shorewall/rules (line 121)* Checking
/etc/shorewall/conntrack... Checking MAC Filtration -- Phase 2...
not sure if this is causing an issue or not, but thought I should pass it along.
Nigel Aves.
--
from the desk of Nigel
http://soft-focus-imagining.com
http://twin-peaks-video.com
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
https://lists.sourceforge.net/lists/listinfo/shorewall-users
Nigel Aves
2017-02-23 14:45:28 UTC
Permalink
Bill,

Thanks for reply. I'm very uncertain what it should be changed too. Thom
E. published the setting in an email to help out on a problem I was
having getting IPv4 ipsets to work.

Nigel.
Post by Bill Shirley
http://www.shorewall.org/shorewall_logging.html
It has an example of using a more meaningful tag (IPv6 tunneling).
Bill
I recently implemented "blacklist if connection attempt on unused port" from Tom's help and one of the rules was the following:-
ADD(SW_DBL4:src):info net $FW
When I do a configuration check I get the following warning
Checking /usr/share/shorewall/action.Drop for chain Drop... Checking /usr/share/shorewall/action.Broadcast for chain
Broadcast... *WARNING: Log Prefix shortened to "Shorewall:net-fw:ADD(SW_DBL4 " /etc/shorewall/rules (line 121)* Checking
/etc/shorewall/conntrack... Checking MAC Filtration -- Phase 2...
not sure if this is causing an issue or not, but thought I should pass it along.
Nigel Aves.
--
from the desk of Nigel
http://soft-focus-imagining.com
http://twin-peaks-video.com
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
https://lists.sourceforge.net/lists/listinfo/shorewall-users
--
from the desk of Nigel

http://soft-focus-imagining.com
http://twin-peaks-video.com
Vieri Di Paola
2017-02-23 16:04:15 UTC
Permalink
----- Original Message -----
Post by Nigel Aves
Thanks for reply. I'm very uncertain what it should be changed too. Thom
E. published the setting in an email to help out on a problem I was
having getting IPv4 ipsets to work.
You can try:
LOGTAGONLY=Yes

and then in your rules file, add this to every action:
:info:mytag

where "mytag" can be anything you want. You can then grep it in the log.
Nigel Aves
2017-02-23 16:48:42 UTC
Permalink
Thank you Vieri, I'll give it a go.
Post by Vieri Di Paola
----- Original Message -----
Post by Nigel Aves
Thanks for reply. I'm very uncertain what it should be changed too. Thom
E. published the setting in an email to help out on a problem I was
having getting IPv4 ipsets to work.
LOGTAGONLY=Yes
:info:mytag
where "mytag" can be anything you want. You can then grep it in the log.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
https://lists.sourceforge.net/lists/listinfo/shorewall-users
--
from the desk of Nigel

http://soft-focus-imagining.com
http://twin-peaks-video.com
Loading...