[Shorewall-users] Treating undefined variables as errors
Eric E. Bowles
Thu, 18 Jul 2002 01:22:01 +0900
I noticed that "shorewall check" doesn't seem to flag a warning if a
variable used in /etc/shorewall/rules hasn't been defined in
For example, the following rule, which is supposed to restrict
telnet access to networks defined by $OPS,
ACCEPT net:$OPS fw tcp telnet
would unintentionally allow telnet from the rest of the net if
$OPS isn't defined in params.
Is it possible to flag this as an error in "shorewall check"?
Maybe a source or destination of the form "zone:" shouldn't be accepted?