On Sat, Nov 01, 2003 at 04:23:28PM +0100, Bart Smit wrote:
> On Fri, 31 Oct 2003, Jim McBeath wrote:
> > Below are the changes in diff -u format.
> Just had a quick first glance and, while it looks very promising, there
> are glitches. At first, the rule type field is not initialized correctly
> when you edit a rule. It always says Pass (so if you do the edit&save
> dance without changing anything, block-rules will become pass-rules).
I'm not following you here. Previously, m0n0 did not support blocking
rules, so any existing rule was a pass rule. If you don't change the
type to BLOCK, it will stay a pass rule.
> Secondly, we could do with some more input checking. It lets me enter
> ridiculously high values for the sequence number. I didn't veryfy, but I
> doubt that the firewall backend will be very happy with these, and even if
> it swallows them without complaints, they may not yield the desired
The sequence number is only used by m0n0 to sort the rules within the
interface group; it is not passed to the backend.
> Otherwise, great idea, and I'll pound it a bit more.