[Ferm] Simulate (-n) does not catch missing variables
Anders Nordby
ferm at anders.fupp.net
Thu Sep 26 11:42:00 CEST 2013
Hi,
I wrote one mistake in a rule file. I have defined:
@def $NET_BUDSTIKKA_BERGEN = (212.4.55.189);
However I forgot a dollar sign when trying to use it:
saddr NET_BUDSTIKKA_BERGEN ACCEPT;
This of course makes ferm fail:
root at evm2:~# /etc/init.d/ferm reload
Reloading Firewall configuration...iptables-restore v1.4.14:
host/network `NET_BUDSTIKKA_BERGEN' not found
Error occurred at line: 1153
Try `iptables-restore -h' or 'iptables-restore --help' for more
information.
But I want to catch this without having to read the logs, through
monitoring. Unfortunately ferm -n does not see the error:
root at evm2:~# ferm -n /etc/ferm/ferm.conf
root at evm2:~# echo $?
0
Why? Seems like a bug to me.
Cheers,
--
Anders.
More information about the Ferm
mailing list