extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 17:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Use HELPERS to enable/disable helper association.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-08-03 19:26:02 -07:00
parent 72307df6d2
commit 093985dd93
4 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Shorewall/Perl/Shorewall/Compiler.pm
View File

@ -710,6 +710,16 @@ sub compiler {
# #
setup_proxy_arp; setup_proxy_arp;
my $setting = supplied $config{HELPERS} ? 0 : 1;
emit( "#\n# Set automatic helper association on kernel 3.5.0 and later\n#" ,
'if [ -f /proc/sys/net/netfilter/nf_conntrack_helper ]; then' ,
' progress_message "Setting up Automatic Helper Association"',
" echo $setting > /proc/sys/net/netfilter/nf_conntrack_helper",
'fi',
''
);
if ( $scriptfilename || $debug ) { if ( $scriptfilename || $debug ) {
emit 'return 0'; emit 'return 0';
pop_indent; pop_indent;

8
Shorewall/Perl/Shorewall/Config.pm
View File

@ -62,6 +62,7 @@ our @EXPORT = qw(
have_capability have_capability
require_capability require_capability
kernel_version
); );
our @EXPORT_OK = qw( $shorewall_dir initialize shorewall); our @EXPORT_OK = qw( $shorewall_dir initialize shorewall);
@ -3643,6 +3644,13 @@ sub require_capability( $$$ ) {
fatal_error "$description require${singular} $capdesc{$capability} in your kernel and iptables" unless have_capability $capability; fatal_error "$description require${singular} $capdesc{$capability} in your kernel and iptables" unless have_capability $capability;
} }
#
# Return Kernel Version
#
sub kernel_version() {
$capabilities{KERNELVERSION}
}
# #
# Set default config path # Set default config path
# #

4
Shorewall/manpages/shorewall.conf.xml
View File

@ -737,6 +737,10 @@ net all DROP info</programlisting>then the chain name is 'net2all'
<para>tftp</para> <para>tftp</para>
</listitem> </listitem>
</itemizedlist> </itemizedlist>
<para>When HELPERS is specified on a system running Kernel 3.5.0 or
later, automatic association of helpers to connections is disabled.
</para>
</listitem> </listitem>
</varlistentry> </varlistentry>

4
Shorewall6/manpages/shorewall6.conf.xml
View File

@ -646,6 +646,10 @@ net all DROP info</programlisting>then the chain name is 'net2all'
<para>tftp</para> <para>tftp</para>
</listitem> </listitem>
</itemizedlist> </itemizedlist>
<para>When HELPERS is specified on a system running Kernel 3.5.0 or
later, automatic association of helpers to connections is disabled.
</para>
</listitem> </listitem>
</varlistentry> </varlistentry>