From 09fc5e317ae1580d6e5fced5a4500f0fcc765bab Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Thu, 6 Mar 2003 23:21:25 +0000
Subject: [PATCH] Process params file before shorewall.conf

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@482 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall/firewall | 11 +++++++++--
 Shorewall/rules    |  2 ++
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/Shorewall/firewall b/Shorewall/firewall
index 2c6b83b4e..068ccf1c8 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -4306,6 +4306,14 @@ do_initialize() {
 
     trap "rm -rf $TMP_DIR; my_mutex_off; exit 2" 1 2 3 4 5 6 9
 
+    if [ -n "$SHOREWALL_DIR" -a -f $SHOREWALL_DIR/params ]; then
+	params=$SHOREWALL_DIR/params
+    else
+	params=/etc/shorewall/params
+    fi
+
+    [ -f $params ] && echo "Processing $params..." && . $params
+
     if [ -n "$SHOREWALL_DIR" -a -f $SHOREWALL_DIR/shorewall.conf ]; then
 	config=$SHOREWALL_DIR/shorewall.conf
     else
@@ -4313,6 +4321,7 @@ do_initialize() {
     fi
 
     if [ -f $config ]; then
+	echo "Processing $config..."
 	. $config
     else
 	echo "$config does not exist!" >&2
@@ -4419,8 +4428,6 @@ do_initialize() {
 	CLEAR_TC=
     fi
 
-    run_user_exit params
-
     #
     # Strip the files that we use often
     #
diff --git a/Shorewall/rules b/Shorewall/rules
index 0a80d62c5..53bae816c 100755
--- a/Shorewall/rules
+++ b/Shorewall/rules
@@ -97,6 +97,8 @@
 #				2. In DNAT rules, only IP addresses are
 #				   allowed; no FQDNs or subnet addresses
 #				   are permitted.
+#				3. You may not specify both an interface and
+#				   an address.
 #
 #			The port that the server is listening on may be
 #			included and separated from the server's IP address by