mirror of
https://gitlab.com/shorewall/code.git
synced 2025-06-19 08:07:13 +02:00
Disallow wildcard optional/required interfaces
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
7625b4069b
commit
165535cd8b
@ -937,6 +937,8 @@ sub process_interface( $$ ) {
|
||||
$hostoptions{routeback} = $options{routeback} = 1;
|
||||
}
|
||||
|
||||
fatal_error "Optional and Required interfaces may not have wildcard names" if ( $wildcard || $physical =~ /\+/ ) && ( $options{optional} || $options{required} );
|
||||
|
||||
$hostoptions{routeback} = $options{routeback} = is_a_bridge( $physical ) unless $export || $options{routeback};
|
||||
|
||||
$hostoptionsref = \%hostoptions;
|
||||
|
@ -14,6 +14,8 @@ Changes in Shorewall 4.4.10
|
||||
|
||||
7) Rename PREFIX to DESTDIR in install scripts
|
||||
|
||||
8) Optional/required interfaces with wildcard names disallowed.
|
||||
|
||||
Changes in Shorewall 4.4.9
|
||||
|
||||
1) Auto-detection of bridges.
|
||||
|
@ -243,6 +243,26 @@ I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
|
||||
`sys2sys':/usr/local/libexec/xtables/libipt_sys2sys.so:
|
||||
cannot open shared object file: No such file or directory
|
||||
|
||||
4) Previously, if the 'optional' option was given to an interface with
|
||||
a wildcard physical name, specific instances of the interface were
|
||||
never considered usable.
|
||||
|
||||
Example:
|
||||
|
||||
/etc/shorewall/interfaces:
|
||||
|
||||
#ZONE INTERFACE BROADCAST OPTIONS
|
||||
net ppp+ - optional
|
||||
|
||||
/etc/shorewall/providers:
|
||||
|
||||
#PROVIDER NUMBER MARK DUPLICATE INTERFACE ...
|
||||
XYZTEL 1 - main ppp0
|
||||
|
||||
The XYZTEL provider was never usable.
|
||||
|
||||
This configuration now generates a compile-time error.
|
||||
|
||||
----------------------------------------------------------------------------
|
||||
I V. K N O W N P R O B L E M S R E M A I N I N G
|
||||
----------------------------------------------------------------------------
|
||||
|
Loading…
x
Reference in New Issue
Block a user