diff --git a/Lrp2/etc/shorewall/rules b/Lrp2/etc/shorewall/rules index 3ac2c2d8c..74a4c1ea0 100644 --- a/Lrp2/etc/shorewall/rules +++ b/Lrp2/etc/shorewall/rules @@ -93,6 +93,10 @@ # excluded from the rule by following the zone name with # "!' and a comma-separated list of sub-zone names. # +# When "all" is used either in the SOURCE or DEST column +# intra-zone traffic is not affected. You must add +# separate rules to handle that traffic. +# # Except when "all" is specified, clients may be further # restricted to a list of subnets and/or hosts by # appending ":" and a comma-separated list of subnets @@ -123,6 +127,10 @@ # /etc/shorewall/zones, $FW to indicate the firewall # itself or "all" # +# When "all" is used either in the SOURCE or DEST column +# intra-zone traffic is not affected. You must add +# separate rules to handle that traffic. +# # Except when "all" is specified, the server may be # further restricted to a particular subnet, host or # interface by appending ":" and the subnet, host or diff --git a/Lrp2/usr/share/shorewall/firewall b/Lrp2/usr/share/shorewall/firewall index 9d8b573e9..85444ab71 100755 --- a/Lrp2/usr/share/shorewall/firewall +++ b/Lrp2/usr/share/shorewall/firewall @@ -2571,10 +2571,10 @@ add_an_action() else if [ -n "$loglevel" ]; then log_rule_limit $loglevel $action $logtarget "$ratelimit" "$logtag" $userandgroup \ - $(fix_bang $proto $sports $multiport $cli $dports) + $(fix_bang $proto $sports $multiport $cli $dest_interface $dports) fi - run_iptables2 -A $action $proto $multiport $cli $sports \ + run_iptables2 -A $action $proto $multiport $cli $dest_interface $sports \ $dports $ratelimit $userandgroup -j $target fi fi @@ -3357,7 +3357,7 @@ add_a_rule() if [ $COMMAND != check ]; then if [ -n "$loglevel" ]; then log_rule_limit $loglevel $chain $logtarget "$ratelimit" "$logtag" $userandgroup \ - $(fix_bang $proto $multiport $dest_interface $cli $sports $dports) + $(fix_bang $proto $multiport $cli $dest_interface $sports $dports) fi if [ "$logtarget" != LOG ]; then @@ -3366,8 +3366,8 @@ add_a_rule() $cli $sports $dports $ratelimit $userandgroup -j RETURN [ "$logtarget" != NONAT ] && \ - run_iptables2 -A $chain $proto $multiport $dest_interface \ - $cli $sports $dports $ratelimit $userandgroup -j $target + run_iptables2 -A $chain $proto $multiport $cli $dest_interface \ + $sports $dports $ratelimit $userandgroup -j $target fi fi fi diff --git a/Lrp2/usr/share/shorewall/version b/Lrp2/usr/share/shorewall/version index 2810558da..372444575 100644 --- a/Lrp2/usr/share/shorewall/version +++ b/Lrp2/usr/share/shorewall/version @@ -1 +1 @@ -2.0.3-Beta1 +2.0.3-RC1 diff --git a/Shorewall-docs2/starting_and_stopping_shorewall.xml b/Shorewall-docs2/starting_and_stopping_shorewall.xml index 48251ddd2..fadcfefac 100644 --- a/Shorewall-docs2/starting_and_stopping_shorewall.xml +++ b/Shorewall-docs2/starting_and_stopping_shorewall.xml @@ -15,7 +15,7 @@ - 2004-06-12 + 2004-06-15 2001-2004 @@ -455,7 +455,7 @@ This variable may contain a simple file name that designates the default restore script when the command doesn't specify one. To maintain backward compatibility with Shorewall 2.0.2, if RESTOREFILE - is not set or is set to the empty value (RESTOREFILE=""), the + is not set or is set to the empty value (RESTOREFILE=""), then the default value is restore. diff --git a/Shorewall2/fallback.sh b/Shorewall2/fallback.sh index 4a8adf4c8..10eb41c05 100755 --- a/Shorewall2/fallback.sh +++ b/Shorewall2/fallback.sh @@ -28,7 +28,7 @@ # shown below. Simply run this script to revert to your prior version of # Shoreline Firewall. -VERSION=2.0.3-Beta1 +VERSION=2.0.3-RC1 usage() # $1 = exit status { diff --git a/Shorewall2/install.sh b/Shorewall2/install.sh index 26202e4d0..d24c30a5c 100755 --- a/Shorewall2/install.sh +++ b/Shorewall2/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA # -VERSION=2.0.3-Beta1 +VERSION=2.0.3-RC1 usage() # $1 = exit status { diff --git a/Shorewall2/releasenotes.txt b/Shorewall2/releasenotes.txt index 922e11ca8..2bde7b1a5 100755 --- a/Shorewall2/releasenotes.txt +++ b/Shorewall2/releasenotes.txt @@ -1,4 +1,4 @@ -Shorewall 2.0.3 Beta 2 +Shorewall 2.0.3 RC1 ---------------------------------------------------------------------- Problems Corrected since 2.0.2 diff --git a/Shorewall2/shorewall.spec b/Shorewall2/shorewall.spec index 6913002dd..e9ee14922 100644 --- a/Shorewall2/shorewall.spec +++ b/Shorewall2/shorewall.spec @@ -1,6 +1,6 @@ %define name shorewall %define version 2.0.3 -%define release 0Beta1 +%define release 0RC1 %define prefix /usr Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. @@ -141,6 +141,8 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel %changelog +* Tue Jun 15 2004 Tom Eastep tom@shorewall.net +- Updated to 2.0.2-0RC1 * Mon Jun 14 2004 Tom Eastep tom@shorewall.net - Added %attr spec for /etc/init.d/shorewall * Sat May 15 2004 Tom Eastep tom@shorewall.net diff --git a/Shorewall2/uninstall.sh b/Shorewall2/uninstall.sh index 7f0ef686f..fbfb8de5e 100755 --- a/Shorewall2/uninstall.sh +++ b/Shorewall2/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Seattle Firewall -VERSION=2.0.3-Beta1 +VERSION=2.0.3-RC1 usage() # $1 = exit status {