Update for Shorewall 2.1.11

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1684 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2004-10-13 22:41:15 +00:00
parent 366baf005b
commit 1d6c7fd8c7
5 changed files with 11 additions and 7 deletions

View File

@ -28,7 +28,7 @@
# shown below. Simply run this script to revert to your prior version of # shown below. Simply run this script to revert to your prior version of
# Shoreline Firewall. # Shoreline Firewall.
VERSION=2.1.10 VERSION=2.1.11
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -5479,12 +5479,14 @@ initialize_netfilter () {
if [ -n "$CLAMPMSS" ]; then if [ -n "$CLAMPMSS" ]; then
case $CLAMPMSS in case $CLAMPMSS in
Yes) Yes)
run_iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu option="--clamp-mss-to-pmtu"
;; ;;
*) *)
run_iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss $CLAMPMSS option="--set-mss $CLAMPMSS"
;; ;;
esac esac
run_iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS $option
fi fi
if [ -z "$NEWNOTSYN" ]; then if [ -z "$NEWNOTSYN" ]; then
@ -5499,7 +5501,7 @@ initialize_netfilter () {
run_iptables -A newnotsyn -i $interface $(match_source_hosts $network) $policy -p tcp --tcp-flags ACK ACK -j ACCEPT run_iptables -A newnotsyn -i $interface $(match_source_hosts $network) $policy -p tcp --tcp-flags ACK ACK -j ACCEPT
run_iptables -A newnotsyn -i $interface $(match_source_hosts $network) $policy -p tcp --tcp-flags RST RST -j ACCEPT run_iptables -A newnotsyn -i $interface $(match_source_hosts $network) $policy -p tcp --tcp-flags RST RST -j ACCEPT
run_iptables -A newnotsyn -i $interface $(match_source_hosts $network) $policy -p tcp --tcp-flags FIN FIN -j ACCEPT run_iptables -A newnotsyn -i $interface $(match_source_hosts $network) $policy -p tcp --tcp-flags FIN FIN -j ACCEPT
run_iptables -A newnotsyn -i $interface $(match_source_hosts ${host#*:}) $policy -j RETURN run_iptables -A newnotsyn -i $interface $(match_source_hosts $network) $policy -j RETURN
done done
run_user_exit newnotsyn run_user_exit newnotsyn

View File

@ -22,7 +22,7 @@
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
# #
VERSION=2.1.10 VERSION=2.1.11
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -1,5 +1,5 @@
%define name shorewall %define name shorewall
%define version 2.1.10 %define version 2.1.11
%define release 1 %define release 1
%define prefix /usr %define prefix /usr
@ -137,6 +137,8 @@ fi
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
%changelog %changelog
* Sun Oct 14 2004 Tom Eastep tom@shorewall.net
- Updated to 2.1.11-1
* Sun Oct 03 2004 Tom Eastep tom@shorewall.net * Sun Oct 03 2004 Tom Eastep tom@shorewall.net
- Updated to 2.1.10-1 - Updated to 2.1.10-1
* Thu Sep 15 2004 Tom Eastep tom@shorewall.net * Thu Sep 15 2004 Tom Eastep tom@shorewall.net

View File

@ -26,7 +26,7 @@
# You may only use this script to uninstall the version # You may only use this script to uninstall the version
# shown below. Simply run this script to remove Seattle Firewall # shown below. Simply run this script to remove Seattle Firewall
VERSION=2.1.10 VERSION=2.1.11
usage() # $1 = exit status usage() # $1 = exit status
{ {