extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-15 02:41:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

Minor changes in rules activation; document single release notes

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4725 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-10-23 15:44:59 +00:00
parent 012fe36313
commit 2157327399
2 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
Shorewall/compiler
View File

@ -4048,7 +4048,7 @@ activate_rules()
} }
# #
# Jump to a RULES chain from one of the builtin nat chains. These jumps are # Jump to a RULES chain from one of the builtin nat chains. These jumps
# are inserted before jumps to one-to-one NAT chains. # are inserted before jumps to one-to-one NAT chains.
# #
addrulejump() # $1 = BUILTIN chain, $2 = user chain, $3 - * other arguments addrulejump() # $1 = BUILTIN chain, $2 = user chain, $3 - * other arguments
@ -4081,7 +4081,7 @@ activate_rules()
# #
insert_exclusions() # $1 = table $2 = chain name, $3 - $n = exclusions insert_exclusions() # $1 = table $2 = chain name, $3 - $n = exclusions
{ {
local t=$1 c=$2 num=0 local t=$1 c=$2 num=0 host1 interface1 networks1
shift 2 shift 2
@ -4097,18 +4097,19 @@ activate_rules()
# #
add_exclusions() # $1 = table $2 = chain name, $3 - $n = exclusions add_exclusions() # $1 = table $2 = chain name, $3 - $n = exclusions
{ {
local t=$1 c=$2 local t=$1 c=$2 host1 interface1 networks1
shift 2 shift 2
for host1 in $*; do for host1 in $*; do
interface1=${host1%%:*} interface1=${host1%%:*}
networks1=${host1#*:} networks1=${host1#*:}
num=$(($num + 1))
run_iptables -t $t -A $c -o $interface1 -d $networks1 -j RETURN run_iptables -t $t -A $c -o $interface1 -d $networks1 -j RETURN
done done
} }
# #
# E x e c u t i o n S t a r t s H e r e
#
# Add jumps to early SNAT chains # Add jumps to early SNAT chains
# #
for interface in $ALL_INTERFACES; do for interface in $ALL_INTERFACES; do
@ -4356,22 +4357,18 @@ activate_rules()
;; ;;
esac esac
done done
# #
# $dest_zones is now the (possibly condensed) list of destination zones that we need to handle from this source zone # $dest_zones is now the (possibly condensed) list of destination zones that we need to handle from this source zone
# #
for zone1 in $dest_zones; do for zone1 in $dest_zones; do
eval policy=\$${zone}2${zone1}_policy eval policy=\$${zone}2${zone1}_policy
[ "$policy" = NONE ] && continue
eval dest_hosts=\$${zone1}_hosts eval dest_hosts=\$${zone1}_hosts
eval exclusions1=\"\$${zone1}_exclusions\" eval exclusions1=\"\$${zone1}_exclusions\"
chain="$(rules_chain $zone $zone1)" chain="$(rules_chain $zone $zone1)"
[ -z "$chain" ] && continue # CONTINUE policy and there is no canonical chain.
[ -n "$DYNAMIC_ZONES" ] && echo "$zone $zone1 $chain" >> $STATEDIR/chains [ -n "$DYNAMIC_ZONES" ] && echo "$zone $zone1 $chain" >> $STATEDIR/chains
if [ $zone = $zone1 ]; then if [ $zone = $zone1 ]; then

3
Shorewall/releasenotes.txt
View File

@ -42,6 +42,9 @@ Other Changes in 3.3.4.
addr ls". The second produces a report about your routing rules and addr ls". The second produces a report about your routing rules and
tables. tables.
2) Beginning with this release, Shorewall and Shorewall Lite will
share common change logs and release notes.
Migration Considerations: Migration Considerations:
1) Shorewall supports the notion of "default actions". A default 1) Shorewall supports the notion of "default actions". A default