Merge branch '4.5.12'

2024-11-15 20:24:09 +01:00 · 2013-01-12 07:08:54 -08:00 · 2013-01-12 07:08:54 -08:00 · 23a188f765
commit 23a188f765
parent 20b551a1da c61d51363d
13 changed files with 42 additions and 29 deletions
--- a/Shorewall/Perl/Shorewall/Accounting.pm
+++ b/Shorewall/Perl/Shorewall/Accounting.pm
@ -3,7 +3,7 @@
 #
 #     This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
 #
-#     (c) 2007,2008,2009,2010,2011 - Tom Eastep (teastep@shorewall.net)
+#     (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
 #
 #       Complete documentation is available at http://shorewall.net
 #
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@ -3,7 +3,7 @@
 #
 #     This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
 #
-#     (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net)
+#     (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
 #
 #       Complete documentation is available at http://shorewall.net
 #
@ -1419,9 +1419,20 @@ sub delete_chain_and_references( $ ) {
    #  We're going to delete this chain but first, we must delete all references to it.
    #
    my $tableref = $chain_table{$chainref->{table}};
-    my $name1    = $chainref->{name};
-    for ( @{$chainref->{rules}} ) {
-	decrement_reference_count( $tableref->{$_->{target}}, $name1 ) if $_->{target};
+    my $name     = $chainref->{name};
+
+    while ( my ( $chain, $references ) = each %{$chainref->{references}} ) {
+	#
+	# Delete all rules from $chain that have $name as their target
+	#
+	my $chain1ref = $tableref->{$chain};
+	$chain1ref->{rules} = [ grep ( ( $_->{target} || '' ) ne $name, @{$chain1ref->{rules}} ) ];
+    }
+    #
+    # Now decrement the reference count of all targets of this chain's rules
+    #
+    for ( grep $_, ( map( $_->{target}, @{$chainref->{rules}} ) ) ) {
+	decrement_reference_count( $tableref->{$_}, $name );
    }

    delete_chain $chainref;
--- a/Shorewall/Perl/Shorewall/Compiler.pm
+++ b/Shorewall/Perl/Shorewall/Compiler.pm
@ -4,7 +4,7 @@
 #
 #     This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
 #
-#     (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net)
+#     (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
 #
 #	Complete documentation is available at http://shorewall.net
 #
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@ -3,7 +3,7 @@
 #
 #     This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
 #
-#     (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net)
+#     (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
 #
 #       Complete documentation is available at http://shorewall.net
 #
@ -1128,8 +1128,8 @@ sub cleanup() {
 	for ( my $i = @openstack - 1; $i >= 0; $i-- ) {
 	    my $istack = $openstack[$i];
 	    for ( my $j = ( @$istack - 1 ); $j >= 0; $j-- ) {
-		my $info = $istack->[$j];
-		close $info->[0];
+		my $info = $istack->[$j][0];
+		close $info if $info;
 	    }
 	}
    }
--- a/Shorewall/Perl/Shorewall/Misc.pm
+++ b/Shorewall/Perl/Shorewall/Misc.pm
@ -3,7 +3,7 @@
 #
 #     This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
 #
-#     (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net)
+#     (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
 #
 #       Complete documentation is available at http://shorewall.net
 #
--- a/Shorewall/Perl/Shorewall/Nat.pm
+++ b/Shorewall/Perl/Shorewall/Nat.pm
@ -3,7 +3,7 @@
 #
 #     This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
 #
-#     (c) 2007,2008,2009,2010,2011 - Tom Eastep (teastep@shorewall.net)
+#     (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
 #
 #       Complete documentation is available at http://shorewall.net
 #
--- a/Shorewall/Perl/Shorewall/Raw.pm
+++ b/Shorewall/Perl/Shorewall/Raw.pm
@ -3,7 +3,7 @@
 #
 #     This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
 #
-#     (c) 2009,2010,2011 - Tom Eastep (teastep@shorewall.net)
+#     (c) 2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
 #
 #       Complete documentation is available at http://shorewall.net
 #
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@ -3,7 +3,7 @@
 #
 #     This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
 #
-#     (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net)
+#     (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
 #
 #       Complete documentation is available at http://shorewall.net
 #
@ -2385,7 +2385,7 @@ sub process_rule1 ( $$$$$$$$$$$$$$$$$$ ) {
 	    }

 	fatal_error "$basictarget rules are not allowed in the $section SECTION" if $actiontype & ( NATRULE | NONAT );
-	$rule .= "$globals{STATEMATCH} ESTABLISHED" if $section == ESTABLISHED_SECTION;
+	$rule .= "$globals{STATEMATCH} ESTABLISHED " if $section == ESTABLISHED_SECTION;
    }
    #
    # Generate CT rules(s), if any
--- a/Shorewall/Perl/Shorewall/Tc.pm
+++ b/Shorewall/Perl/Shorewall/Tc.pm
@ -3,7 +3,7 @@
 #
 #     This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
 #
-#     (c) 2007,2008,2009,2010,2011 - Tom Eastep (teastep@shorewall.net)
+#     (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net)
 #
 #     Traffic Control is from tc4shorewall Version 0.5
 #     (c) 2005 Arne Bernin <arne@ucbering.de>
--- a/Shorewall/Perl/lib.core
+++ b/Shorewall/Perl/lib.core
@ -1324,4 +1324,4 @@ clear_firewall() {
    logger -p kern.info "$g_product Cleared"
 }

-?endif
+?endif # IPv6-specific functions.
--- a/docs/configuration_file_basics.xml
+++ b/docs/configuration_file_basics.xml
@ -18,7 +18,7 @@
    <pubdate><?dbtimestamp format="Y/m/d"?></pubdate>

    <copyright>
-      <year>2001-2012</year>
+      <year>2001-2013</year>

      <holder>Thomas M. Eastep</holder>
    </copyright>
--- a/docs/traffic_shaping.xml
+++ b/docs/traffic_shaping.xml
@ -24,7 +24,7 @@
    <pubdate><?dbtimestamp format="Y/m/d"?></pubdate>

    <copyright>
-      <year>2001-2009</year>
+      <year>2001-2013</year>

      <holder>Thomas M. Eastep</holder>
    </copyright>
@ -223,10 +223,10 @@
    <para>This screen shot shows how I configured QoS in a 2.6.16
    Kernel:</para>

-    <graphic align="center" fileref="images/traffic_shaping2.6.png"/>
+    <graphic align="center" fileref="images/traffic_shaping2.6.png" />

    <para>And here's my recommendation for a 2.6.21 kernel:<graphic
-    align="center" fileref="images/traffic_shaping2.6.21.png"/></para>
+    align="center" fileref="images/traffic_shaping2.6.21.png" /></para>
  </section>

  <section id="Shorewall">
@ -497,7 +497,7 @@
      </itemizedlist>

      <example id="Example0">
-        <title/>
+        <title></title>

        <para>Suppose you are using PPP over Ethernet (DSL) and ppp0 is the
        interface for this. The device has an outgoing bandwidth of 500kbit
@ -1254,7 +1254,7 @@ ppp0           6000kbit         500kbit</programlisting>
      </itemizedlist>

      <example id="Example1">
-        <title/>
+        <title></title>

        <para>All packets arriving on eth1 should be marked with 1. All
        packets arriving on eth2 and eth3 should be marked with 2. All packets
@ -1268,7 +1268,7 @@ ppp0           6000kbit         500kbit</programlisting>
      </example>

      <example id="Example2">
-        <title/>
+        <title></title>

        <para>All GRE (protocol 47) packets destined for 155.186.235.151
        should be marked with 12.</para>
@ -1278,7 +1278,7 @@ ppp0           6000kbit         500kbit</programlisting>
      </example>

      <example id="Example3">
-        <title/>
+        <title></title>

        <para>All SSH request packets originating in 192.168.1.0/24 and
        destined for 155.186.235.151 should be marked with 22.</para>
@ -1288,7 +1288,7 @@ ppp0           6000kbit         500kbit</programlisting>
      </example>

      <example id="Example4">
-        <title/>
+        <title></title>

        <para>All SSH packets packets going out of the first device in in
        /etc/shorewall/tcdevices should be assigned to the class with mark
@ -1301,7 +1301,7 @@ ppp0           6000kbit         500kbit</programlisting>
      </example>

      <example id="Example5">
-        <title/>
+        <title></title>

        <para>Mark all ICMP echo traffic with packet mark 1. Mark all peer to
        peer traffic with packet mark 4.</para>
@ -1334,7 +1334,7 @@ SAVE     0.0.0.0/0      0.0.0.0/0       all        -             -        -
      </example>

      <example>
-        <title/>
+        <title></title>

        <para>Mark all forwarded VOIP connections with connection mark 1 and
        ensure that all VOIP packets also receive that mark (assumes that
--- a/docs/upgrade_issues.xml
+++ b/docs/upgrade_issues.xml
@ -33,9 +33,11 @@

      <year>2012</year>

+      <year>2013</year>
+
      <holder>Thomas M. Eastep</holder>

-      <holder/>
+      <holder></holder>
    </copyright>

    <legalnotice>
@ -163,7 +165,7 @@
          <para>?ENDIF.</para>
        </blockquote>

-        <para/>
+        <para></para>
      </listitem>

      <listitem>