diff --git a/Shorewall/Perl/Shorewall/Accounting.pm b/Shorewall/Perl/Shorewall/Accounting.pm index 17fbbdfb6..904a5076a 100644 --- a/Shorewall/Perl/Shorewall/Accounting.pm +++ b/Shorewall/Perl/Shorewall/Accounting.pm @@ -3,7 +3,7 @@ # # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # -# (c) 2007,2008,2009,2010,2011 - Tom Eastep (teastep@shorewall.net) +# (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net) # # Complete documentation is available at http://shorewall.net # diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm index f16b53fca..b50dd23c0 100644 --- a/Shorewall/Perl/Shorewall/Chains.pm +++ b/Shorewall/Perl/Shorewall/Chains.pm @@ -3,7 +3,7 @@ # # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # -# (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net) +# (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net) # # Complete documentation is available at http://shorewall.net # @@ -1419,9 +1419,20 @@ sub delete_chain_and_references( $ ) { # We're going to delete this chain but first, we must delete all references to it. # my $tableref = $chain_table{$chainref->{table}}; - my $name1 = $chainref->{name}; - for ( @{$chainref->{rules}} ) { - decrement_reference_count( $tableref->{$_->{target}}, $name1 ) if $_->{target}; + my $name = $chainref->{name}; + + while ( my ( $chain, $references ) = each %{$chainref->{references}} ) { + # + # Delete all rules from $chain that have $name as their target + # + my $chain1ref = $tableref->{$chain}; + $chain1ref->{rules} = [ grep ( ( $_->{target} || '' ) ne $name, @{$chain1ref->{rules}} ) ]; + } + # + # Now decrement the reference count of all targets of this chain's rules + # + for ( grep $_, ( map( $_->{target}, @{$chainref->{rules}} ) ) ) { + decrement_reference_count( $tableref->{$_}, $name ); } delete_chain $chainref; diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm index cdd2be4b3..c26c4ea4a 100644 --- a/Shorewall/Perl/Shorewall/Compiler.pm +++ b/Shorewall/Perl/Shorewall/Compiler.pm @@ -4,7 +4,7 @@ # # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # -# (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net) +# (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net) # # Complete documentation is available at http://shorewall.net # diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 2f4095028..e47e2a300 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -3,7 +3,7 @@ # # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # -# (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net) +# (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net) # # Complete documentation is available at http://shorewall.net # @@ -1128,8 +1128,8 @@ sub cleanup() { for ( my $i = @openstack - 1; $i >= 0; $i-- ) { my $istack = $openstack[$i]; for ( my $j = ( @$istack - 1 ); $j >= 0; $j-- ) { - my $info = $istack->[$j]; - close $info->[0]; + my $info = $istack->[$j][0]; + close $info if $info; } } } diff --git a/Shorewall/Perl/Shorewall/Misc.pm b/Shorewall/Perl/Shorewall/Misc.pm index 9ca14dc1c..15776d60e 100644 --- a/Shorewall/Perl/Shorewall/Misc.pm +++ b/Shorewall/Perl/Shorewall/Misc.pm @@ -3,7 +3,7 @@ # # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # -# (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net) +# (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net) # # Complete documentation is available at http://shorewall.net # diff --git a/Shorewall/Perl/Shorewall/Nat.pm b/Shorewall/Perl/Shorewall/Nat.pm index 2c5a6b4c1..a9d4b590e 100644 --- a/Shorewall/Perl/Shorewall/Nat.pm +++ b/Shorewall/Perl/Shorewall/Nat.pm @@ -3,7 +3,7 @@ # # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # -# (c) 2007,2008,2009,2010,2011 - Tom Eastep (teastep@shorewall.net) +# (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net) # # Complete documentation is available at http://shorewall.net # diff --git a/Shorewall/Perl/Shorewall/Raw.pm b/Shorewall/Perl/Shorewall/Raw.pm index 777f509c9..073e36676 100644 --- a/Shorewall/Perl/Shorewall/Raw.pm +++ b/Shorewall/Perl/Shorewall/Raw.pm @@ -3,7 +3,7 @@ # # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # -# (c) 2009,2010,2011 - Tom Eastep (teastep@shorewall.net) +# (c) 2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net) # # Complete documentation is available at http://shorewall.net # diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index 95c0a1f47..e8df13852 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -3,7 +3,7 @@ # # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # -# (c) 2007,2008,2009,2010,2011,2012 - Tom Eastep (teastep@shorewall.net) +# (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net) # # Complete documentation is available at http://shorewall.net # @@ -2385,7 +2385,7 @@ sub process_rule1 ( $$$$$$$$$$$$$$$$$$ ) { } fatal_error "$basictarget rules are not allowed in the $section SECTION" if $actiontype & ( NATRULE | NONAT ); - $rule .= "$globals{STATEMATCH} ESTABLISHED" if $section == ESTABLISHED_SECTION; + $rule .= "$globals{STATEMATCH} ESTABLISHED " if $section == ESTABLISHED_SECTION; } # # Generate CT rules(s), if any diff --git a/Shorewall/Perl/Shorewall/Tc.pm b/Shorewall/Perl/Shorewall/Tc.pm index 223039bab..d16b5ce17 100644 --- a/Shorewall/Perl/Shorewall/Tc.pm +++ b/Shorewall/Perl/Shorewall/Tc.pm @@ -3,7 +3,7 @@ # # This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] # -# (c) 2007,2008,2009,2010,2011 - Tom Eastep (teastep@shorewall.net) +# (c) 2007,2008,2009,2010,2011,2012,2013 - Tom Eastep (teastep@shorewall.net) # # Traffic Control is from tc4shorewall Version 0.5 # (c) 2005 Arne Bernin diff --git a/Shorewall/Perl/lib.core b/Shorewall/Perl/lib.core index 923806a87..f92172cce 100644 --- a/Shorewall/Perl/lib.core +++ b/Shorewall/Perl/lib.core @@ -1324,4 +1324,4 @@ clear_firewall() { logger -p kern.info "$g_product Cleared" } -?endif +?endif # IPv6-specific functions. diff --git a/docs/configuration_file_basics.xml b/docs/configuration_file_basics.xml index fc70b3f45..6c9db9e5c 100644 --- a/docs/configuration_file_basics.xml +++ b/docs/configuration_file_basics.xml @@ -18,7 +18,7 @@ - 2001-2012 + 2001-2013 Thomas M. Eastep diff --git a/docs/traffic_shaping.xml b/docs/traffic_shaping.xml index 44af6dbc2..c461bd85e 100644 --- a/docs/traffic_shaping.xml +++ b/docs/traffic_shaping.xml @@ -24,7 +24,7 @@ - 2001-2009 + 2001-2013 Thomas M. Eastep @@ -223,10 +223,10 @@ This screen shot shows how I configured QoS in a 2.6.16 Kernel: - + And here's my recommendation for a 2.6.21 kernel: + align="center" fileref="images/traffic_shaping2.6.21.png" />
@@ -497,7 +497,7 @@ - + <title> Suppose you are using PPP over Ethernet (DSL) and ppp0 is the interface for this. The device has an outgoing bandwidth of 500kbit @@ -1254,7 +1254,7 @@ ppp0 6000kbit 500kbit - + <title> All packets arriving on eth1 should be marked with 1. All packets arriving on eth2 and eth3 should be marked with 2. All packets @@ -1268,7 +1268,7 @@ ppp0 6000kbit 500kbit - + <title> All GRE (protocol 47) packets destined for 155.186.235.151 should be marked with 12. @@ -1278,7 +1278,7 @@ ppp0 6000kbit 500kbit - + <title> All SSH request packets originating in 192.168.1.0/24 and destined for 155.186.235.151 should be marked with 22. @@ -1288,7 +1288,7 @@ ppp0 6000kbit 500kbit - + <title> All SSH packets packets going out of the first device in in /etc/shorewall/tcdevices should be assigned to the class with mark @@ -1301,7 +1301,7 @@ ppp0 6000kbit 500kbit - + <title> Mark all ICMP echo traffic with packet mark 1. Mark all peer to peer traffic with packet mark 4. @@ -1334,7 +1334,7 @@ SAVE 0.0.0.0/0 0.0.0.0/0 all - - - - + <title> Mark all forwarded VOIP connections with connection mark 1 and ensure that all VOIP packets also receive that mark (assumes that diff --git a/docs/upgrade_issues.xml b/docs/upgrade_issues.xml index 851786cbe..f10b5b23b 100644 --- a/docs/upgrade_issues.xml +++ b/docs/upgrade_issues.xml @@ -33,9 +33,11 @@ 2012 + 2013 + Thomas M. Eastep - + @@ -163,7 +165,7 @@ ?ENDIF. - +