Fix logging nat rules

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1455 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall2/changelog.txt

@@ -8,3 +8,5 @@ Changes since 2.0.3
 3) Correct mktempfile() for case where mktemp isn't installed.
 
 4) Implement 'dropInvalid' builtin action.
+
+5) Fix logging nat rules.

Shorewall2/firewall

@@ -3062,7 +3062,7 @@ add_nat_rule() {
 	    else
 		for adr in $(separate_list $addr); do
 		    if [ -n "$loglevel" ]; then
-			log_rule_limit $loglevel $OUTPUT $logtarget "$ratelimit" "$logtag" -t nat \
+			log_rule_limit $loglevel OUTPUT $logtarget "$ratelimit" "$logtag" -t nat \
 			    $(fix_bang $proto $cli $sports $userandgroup -d $adr $multiport $dports)
 		    fi
 
@@ -3093,7 +3093,7 @@ add_nat_rule() {
 		done
 
 		if [ -n "$loglevel" ]; then
-		    log_rule_limit $loglevel $chain $logtarget "$ratelimit" -t nat
+		    log_rule_limit $loglevel $chain $logtarget "$ratelimit" "$logtag" -t nat
 		fi
 
 		addnatrule $chain $ratelimit $proto -j $target1 # Protocol is necessary for port redirection

Shorewall2/releasenotes.txt

@@ -9,6 +9,9 @@ Problems Corrected since 2.0.3
 2)  A potential security vulnerablilty in the way that Shorewall
     handles temporary files and directories has been corrected.
 
+3)  Two problems with logging NAT rules (DNAT and REDIRECT) could cause
+    startup failures.
+
 -----------------------------------------------------------------------
 Issues when migrating from Shorewall 2.0 to Shorewall 2.1: