mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-24 08:33:40 +01:00
Fix logging nat rules
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1455 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
aed68c56e5
commit
2b3606dd25
@ -8,3 +8,5 @@ Changes since 2.0.3
|
|||||||
3) Correct mktempfile() for case where mktemp isn't installed.
|
3) Correct mktempfile() for case where mktemp isn't installed.
|
||||||
|
|
||||||
4) Implement 'dropInvalid' builtin action.
|
4) Implement 'dropInvalid' builtin action.
|
||||||
|
|
||||||
|
5) Fix logging nat rules.
|
||||||
|
@ -3062,7 +3062,7 @@ add_nat_rule() {
|
|||||||
else
|
else
|
||||||
for adr in $(separate_list $addr); do
|
for adr in $(separate_list $addr); do
|
||||||
if [ -n "$loglevel" ]; then
|
if [ -n "$loglevel" ]; then
|
||||||
log_rule_limit $loglevel $OUTPUT $logtarget "$ratelimit" "$logtag" -t nat \
|
log_rule_limit $loglevel OUTPUT $logtarget "$ratelimit" "$logtag" -t nat \
|
||||||
$(fix_bang $proto $cli $sports $userandgroup -d $adr $multiport $dports)
|
$(fix_bang $proto $cli $sports $userandgroup -d $adr $multiport $dports)
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -3093,7 +3093,7 @@ add_nat_rule() {
|
|||||||
done
|
done
|
||||||
|
|
||||||
if [ -n "$loglevel" ]; then
|
if [ -n "$loglevel" ]; then
|
||||||
log_rule_limit $loglevel $chain $logtarget "$ratelimit" -t nat
|
log_rule_limit $loglevel $chain $logtarget "$ratelimit" "$logtag" -t nat
|
||||||
fi
|
fi
|
||||||
|
|
||||||
addnatrule $chain $ratelimit $proto -j $target1 # Protocol is necessary for port redirection
|
addnatrule $chain $ratelimit $proto -j $target1 # Protocol is necessary for port redirection
|
||||||
|
@ -9,6 +9,9 @@ Problems Corrected since 2.0.3
|
|||||||
2) A potential security vulnerablilty in the way that Shorewall
|
2) A potential security vulnerablilty in the way that Shorewall
|
||||||
handles temporary files and directories has been corrected.
|
handles temporary files and directories has been corrected.
|
||||||
|
|
||||||
|
3) Two problems with logging NAT rules (DNAT and REDIRECT) could cause
|
||||||
|
startup failures.
|
||||||
|
|
||||||
-----------------------------------------------------------------------
|
-----------------------------------------------------------------------
|
||||||
Issues when migrating from Shorewall 2.0 to Shorewall 2.1:
|
Issues when migrating from Shorewall 2.0 to Shorewall 2.1:
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user