From 2bac824207cfb560a21e1ad5c538310d79319e5a Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Wed, 12 Aug 2009 13:52:56 -0700 Subject: [PATCH] Fix provider number in masq entry --- Shorewall/Perl/Shorewall/Nat.pm | 2 +- Shorewall/Perl/Shorewall/Providers.pm | 1 - Shorewall/changelog.txt | 6 ++++++ Shorewall/releasenotes.txt | 9 +++++++++ manpages/shorewall-masq.xml | 12 +++++++++++- 5 files changed, 27 insertions(+), 3 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Nat.pm b/Shorewall/Perl/Shorewall/Nat.pm index 16b940d83..571bb895a 100644 --- a/Shorewall/Perl/Shorewall/Nat.pm +++ b/Shorewall/Perl/Shorewall/Nat.pm @@ -197,7 +197,7 @@ sub process_one_masq( ) $interface = $1; my $provider = $2; $fullinterface =~ s/[(]\w*[)]//; - my $realm = lookup_provider( $provider ) unless $provider =~ /^\d+$/; + my $realm = lookup_provider( $provider ); fatal_error "$provider is not a shared-interface provider" unless $realm; diff --git a/Shorewall/Perl/Shorewall/Providers.pm b/Shorewall/Perl/Shorewall/Providers.pm index 3da5f5cf5..e4afb6953 100644 --- a/Shorewall/Perl/Shorewall/Providers.pm +++ b/Shorewall/Perl/Shorewall/Providers.pm @@ -780,7 +780,6 @@ sub lookup_provider( $ ) { fatal_error "Unknown provider ($provider)" unless $providerref; } - $providerref->{shared} ? $providerref->{number} : 0; } diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index 0ba343068..13c20f76a 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -6,6 +6,12 @@ Changes in Shorewall 4.4.0 3) Fix log record formatting. +4) Restore ipset binding + +5) Fix 'upnpclient' with required interfaces. + +5) Fix provider number in + Changes in Shorewall 4.4.0-RC2 1) Fix capabilities file with Shorewall6. diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index c1c6b61ef..60298f1d4 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -188,6 +188,15 @@ Shorewall 4.4.0 5) The 'upnpclient' option only worked correctly if 'optional' was also specified for the interface. +6) Where more than one internet provider shares the same external + interface, specifying the provider by number in /etc/shorewall/masq + (e.g., eth1(2)) resulted in the fatal compilation error: + + ERROR: 2 is not a shared-interface provider + + Also, the shorewall-masq (5) man page did not describe the syntax + for specifying the provider. + ---------------------------------------------------------------------------- K N O W N P R O B L E M S R E M A I N I N G ---------------------------------------------------------------------------- diff --git a/manpages/shorewall-masq.xml b/manpages/shorewall-masq.xml index aba5a2f48..de7d88ab6 100644 --- a/manpages/shorewall-masq.xml +++ b/manpages/shorewall-masq.xml @@ -70,6 +70,16 @@ entry that defines ppp+. + Where more that one internet + providers shares a single interface, the provider is + specified by including the provider name or number in + parentheses: + + eth0(Avvanta) + + In that case, you will want to specify the interfaces's + address for that provider in the ADDRESS column. + The interface may be qualified by adding the character ":" followed by a comma-separated list of destination host or subnet addresses to indicate that you only want to change the source IP @@ -80,7 +90,7 @@ If you wish to inhibit the action of ADD_SNAT_ALIASES for this entry then include the ":" but omit the digit: - eth0: + eth0(Avvanta): eth2::192.0.2.32/27 Normally Masq/SNAT rules are evaluated after those for