mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-23 22:58:52 +01:00
Don't clear proxy arp unconditionally
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5456 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
b2644be19e
commit
310a1cb688
@ -6,6 +6,8 @@ Changes in 3.4.0 Final
|
||||
|
||||
3) Fix obscure bug in rule activation logic.
|
||||
|
||||
4) Don't clear proxy arp unconditionally.
|
||||
|
||||
Changes in 3.4.0 RC 3
|
||||
|
||||
1) Add warning about 'loose' and 'balance'
|
||||
|
@ -787,18 +787,18 @@ setup_syn_flood_chains()
|
||||
#
|
||||
delete_proxy_arp() {
|
||||
indent >&3 << __EOF__
|
||||
if [ -f \${VARDIR}/proxyarp ]; then
|
||||
if [ -s \${VARDIR}/proxyarp ]; then
|
||||
while read address interface external haveroute; do
|
||||
qt arp -i \$external -d \$address pub
|
||||
[ -z "\$haveroute" -a -z "\$NOROUTE" ] && qt ip route del \$address dev \$interface
|
||||
done < \${VARDIR}/proxyarp
|
||||
|
||||
rm -f \${VARDIR}/proxyarp
|
||||
for f in /proc/sys/net/ipv4/conf/*; do
|
||||
[ -f \$f/proxy_arp ] && echo 0 > \$f/proxy_arp
|
||||
done
|
||||
fi
|
||||
|
||||
for f in /proc/sys/net/ipv4/conf/*; do
|
||||
[ -f \$f/proxy_arp ] && echo 0 > \$f/proxy_arp
|
||||
done
|
||||
rm -f \${VARDIR}/proxyarp
|
||||
|
||||
__EOF__
|
||||
|
||||
|
@ -42,6 +42,13 @@ Problems Corrected in 3.4.0 Final.
|
||||
3) An obscure bug in rule activation having to do with the new
|
||||
exclusion feature in /etc/shorewall/hosts has been corrected.
|
||||
|
||||
4) The "shorewall-[lite] [re]start and stop" commands reset the
|
||||
proxy_arp flag on all interfaces on the system making it impossible
|
||||
to control proxy arp manually with Shorewall installed. With this
|
||||
change, shorewall will only clear proxy arp if there were entries in
|
||||
/etc/shorewall/proxyarp the last time that Shorewall was
|
||||
[re]started.
|
||||
|
||||
Migration Considerations:
|
||||
|
||||
If you are migrating from a Shorewall version earlier than 3.2.0 then
|
||||
|
Loading…
Reference in New Issue
Block a user