diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index 144576629..588f67ac4 100755 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -10,5 +10,7 @@ Changes since 1.4.8 5) Change 'norfc1918' logging to log out of chains named 'rfc1918'. -5) Reword the description of NEWNOTSYN in shorewall.conf. +6) Reword the description of NEWNOTSYN in shorewall.conf. + +7) Added MODULE_SUFFIX option to shorewall.conf. diff --git a/Shorewall/firewall b/Shorewall/firewall index 01ac88e51..55b99d6ef 100755 --- a/Shorewall/firewall +++ b/Shorewall/firewall @@ -3124,7 +3124,7 @@ loadmodule() # $1 = module name, $2 - * arguments if [ -z "`lsmod | grep $modulename`" ]; then shift - for suffix in o gz ko o.gz ; do + for suffix in $MODULE_SUFFIX ; do modulefile=$MODULESDIR/${modulename}.${suffix} if [ -f $modulefile ]; then @@ -5059,6 +5059,7 @@ do_initialize() { LOGRULENUMBERS= ADMINISABSENTMINDED= BLACKLISTNEWONLY= + MODULE_SUFFIX= stopping= have_mutex= @@ -5209,6 +5210,8 @@ do_initialize() { fi ADMINISABSENTMINDED=`added_param_value_no ADMINISABSENTMINDED $ADMINISABSENTMINDED` BLACKLISTNEWONLY=`added_param_value_no BLACKLISTNEWONLY $BLACKLISTNEWONLY` + [ -n "$MODULE_SUFFIX" ] || MODULE_SUFFIX="o gz ko o.gz" + # # Strip the files that we use often # diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 6f774e8a1..807f77b4d 100755 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -25,9 +25,31 @@ New Features: 'rfc1918'. Previously, such packets were logged under chains named 'logdrop'. - - - +3) Distributers and developers seem to be regularly inventing new + naming conventions for kernel modules. To avoid the need to change + Shorewall code for each new convention, the MODULE_SUFFIX option has + been added to shorewall.conf. MODULE_SUFFIX may be set to the suffix + for module names in your particular distribution. If MODULE_SUFFIX + is not set in shorewall.conf, Shorewall will use the list "o gz ko + o.gz". + + To see what suffix is used by your distribution: + + ls /lib/modules/`uname -r`/kernel/net/ipv4/netfilter + + IMPORTANT: Those are back single quotes (upper lefthand corner of + your keyboard). + + All of the files listed should have the same suffix (extension). Set + MODULE_SUFFIX to that suffix. + + Examples: + + If all files end in ".kzo" then set MODULE_SUFFIX="kzo" + If all files end in ".kz.o" then set MODULE_SUFFIX="kz.o" + + +