diff --git a/Shorewall2/fallback.sh b/Shorewall2/fallback.sh index bb10417a4..2c3b02215 100755 --- a/Shorewall2/fallback.sh +++ b/Shorewall2/fallback.sh @@ -28,7 +28,7 @@ # shown below. Simply run this script to revert to your prior version of # Shoreline Firewall. -VERSION=2.0.3 +VERSION=2.1.0 usage() # $1 = exit status { diff --git a/Shorewall2/firewall b/Shorewall2/firewall index 60c2081ae..d25b9511a 100755 --- a/Shorewall2/firewall +++ b/Shorewall2/firewall @@ -1269,7 +1269,7 @@ stop_firewall() { [ -n "$NAT_ENABLED" ] && delete_nat delete_proxy_arp - [ -n "$CLEAR_TC" ] && delete_tc + [ -n "$CLEAR_TC" ] && delete_tc1 [ -n "$DISABLE_IPV6" ] && disable_ipv6 @@ -1354,7 +1354,16 @@ stop_firewall() { iptables -A FORWARD -p udp -i $interface -o $interface --dport 67:68 -j ACCEPT done - setup_forwarding + case "$IP_FORWARDING" in + [Oo][Nn]) + echo 1 > /proc/sys/net/ipv4/ip_forward + echo "IP Forwarding Enabled" + ;; + [Oo][Ff][Ff]) + echo 0 > /proc/sys/net/ipv4/ip_forward + echo "IP Forwarding Disabled!" + ;; + esac run_user_exit stopped @@ -2154,6 +2163,29 @@ delete_tc() done } +delete_tc1() +{ + + clear_one_tc() { + tc qdisc del dev $1 root 2> /dev/null + tc qdisc del dev $1 ingress 2> /dev/null + + } + + run_user_exit tcclear + + run_ip link list | \ + while read inx interface details; do + case $inx in + [0-9]*) + clear_one_tc ${interface%:} + ;; + *) + ;; + esac + done +} + # # Process a record from the accounting file # @@ -2376,7 +2408,7 @@ refresh_tc() { echo "Refreshing Traffic Control Rules..." - [ -n "$CLEAR_TC" ] && delete_tc + [ -n "$CLEAR_TC" ] && delete_tc1 [ -n "$MARK_IN_FORWARD_CHAIN" ] && chain=tcfor || chain=tcpre @@ -5509,7 +5541,7 @@ define_firewall() # $1 = Command (Start or Restart) RESTOREBASE=$(mktempfile /var/lib/shorewall) - [ -n "$RESTOREBASE" ] || fatal_error "Cannot create temporary file in /var/lib/shorewall" + [ -n "$RESTOREBASE" ] || startup_error "Cannot create temporary file in /var/lib/shorewall" echo '#bin/sh' >> $RESTOREBASE save_command "#" diff --git a/Shorewall2/install.sh b/Shorewall2/install.sh index 90321b5ea..b89a2155e 100755 --- a/Shorewall2/install.sh +++ b/Shorewall2/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA # -VERSION=2.0.3 +VERSION=2.1.0 usage() # $1 = exit status { diff --git a/Shorewall2/shorewall.spec b/Shorewall2/shorewall.spec index 89239ab45..c8a512802 100644 --- a/Shorewall2/shorewall.spec +++ b/Shorewall2/shorewall.spec @@ -1,5 +1,5 @@ %define name shorewall -%define version 2.0.3 +%define version 2.1.0 %define release 1 %define prefix /usr @@ -141,8 +141,10 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel %changelog +* Sat Jul 03 2004 Tom Eastep tom@shorewall.net +- Updated to 2.1.0-1 * Wed Jun 23 2004 Tom Eastep tom@shorewall.net -- Updated to 2.0.2-1 +- Updated to 2.0.3-1 * Sat Jun 19 2004 Tom Eastep tom@shorewall.net - Updated to 2.0.2-0RC2 * Tue Jun 15 2004 Tom Eastep tom@shorewall.net diff --git a/Shorewall2/uninstall.sh b/Shorewall2/uninstall.sh index 1a1c746e8..86e9878f0 100755 --- a/Shorewall2/uninstall.sh +++ b/Shorewall2/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Seattle Firewall -VERSION=2.0.3 +VERSION=2.1.0 usage() # $1 = exit status {