diff --git a/Shorewall-common/changelog.txt b/Shorewall-common/changelog.txt index 7bf9f0598..86b788b45 100644 --- a/Shorewall-common/changelog.txt +++ b/Shorewall-common/changelog.txt @@ -2,6 +2,8 @@ Changes in 4.2.0-Beta1 1) Fix handling of firewall marks. +2) Allow upper-case A-F in hex representation of MARK in tcclasses. + Changes in 4.1.8 1) Fix some parsing issues with absurd configurations. diff --git a/Shorewall-common/releasenotes.txt b/Shorewall-common/releasenotes.txt index 10f12e249..31499f76b 100644 --- a/Shorewall-common/releasenotes.txt +++ b/Shorewall-common/releasenotes.txt @@ -77,11 +77,15 @@ Migration Issues. Problems Corrected in Shorewall 4.2.0 Beta 1 -1) Previously, Shorewall was generating an incorrect tc filter when - MARK values were used in /etc/shorewall/tcclasses (the filter +1) Previously, Shorewall-perl was generating an incorrect tc filter + when MARK values were used in /etc/shorewall/tcclasses (the filter matched when the mark value was equal to the minor class ID rather than the contents of the MARK column). +2) Shorewall-perl now accepts upper case A through F in the MARK + column of the tcclasses file when the mark value is expressed in + hex. Previously, only lower-case A through F were accepted. + Other Changes in Shoreall 4.2.0 Beta 1. New Features in Shorewall 4.2. diff --git a/Shorewall-perl/Shorewall/Tc.pm b/Shorewall-perl/Shorewall/Tc.pm index 546aff5f8..a3411727a 100644 --- a/Shorewall-perl/Shorewall/Tc.pm +++ b/Shorewall-perl/Shorewall/Tc.pm @@ -482,7 +482,7 @@ sub validate_tc_class( $$$$$$ ) { if ( $devref->{classify} ) { warning_message "INTERFACE $device has the 'classify' option - MARK value ($mark) ignored"; } else { - fatal_error "Invalid Mark ($mark)" unless $mark =~ /^([0-9]+|0x[0-9a-f]+)$/ && numeric_value( $mark ) <= 0xff; + fatal_error "Invalid Mark ($mark)" unless $mark =~ /^([0-9]+|0x[0-9a-fA-F]+)$/ && numeric_value( $mark ) <= 0xff; $markval = numeric_value( $mark ); fatal_error "Invalid MARK ($markval)" unless defined $markval;