Fix the fix for complex zones

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@776 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

STABLE/changelog.txt

@@ -13,3 +13,5 @@ Changes since 1.4.7
 5) Corrected handling of "complex" zones.
 
 6) Fix tcrules processing.
+
+7) Correct correction for handling of complex zones.

STABLE/firewall

@@ -57,14 +57,18 @@ list_search() # $1 = element to search for , $2-$n = list
 }
 
 #
-# Function to count list elements
+# Functions to count list elements
 #
 list_count() {
     arg_count() {
 	echo $#
     }
 
-    arg_count `separate_list $1`
+    arg_count `separate_list $@`
+}
+
+list_count1() {
+    echo $#
 }
 
 #
@@ -4420,7 +4424,7 @@ activate_rules()
 		    subnet1=${host1#*:}
 
 		    if list_search $host1 $source_hosts && ! list_search $host1 $routeback; then
-			if [ `list_count $source_hosts` -gt 1 ]; then
+			if [ `list_count1 $source_hosts` -gt 1 ]; then
 			    run_iptables -A $frwd_chain -s ! $subnet1 -o $interface1 -d $subnet1 -j $chain
 			fi
 		    else

STABLE/releasenotes.txt

@@ -21,7 +21,7 @@ Problems Corrected since version 1.4.6:
 3) Previously, if the following error message was issued, Shorewall
    was left in an inconsistent state.
 
-   Error: Unable to determine the routes routes through interface xxx
+   Error: Unable to determine the routes through interface xxx
 
 4) Handling of the LOGUNCLEAN option in shorewall.conf has been
    corrected.
@@ -35,7 +35,10 @@ Problems Corrected since version 1.4.6:
 
 6) When the MARK value in a tcrules entry is followed by ":F" or ":P",
    the ":F" or ":P" was previously only applied to the first Netfilter
-   rule generated by the entry. It is now applied to all entries.  
+   rule generated by the entry. It is now applied to all entries.
+
+7) The original fix for item 5) above contained a bug which caused the
+   "<zone>_frwd" chain to have too few rules. That has been corrected.  
 
 Migration Issues: