Fix the fix for complex zones

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@776 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2003-10-22 23:24:58 +00:00
parent 7bb80bf3fe
commit 464ac9a031
3 changed files with 14 additions and 5 deletions

View File

@ -13,3 +13,5 @@ Changes since 1.4.7
5) Corrected handling of "complex" zones. 5) Corrected handling of "complex" zones.
6) Fix tcrules processing. 6) Fix tcrules processing.
7) Correct correction for handling of complex zones.

View File

@ -57,14 +57,18 @@ list_search() # $1 = element to search for , $2-$n = list
} }
# #
# Function to count list elements # Functions to count list elements
# #
list_count() { list_count() {
arg_count() { arg_count() {
echo $# echo $#
} }
arg_count `separate_list $1` arg_count `separate_list $@`
}
list_count1() {
echo $#
} }
# #
@ -4420,7 +4424,7 @@ activate_rules()
subnet1=${host1#*:} subnet1=${host1#*:}
if list_search $host1 $source_hosts && ! list_search $host1 $routeback; then if list_search $host1 $source_hosts && ! list_search $host1 $routeback; then
if [ `list_count $source_hosts` -gt 1 ]; then if [ `list_count1 $source_hosts` -gt 1 ]; then
run_iptables -A $frwd_chain -s ! $subnet1 -o $interface1 -d $subnet1 -j $chain run_iptables -A $frwd_chain -s ! $subnet1 -o $interface1 -d $subnet1 -j $chain
fi fi
else else

View File

@ -21,7 +21,7 @@ Problems Corrected since version 1.4.6:
3) Previously, if the following error message was issued, Shorewall 3) Previously, if the following error message was issued, Shorewall
was left in an inconsistent state. was left in an inconsistent state.
Error: Unable to determine the routes routes through interface xxx Error: Unable to determine the routes through interface xxx
4) Handling of the LOGUNCLEAN option in shorewall.conf has been 4) Handling of the LOGUNCLEAN option in shorewall.conf has been
corrected. corrected.
@ -37,6 +37,9 @@ Problems Corrected since version 1.4.6:
the ":F" or ":P" was previously only applied to the first Netfilter the ":F" or ":P" was previously only applied to the first Netfilter
rule generated by the entry. It is now applied to all entries. rule generated by the entry. It is now applied to all entries.
7) The original fix for item 5) above contained a bug which caused the
"<zone>_frwd" chain to have too few rules. That has been corrected.
Migration Issues: Migration Issues:
None. None.