Copy latest development version from Shorewall2/

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2269 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/bogons

@@ -45,24 +45,19 @@
 36.0.0.0/7		logdrop		# Reserved
 39.0.0.0/8		logdrop		# Reserved
 42.0.0.0/8		logdrop		# Reserved
-49.0.0.0/8		logdrop		# JTC - Returned to IANA Mar 98
+77.0.0.0/8		logdrop		# Reserved
-50.0.0.0/8		logdrop		# JTC - Returned to IANA Mar 98
+78.0.0.0/7		logdrop		# Reserved
-74.0.0.0/7		logdrop		# Reserved
-76.0.0.0/6		logdrop		# Reserved
-89.0.0.0/8		logdrop		# Reserved
-90.0.0.0/7		logdrop		# Reserved
 92.0.0.0/6		logdrop		# Reserved
-96.0.0.0/3		logdrop		# Reserved
+96.0.0.0/4		logdrop		# Reserved
-127.0.0.0/8		logdrop		# Loopback
+112.0.0.0/5		logdrop		# Reserved
+120.0.0.0/6		logdrop		# Reserved
+127.0.0.0/8		logdrop		# Reserved
 173.0.0.0/8		logdrop		# Reserved
 174.0.0.0/7		logdrop		# Reserved
 176.0.0.0/5		logdrop		# Reserved
 184.0.0.0/6		logdrop		# Reserved
-189.0.0.0/8		logdrop		# Reserved
-190.0.0.0/8		logdrop		# Reserved
 197.0.0.0/8		logdrop		# Reserved
-198.18.0.0/15		logdrop		# Reserved
+223.0.0.0/8		logdrop		# Reserved
-223.0.0.0/8		logdrop		# Reserved - Returned by APNIC in 2003
 240.0.0.0/4		logdrop		# Reserved
 #
 # End of generated entries

Shorewall/firewall

@@ -974,7 +974,7 @@ validate_interfaces_file() {
     local found_obsolete_option=
     local z interface networks options r iface option
 
-    while read z interface networks options gateway; do
+    while read z interface networks options; do
 	expandv z interface networks options
 	r="$z $interface $networks $options"
 
@@ -1024,14 +1024,6 @@ validate_interfaces_file() {
 		    ;;
 	    esac
 	done
-
-	if [ -n "$gateway" ]; then
-	    if ! list_search default $options; then
-		error_message "Warning: GATEWAY ignored when the 'default' option is not given: \"$r\""
-	    fi
-
-	    eval ${iface}_gateway=$gateway
-	fi
     done < $TMP_DIR/interfaces
     
     [ -z "$ALL_INTERFACES" ] && startup_error "No Interfaces Defined"
@@ -4660,11 +4652,13 @@ process_rule() # $1 = target
 	    expandv logtag
 	fi
 
-	if [ "$loglevel" = none ]; then
+	case $loglevel in
-	    [ "$target" = LOG ] && return
+	    none*)
-	    loglevel=
+		loglevel=
-	    logtag=
+		logtag=
-	fi
+		[ $target = LOG ] && return
+		;;
+	esac
 
 	loglevel=${loglevel%\!}	
     fi
@@ -7090,9 +7084,13 @@ apply_policy_rules() {
 		    ;;
 	    esac
 
-	    [ -n "$synparams" ] && \
+	    if [ -n "$synparams" ]; then
-		[ $policy = ACCEPT -o $policy = CONTINUE ] && \
+		case $policy in
-		run_iptables -I $chain 2 -p tcp --syn -j @$chain
+		    ACCEPT|CONTINUE|QUEUE)
+			run_iptables -I $chain 2 -p tcp --syn -j @$chain
+			;;
+		esac
+	    fi
 	fi
 
     done

Shorewall/functions

@@ -268,6 +268,7 @@ reload_kernel_modules() {
 find_zones() # $1 = name of the zone file
 {
     while read zone display comments; do
+	expandv zone display
 	[ -n "$zone" ] && case "$zone" in
 	    [0-9*])
                 echo "   Warning: Illegal zone name \"$zone\" in zones file ignored" 2>&2

Shorewall/init.sh

@@ -34,7 +34,11 @@ RCDLINKS="2,S41 3,S41 6,K41"
 #	   shorewall stop			  Stops the firewall
 #	   shorewall status			  Displays firewall status
 #
-#### BEGIN INIT INFO
+
+# chkconfig: 2345 25 90
+# description: Packet filtering firewall
+
+### BEGIN INIT INFO
 # Provides:	  shorewall
 # Required-Start: $network
 # Required-Stop:
@@ -43,10 +47,6 @@ RCDLINKS="2,S41 3,S41 6,K41"
 # Description:	  starts and stops the shorewall firewall
 ### END INIT INFO
 
-# chkconfig: 2345 25 90
-# description: Packet filtering firewall
-#
-
 ################################################################################
 # Give Usage Information						       #
 ################################################################################