extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-12 18:54:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Remove dead code from process_actions2() and make user/group actions work

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1518 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2004-07-30 22:33:46 +00:00
parent d05c60b1b7
commit 502a00cc26
3 changed files with 15 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
STABLE2/changelog.txt
View File

@ -44,3 +44,9 @@ Changes in 2.0.7
4) Correct handling of multiple 'blacklist' interfaces.
5) Add "0.0.0.0 RETURN" to nobogons.
Changes in 2.0.8
1) Removed dead code from process_actions2()
2) Corrected read command in process_actions2() (userspec)

46
STABLE2/firewall
View File

@ -2863,47 +2863,6 @@ process_actions1() {
# process the associated action files.
#
process_actions2() {
#
# Process a rule where the source or destination is "all"
#
process_wildcard_rule() {
local yclients yservers ysourcezone ydestzone ypolicy
for yclients in $xclients; do
for yservers in $xservers; do
ysourcezone=${yclients%%:*}
ydestzone=${yservers%%:*}
if [ "${ysourcezone}" != "${ydestzone}" ] ; then
eval ypolicy=\$${ysourcezone}2${ydestzone}_policy
if [ "$ypolicy" != NONE ] ; then
process_action $xaction $xtarget $yclients $yservers $xprotocol $xports $xcports $xratelimit $xuserspec
fi
fi
done
done
}
do_it() {
expandv xclients xservers xprotocol xports xcports xratelimit xuserspec
if [ "x$xclients" = xall ]; then
xclients="$zones $FW"
if [ "x$xservers" = xall ]; then
xservers="$zones $FW"
fi
process_wildcard_rule
continue
fi
if [ "x$xservers" = xall ]; then
xservers="$zones $FW"
process_wildcard_rule
continue
fi
process_action $xaction $xtarget $xclients $xservers $xprotocol $xports $xcports $xratelimit $xuserspec
}
log_action() {
[ "$COMMAND" != check ] && log_rule ${LOGNEWNOTSYN:-info} $1 $2 "" "" -p tcp ! --syn
@ -2981,8 +2940,9 @@ process_actions2() {
fn=$(find_file $f)
echo "Processing $fn..."
while read xtarget xclients xservers xprotocol xports xcports xratelimit $xuserspec; do
do_it
while read xtarget xclients xservers xprotocol xports xcports xratelimit xuserspec ; do
expandv xtarget xclients xservers xprotocol xports xcports xratelimit xuserspec
process_action $xaction $xtarget $xclients $xservers $xprotocol $xports $xcports $xratelimit $xuserspec
done < $TMP_DIR/$f
;;
esac

7
STABLE2/releasenotes.txt
View File

@ -1,4 +1,4 @@
Shorewall 2.0.7
Shorewall 2.0.8
----------------------------------------------------------------------
Problems Corrected in version 2.0.4
@ -114,6 +114,11 @@ New Features in version 2.0.7
default via 192.168.1.254 dev br0
Table default:
-----------------------------------------------------------------------
Problems Corrected in version 2.0.8
1) User/group restricted rules now work in actions.