From 51a7030fdbf17b8c8c72df6ee8f6597317a944b6 Mon Sep 17 00:00:00 2001 From: teastep Date: Sat, 14 Jun 2003 01:22:46 +0000 Subject: [PATCH] Make INCLUDE work in the zones file git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@590 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall/changelog.txt | 4 +++- Shorewall/functions | 25 ++++++++++--------------- Shorewall/releasenotes.txt | 3 +++ 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index 113dc2712..237e1277d 100755 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -8,6 +8,8 @@ Changes since 1.4.4b rule will take effect only if the original destination address in the connection request does not match any of the addresses listed. - +3) Enhanced processing of the zones file to allow the INCLUDE + directive. + diff --git a/Shorewall/functions b/Shorewall/functions index 746a86657..f2cdaa553 100755 --- a/Shorewall/functions +++ b/Shorewall/functions @@ -90,22 +90,17 @@ determine_zones() multi_display=Multi-zone - if [ -f $zonefile ]; then - zones=`find_zones $zonefile` - zones=`echo $zones` # Remove extra trash - - for zone in $zones; do - dsply=`find_display $zone $zonefile` - eval ${zone}_display=\$dsply - done - else - zones="net local dmz gw" - net_display=Net - local_display=Local - dmz_display=DMZ - gw_display=Gateway - fi + [ -z "$TMP_DIR" ] && TMP_DIR=/tmp + strip_file zones $zonefile + zones=`find_zones $TMP_DIR/zones` + zones=`echo $zones` # Remove extra trash + + for zone in $zones; do + dsply=`find_display $zone $TMP_DIR/zones` + eval ${zone}_display=\$dsply + done + rm -f $TMP_DIR/zones } # diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 65bf2b673..d77f40aaa 100755 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -5,6 +5,9 @@ Problems Corrected: 1) The command "shorewall debug try " now correctly traces the attempt. +2) The INCLUDE directive now works properly in the zones file; + previously, INCLUDE in that file was ignored. + New Features: 1) The ORIGINAL DEST column in a DNAT[-] or REDIRECT[-] rule may now