Small optimization in "logmartians" fix. Update manpage to reflect new implementation

Signed-off-by: Tom Eastep <teastep@shorewall.net> git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9786 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2025-03-30 10:06:16 +02:00 · 2009-04-03 14:31:21 +00:00 · 2009-04-03 14:31:21 +00:00 · 54620a962e
commit 54620a962e
parent 8a9af0acf5
2 changed files with 10 additions and 13 deletions
--- a/Shorewall/Perl/Shorewall/Proc.pm
+++ b/Shorewall/Perl/Shorewall/Proc.pm
@ -146,8 +146,9 @@ sub setup_martian_logging() {
 	    emit ( 'for file in /proc/sys/net/ipv4/conf/*; do',
 		   "    [ -f \$file/log_martians ] && echo $val > \$file/log_martians",
 		   'done',
-		   '' ,
-		   'echo 0 > /proc/sys/net/ipv4/conf/all/log_martians' );
+		   '' );
+
+	    emit( 'echo 0 > /proc/sys/net/ipv4/conf/all/log_martians','' ) if $val == 1;
 	}

 	for my $interface ( @$interfaces ) {
@ -170,14 +171,12 @@ sub setup_martian_logging() {
 sub setup_source_routing( $ ) {
    my $family = shift;

-    save_progress_message 'Setting up Accept Source Routing...';
-
    my $interfaces = find_interfaces_by_option 'sourceroute';

    if ( @$interfaces ) {
 	progress_message2 "$doing Accept Source Routing...";

-	save_progress_message 'Setting up Source Routing...';
+	save_progress_message 'Setting up Accept Source Routing...';

 	for my $interface ( @$interfaces ) {
 	    my $file = "/proc/sys/net/ipv$family/conf/$interface/accept_source_route";
--- a/manpages/shorewall.conf.xml
+++ b/manpages/shorewall.conf.xml
@ -769,20 +769,18 @@ net     all  DROP   info</programlisting>then the chain name is 'net2all'
        <listitem>
          <para>If set to <emphasis role="bold">Yes</emphasis> or <emphasis
          role="bold">yes</emphasis>, sets
-          /proc/sys/net/ipv4/conf/all/log_martians and
-          /proc/sys/net/ipv4/conf/default/log_martians to 1. In Shorewall
-          versions prior to 4.1.5, the default is <emphasis
-          role="bold">No</emphasis> which sets both of the above to zero. In
-          Shorewall 4.1.5, the default value was chaned to <emphasis
+          <filename>/proc/sys/net/ipv4/conf/*/log_martians</filename> to 1
+          with the exception of
+          <filename>/proc/sys/net/ipv4/conf/all/log_martians which is set to
+          0</filename>. The default value is <emphasis
          role="bold">Yes</emphasis> which sets both of the above to one. If
          you do not enable martian logging for all interfaces, you may still
          enable it for individual interfaces using the <emphasis
          role="bold">logmartians</emphasis> interface option in <ulink
          url="shorewall-interfaces.html">shorewall-interfaces</ulink>(5).</para>

-          <para>The value <emphasis role="bold">Keep</emphasis> is only
-          allowed under Shorewall-perl. It causes Shorewall to ignore the
-          option. If the option is set to <emphasis
+          <para>The value <emphasis role="bold">Keep</emphasis> causes
+          Shorewall to ignore the option. If the option is set to <emphasis
          role="bold">Yes</emphasis>, then martians are logged on all
          interfaces. If the option is set to <emphasis
          role="bold">No</emphasis>, then martian logging is disabled on all