From 5fb079b6f3c775fdb8c638c4eb8686300b1f32eb Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Tue, 9 Jul 2002 21:21:28 +0000
Subject: [PATCH] Rename DETECT_IPADDRS to DETECT_DNAT_IPADDRS

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@129 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall/firewall       |  6 +++---
 Shorewall/shorewall.conf | 10 ++++++----
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/Shorewall/firewall b/Shorewall/firewall
index 5b682a09e..33ba3f5ec 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -1490,7 +1490,7 @@ add_nat_rule() {
 	    ;;
 	detect)
 	   addr=
-           if [ -n "$DETECT_IPADDRS" && "$source"! = "$FW" ]; then
+           if [ -n "$DETECT_DNAT_IPADDRS" -a "$source" != "$FW" ]; then
 	       eval interfaces=\$${source}_interfaces
 	       for interface in $interfaces; do
 		   addr="`find_interface_address $interface` $addr"
@@ -3313,7 +3313,7 @@ do_initialize() {
     ROUTE_FILTER=
     NAT_BEFORE_RULES=
     MULTIPORT=
-    DETECT_IPADDRS=
+    DETECT_DNAT_IPADDRS=
     stopping=
     have_mutex=
     masq_seq=1
@@ -3387,7 +3387,7 @@ do_initialize() {
     ROUTE_FILTER=`added_param_value_no ROUTE_FILTER $ROUTE_FILTER`
     NAT_BEFORE_RULES=`added_param_value_yes NAT_BEFORE_RULES $NAT_BEFORE_RULES`
     MULTIPORT=`added_param_value_no MULTIPORT $MULTIPORT`
-    DETECT_IPADDRS=`added_param_value_no DETECT_IPADDRS $DETECT_IPADDRS`
+    DETECT_DNAT_IPADDRS=`added_param_value_no DETECT_DNAT_IPADDRS $DETECT_DNAT_IPADDRS`
 }
 
 ################################################################################
diff --git a/Shorewall/shorewall.conf b/Shorewall/shorewall.conf
index 79476c86e..8e415db05 100755
--- a/Shorewall/shorewall.conf
+++ b/Shorewall/shorewall.conf
@@ -228,7 +228,7 @@ NAT_BEFORE_RULES=Yes
 
 MULTIPORT=No
 
-# IP ADDRESS DETECTION
+# DNAT IP Address Detection
 #
 # Normally when Shorewall encounters the following rule:
 #
@@ -251,10 +251,12 @@ MULTIPORT=No
 # rule will forward connection requests on all of these addresses; 
 # that may not be what is desired.
 #
-# By setting DETECT_IPADDRS=Yes, rules such as the above will apply
+# By setting DETECT_DNAT_IPADDRS=Yes, rules such as the above will apply
 # only if the original destination address is the primary IP address of
-# one of the interfaces associated with the source zone.
+# one of the interfaces associated with the source zone. Note that this
+# requires all interfaces to the source zone to be up when the firewall
+# is [re]started. 
 
-DETECT_IPADDRS=No
+DETECT_DNAT_IPADDRS=No
 
 #LAST LINE -- DO NOT REMOVE