Include kernel release that changes physdev-out; minor tweak to bridge detection

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5120 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/compiler

@@ -101,7 +101,7 @@ progress_message_and_save()
 indent() {
     if [ -n "$INDENT" ]; then
 	if [ -n "$HAVEAWK" ]; then
-	    eval awk \''BEGIN { indent=1; }; /^[[:space:]]*$/ { print ""; indent=1; next; }; { if (indent == 1) print "'"$INDENT"'" $0; else print; }; { indent=1; }; /\\$/ { indent=0; };'\' $1
+	    eval awk \''BEGIN { indent=1; }; /^\s*$/ { print ""; indent=1; next; }; { if (indent == 1) print "'"$INDENT"'" $0; else print; }; { indent=1; }; /\\$/ { indent=0; };'\' $1
 	else
 	    eval sed \'s\/^/"$INDENT"\/\' $1
 	fi
@@ -3467,7 +3467,7 @@ __EOF__
 
 	for interface in $interfaces; do
 	    if [ -n "$BRIDGING" ]; then
-		is_bridge=$( brctl show $interface 2> /dev/null | grep ^$interface[[:space:]] )
+		is_bridge=$( brctl show 2> /dev/null | grep "^$interface[[:space:]]" )
 		[ -n "$is_bridge" ] && \
 		    do_iptables -A $(forward_chain $interface) -p udp -o $interface --dport 67:68 -j ACCEPT
             fi

Shorewall/releasenotes.txt

@@ -61,7 +61,8 @@ Other Changes in 3.3.6
 3)  Shorewall now uses tc fwmark filters to classify packets for
     traffic shaping when the DEVICE isn't an interface described in
     /etc/shorewall/interfaces. This is in preparation for the upcoming
-    change to the way that --physdev-out works in iptables/Netfilter.
+    change to the way that --physdev-out works in iptables/Netfilter;
+    that change is now scheduled for kernel 2.6.20.
 
 4)  If your kernel and iptables have extended multiport support, then
     Shorewall will use that support for the destination port when