Revert "Use 'replace' rather than 'add' for routes defined in the routes file."

This reverts commit 215fd9e234.

Conflicts:

	Shorewall/Perl/Shorewall/Providers.pm
This commit is contained in:
Tom Eastep 2013-03-24 14:19:31 -07:00
parent b5ea4067e4
commit 6e5f00062c
2 changed files with 8 additions and 16 deletions

View File

@ -1172,18 +1172,18 @@ sub add_a_route( ) {
if ( $gateway ne '-' ) { if ( $gateway ne '-' ) {
if ( $device ne '-' ) { if ( $device ne '-' ) {
push @$routes, qq(run_ip route replace $dest via $gateway dev $physical table $id); push @$routes, qq(run_ip route add $dest via $gateway dev $physical table $id);
push @$routes, q(echo "$IP ) . qq(-$family route del $dest via $gateway dev $physical table $id > /dev/null 2>&1" >> \${VARDIR}/undo_${provider}_routing) if $number >= DEFAULT_TABLE; push @$routes, q(echo "$IP ) . qq(-$family route del $dest via $gateway dev $physical table $id > /dev/null 2>&1" >> \${VARDIR}/undo_${provider}_routing) if $number >= DEFAULT_TABLE;
} elsif ( $null ) { } elsif ( $null ) {
push @$routes, qq(run_ip route replace $null $dest table $id); push @$routes, qq(run_ip route add $null $dest table $id);
push @$routes, q(echo "$IP ) . qq(-$family route del $null $dest table $id > /dev/null 2>&1" >> \${VARDIR}/undo_${provider}_routing) if $number >= DEFAULT_TABLE; push @$routes, q(echo "$IP ) . qq(-$family route del $null $dest table $id > /dev/null 2>&1" >> \${VARDIR}/undo_${provider}_routing) if $number >= DEFAULT_TABLE;
} else { } else {
push @$routes, qq(run_ip route replace $dest via $gateway table $id); push @$routes, qq(run_ip route add $dest via $gateway table $id);
push @$routes, q(echo "$IP ) . qq(-$family route del $dest via $gateway table $id > /dev/null 2>&1" >> \${VARDIR}/undo_${provider}_routing) if $number >= DEFAULT_TABLE; push @$routes, q(echo "$IP ) . qq(-$family route del $dest via $gateway table $id > /dev/null 2>&1" >> \${VARDIR}/undo_${provider}_routing) if $number >= DEFAULT_TABLE;
} }
} else { } else {
fatal_error "You must specify a device for this route" unless $physical; fatal_error "You must specify a device for this route" unless $physical;
push @$routes, qq(run_ip route replace $dest dev $physical table $id); push @$routes, qq(run_ip route add $dest dev $physical table $id);
push @$routes, q(echo "$IP ) . qq(-$family route del $dest dev $physical table $id > /dev/null 2>&1" >> \${VARDIR}/undo_${provider}_routing) if $number >= DEFAULT_TABLE; push @$routes, q(echo "$IP ) . qq(-$family route del $dest dev $physical table $id > /dev/null 2>&1" >> \${VARDIR}/undo_${provider}_routing) if $number >= DEFAULT_TABLE;
} }

View File

@ -1357,20 +1357,12 @@ dmz 192.168.14.0/26 blackhole
</programlisting> </programlisting>
<para>The above generates the following 3 statements for execution <para>The above generates the following 3 statements for execution
upon Shorewall startup.</para> upon Shorewall startup:</para>
<para>Shorewall 4.5.14:</para>
<programlisting>ip route add blackhole 10.0.0.0/8 table main <programlisting>ip route add blackhole 10.0.0.0/8 table main
ip route add blackhole 82.32.0.0/12 table dmz ip route add blackhole 82.32.0.0/12 table dmz
ip route add blackhole 192.168.14.0/26 table dmz</programlisting> ip route add blackhole 192.168.14.0/26 table dmz</programlisting>
<para>Shorewall 4.5.15 and later:</para>
<programlisting>ip route replace blackhole 10.0.0.0/8 table main
ip route replace blackhole 82.32.0.0/12 table dmz
ip route replace blackhole 192.168.14.0/26 table dmz</programlisting>
<important> <important>
<para>When blackhole routes are added to a <para>When blackhole routes are added to a
<replaceable>provider</replaceable> (including 'main'), <replaceable>provider</replaceable> (including 'main'),
@ -1423,9 +1415,9 @@ dmz 192.168.14.0/26 unreachable
<para>The above generates the following 3 statements for execution <para>The above generates the following 3 statements for execution
upon Shorewall startup:</para> upon Shorewall startup:</para>
<programlisting>ip route replace unreachable 10.0.0.0/8 table main <programlisting>ip route add unreachable 10.0.0.0/8 table main
ip route replace unreachable 82.32.0.0/12 table dmz ip route add unreachable 82.32.0.0/12 table dmz
ip route replace unreachable 192.168.14.0/26 table dmz</programlisting> ip route add unreachable 192.168.14.0/26 table dmz</programlisting>
<important> <important>
<para>When prohibit or unreachable routes are added to a <para>When prohibit or unreachable routes are added to a