Reimplement MAPOLDACTIONS=Yes

Shorewall/Perl/Shorewall/Actions.pm

@@ -265,6 +265,30 @@ sub add_requiredby ( $$ ) {
     $actions{$requires}{requires}{$requiredby} = 1;
 }
 
+#
+# Map pre-3.0 actions to the corresponding Macro invocation
+#
+sub map_old_actions( $ ) {
+    my $target = shift;
+    my $macro;
+    my $param;
+
+    if ( $target =~ /^Allow(.*)$/ ) {
+	$macro = $1;
+	$param = 'ACCEPT';
+    } elsif ( $target =~ /^Drop(.*)$/ ) { 
+	$macro = $1;
+	$param = 'DROP';
+    } elsif ( $target = /^Reject(.*)$/ ) {
+	$macro = $1;
+	$param = 'REJECT';
+    } else {
+	return ( $target, 0, '' );
+    }
+
+    ( $macro, find_macro( $macro ) , $param );
+}
+
 #
 # Create and record a log action chain -- Log action chains have names
 # that are formed from the action name by prepending a "%" and appending

Shorewall/Perl/Shorewall/Config.pm

@@ -2356,11 +2356,11 @@ sub get_configuration( $ ) {
     unsupported_yes_no_warning 'DYNAMIC_ZONES';
     unsupported_yes_no         'BRIDGING';
     unsupported_yes_no_warning 'SAVE_IPSETS';
-    unsupported_yes_no         'MAPOLDACTIONS';
     unsupported_yes_no_warning 'RFC1918_STRICT';
 
     default_yes_no 'STARTUP_ENABLED'            , 'Yes';
     default_yes_no 'DELAYBLACKLISTLOAD'         , '';
+    default_yes_no 'MAPOLDACTIONS'              , 'Yes';
 
     warning_message 'DELAYBLACKLISTLOAD=Yes is not supported by Shorewall ' . $globals{VERSION} if $config{DELAYBLACKLISTLOAD};
 

Shorewall/Perl/Shorewall/Rules.pm

@@ -959,6 +959,10 @@ sub process_rule1 ( $$$$$$$$$$$$$ ) {
     #
     my $actiontype = $targets{$basictarget} || find_macro( $basictarget );
 
+    if ( $config{ MAPOLDACTIONS } ) {
+	( $basictarget, $actiontype , $param ) = map_old_actions( $basictarget ) unless ( $actiontype || $param );
+    }
+
     fatal_error "Unknown action ($action)" unless $actiontype;
 
     if ( $actiontype == MACRO ) {

Shorewall/changelog.txt

@@ -9,6 +9,8 @@ Changes in Shorewall 4.4.2
 4)  Let the Actions module add the builtin actions to
     %Shorewall::Chains::targets. Much better modularization that way.
 
+5)  Some changes to mmake Lenny->Squeeze less painful.
+
 Changes in Shorewall 4.4.1
 
 1)  Deleted extra 'use ...IPAddrs.pm' from Nat.pm.

docs/LennyToSqueeze.xml

@@ -249,26 +249,6 @@
           </listitem>
         </varlistentry>
 
-        <varlistentry>
-          <term>MAPOLDACTIONS</term>
-
-          <listitem>
-            <para>If you have set this option to Yes, you will receive the
-            following error.</para>
-
-            <para><emphasis role="bold">ERROR: MAPOLDACTIONS=Yes is not
-            supported by Shorewall 4.4.x</emphasis></para>
-
-            <para>Only the very oldest of configurations should receive this
-            error. If your configuration is that old, this might be a good
-            time to reconfigure from scratch.</para>
-
-            <para>The alternative is to change your
-            <filename>/etc/shorewall/rules</filename> file as described in the
-            Shorewall 3.0.0 upgrade issues from 2005.</para>
-          </listitem>
-        </varlistentry>
-
         <varlistentry>
           <term>RFC1918_LOG_LEVEL</term>