Eliminate trailing whitespace

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6968 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2024-11-27 18:13:13 +01:00 · 2007-07-26 18:36:18 +00:00 · 2007-07-26 18:36:18 +00:00 · 767fea403a
commit 767fea403a
parent a7786b5a2f
21 changed files with 218 additions and 218 deletions
--- a/Shorewall-perl/README.txt
+++ b/Shorewall-perl/README.txt
@ -1,2 +1,2 @@
 This is the Shorewall-perl Stable 4.0 branch of SVN.
- 
+
--- a/Shorewall-perl/Shorewall/Accounting.pm
+++ b/Shorewall-perl/Shorewall/Accounting.pm
@ -43,7 +43,7 @@ our $VERSION = 4.00;
 #                       initialize() function does globals initialization for this
 #                       module and is called from an INIT block below. The function is
 #                       also called by Shorewall::Compiler::compiler at the beginning of
-#                       the second and subsequent calls to that function. 
+#                       the second and subsequent calls to that function.
 #
 sub initialize() {
@ -59,7 +59,7 @@ INIT {
 # Accounting
 #
 sub process_accounting_rule( $$$$$$$$$ ) {
-    
+
    our $jumpchainref;
    my ($action, $chain, $source, $dest, $proto, $ports, $sports, $user, $mark ) = @_;
@ -163,7 +163,7 @@ sub process_accounting_rule( $$$$$$$$$ ) {
 }
 sub setup_accounting() {
-    
+
    my $first_entry = 1;
    my $fn = open_file 'accounting';
--- a/Shorewall-perl/Shorewall/Actions.pm
+++ b/Shorewall-perl/Shorewall/Actions.pm
@ -88,7 +88,7 @@ our %macros;
 #                       initialize() function does globals initialization for this
 #                       module and is called from an INIT block below. The function is
 #                       also called by Shorewall::Compiler::compiler at the beginning of
-#                       the second and subsequent calls to that function. 
+#                       the second and subsequent calls to that function.
 #
 sub initialize() {
@ -276,7 +276,7 @@ sub createlogactionchain( $$ ) {
    mark_referenced $chainref; # Just in case the action body is empty.
    unless ( $targets{$action} & STANDARD ) {
-	
+
 	my $file = find_file $chain;
 	if ( -f $file ) {
@ -298,13 +298,13 @@ sub createlogactionchain( $$ ) {
 sub createsimpleactionchain( $ ) {
    my $action  = shift;
    my $chainref = new_chain 'filter', $action;
-    
+
    $logactionchains{"$action:none"} = $chainref;
-	
+
    mark_referenced $chainref; # Just in case the action body is empty.
    unless ( $targets{$action} & STANDARD ) {
-	
+
 	my $file = find_file $action;
 	if ( -f $file ) {
@ -395,15 +395,15 @@ sub process_macro1 ( $$ ) {
 	fatal_error "Invalid target ($mtarget)"
 	    unless ( $targettype == STANDARD ) || ( $mtarget eq 'PARAM' ) || ( $mtarget eq 'LOG' );
    }
-    
+
    progress_message "   ..End Macro $macrofile";
-    
+
    pop_open;
 }
 sub process_action1 ( $$ ) {
    my ( $action, $wholetarget ) = @_;
-    
+
    my ( $target, $level ) = split_action $wholetarget;
    $level = 'none' unless $level;
@ -412,9 +412,9 @@ sub process_action1 ( $$ ) {
    if ( defined $targettype ) {
 	return if ( $targettype == STANDARD ) || ( $targettype == MACRO ) || ( $targettype & LOGRULE );
-	
+
 	fatal_error "Invalid TARGET ($target)" if $targettype & STANDARD;
-	
+
 	fatal_error "An action may not invoke itself" if $target eq $action;
 	add_requiredby $wholetarget, $action if $targettype & ACTION;
@ -438,7 +438,7 @@ sub process_action1 ( $$ ) {
 	}
    }
 }
-   
+
 sub process_actions1() {
    progress_message2 "Preprocessing Action Files...";
@ -548,7 +548,7 @@ sub process_macro3( $$$$$$$$$$$ ) {
    my $standard = ( $fn =~ /^($globals{SHAREDIR})/ );
    while ( read_a_line ) {
-	
+
 	my ( $mtarget, $msource, $mdest, $mproto, $mports, $msports, $mrate, $muser ) = split_line 1, 8, 'macro file';
 	if ( $mtarget =~ /^PARAM:?/ ) {
@ -581,7 +581,7 @@ sub process_macro3( $$$$$$$$$$$ ) {
 	} else {
 	    $mdest = '';
 	}
-	
+
 	$mdest   = '' if $mdest eq '-';
 	$mproto  = merge_macro_column $mproto,  $proto;
@ -589,12 +589,12 @@ sub process_macro3( $$$$$$$$$$$ ) {
 	$msports = merge_macro_column $msports, $sports;
 	$mrate   = merge_macro_column $mrate,   $rate;
 	$muser   = merge_macro_column $muser,   $user;
-	
+
 	process_action $chainref, $action, $mtarget, $msource, $mdest, $mproto, $mports, $msports, $mrate, $muser;
    }
    pop_open;
-    
+
    progress_message '..End Macro'
 }
@ -672,7 +672,7 @@ sub process_actions3 () {
 	    add_command $chainref, 'done';
 	    log_rule_limit $level, $chainref, 'dropBcast' , 'DROP', '', $tag, 'add', ' -d 224.0.0.0/4' if $level ne '';
-	}   
+	}
 	add_rule $chainref, '-d 224.0.0.0/4 -j DROP';
    }
--- a/Shorewall-perl/Shorewall/Chains.pm
+++ b/Shorewall-perl/Shorewall/Chains.pm
@ -20,7 +20,7 @@
 #       along with this program; if not, write to the Free Software
 #       Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #
-#  This is the low-level iptables module. It provides the basic services 
+#  This is the low-level iptables module. It provides the basic services
 #  of chain and rule creation. It is used by the higher level modules such
 #  as Rules to create iptables-restore input.
 #
@ -228,7 +228,7 @@ our $emitted_comment;
 #                       initialize() function does globals initialization for this
 #                       module and is called from an INIT block below. The function is
 #                       also called by Shorewall::Compiler::compiler at the beginning of
-#                       the second and subsequent calls to that function. 
+#                       the second and subsequent calls to that function.
 #
 sub initialize() {
@ -325,7 +325,7 @@ INIT {
 #
 #
-# Process a COMMENT line (in $currentline) 
+# Process a COMMENT line (in $currentline)
 #
 sub process_comment() {
    if ( $capabilities{COMMENTS} ) {
@ -357,7 +357,7 @@ sub add_command($$)
 sub add_commands {
    my $chainref = shift @_;
-   
+
    for my $command ( @_ ) {
 	push @{$chainref->{rules}}, join ('', '    ' x ( $chainref->{loopcount} + $chainref->{cmdcount} ), $command );
    }
@ -382,7 +382,7 @@ sub add_file( $$ ) {
    if ( -f $file ) {
 	open EF , '<', $file or fatal_error "Unable to open $file: $!";
-	add_commands( $chainref, 
+	add_commands( $chainref,
 		      qq(progress_message "Processing $file..."),
 		      '' );
@ -395,7 +395,7 @@ sub add_file( $$ ) {
 	close EF;
    }
-}    
+}
 #
 # Add a rule to a chain. Arguments are:
@ -778,7 +778,7 @@ sub setup_zone_mss() {
 	set_mss( $zone, $zoneref->{options}{in}{mss},     '_in'  ) if $zoneref->{options}{in}{mss};
 	set_mss( $zone, $zoneref->{options}{out}{mss},    '_out' ) if $zoneref->{options}{out}{mss};
    }
-}	
+}
 sub newexclusionchain() {
    my $seq = $exclseq++;
@ -810,13 +810,13 @@ sub validate_portpair( $ ) {
    for my $port ( @ports ) {
 	my $value = $services{$port};
-	
+
 	unless ( defined $value ) {
 	    $value = $port if $port =~ /^(\d+)$/ && $port <= 65535;
 	}
-	    
+
 	fatal_error "Invalid/Unknown port/service ($port)" unless defined $value;
-	
+
 	$port = $value;
    }
@ -938,7 +938,7 @@ sub do_proto( $$$ )
 	    }
 	    if ( $sports ne '' ) {
-		if ( $multiport ) {	
+		if ( $multiport ) {
 		    fatal_error "Too many entries in port list ($sports)" if port_count( $sports ) > 15;
 		    $sports = validate_port_list $sports;
 		    $output .= "-m multiport --sports $sports ";
@ -1108,7 +1108,7 @@ sub match_source_dev( $ ) {
    } else {
 	"-i $interface ";
    }
-}    
+}
 #
 # Match Dest device
@ -1121,7 +1121,7 @@ sub match_dest_dev( $ ) {
    } else {
 	"-o $interface ";
    }
-}    
+}
 #
 # Avoid generating a second '-m iprange' in a single rule.
@ -1303,7 +1303,7 @@ sub log_rule_limit( $$$$$$$$ ) {
    if ( $chainref->{loopcount} || $chainref->{cmdcount} ) {
 	#
-	# The rule will be converted to an "echo" shell command. We must insure that the 
+	# The rule will be converted to an "echo" shell command. We must insure that the
 	# quotes are preserved in the iptables-input file.
 	#
 	if ( $level eq 'ULOG' ) {
@ -1423,7 +1423,7 @@ sub get_interface_addresses ( $ ) {
 [ -n "\$$variable" ] || fatal_error "Unable to determine the IP address(es) of $interface"
 );
    }
-    
+
    "\$$variable";
 }
@ -1461,15 +1461,15 @@ sub get_interface_nets ( $ ) {
 #
 sub expand_rule( $$$$$$$$$$ )
 {
-    my ($chainref ,    # Chain 
+    my ($chainref ,    # Chain
 	$restriction,  # Determines what to do with interface names in the SOURCE or DEST
-	$rule,         # Caller's matches that don't depend on the SOURCE, DEST and ORIGINAL DEST 
+	$rule,         # Caller's matches that don't depend on the SOURCE, DEST and ORIGINAL DEST
-	$source,       # SOURCE 
+	$source,       # SOURCE
-	$dest,         # DEST 
+	$dest,         # DEST
-	$origdest,     # ORIGINAL DEST 
+	$origdest,     # ORIGINAL DEST
-	$target,       # Target ('-j' part of the rule) 
+	$target,       # Target ('-j' part of the rule)
-	$loglevel ,    # Log level (and tag) 
+	$loglevel ,    # Log level (and tag)
-	$disposition,  # Primative part of the target (RETURN, ACCEPT, ...) 
+	$disposition,  # Primative part of the target (RETURN, ACCEPT, ...)
 	$exceptionrule # Caller's matches used in exclusion case
       ) = @_;
@ -1666,7 +1666,7 @@ sub expand_rule( $$$$$$$$$$ )
    #
    if ( $inets ) {
 	fatal_error "Invalid SOURCE" if $inets =~ /^([^!]+)?,!([^!]+)$/ || $inets =~ /.*!.*!/;
-	
+
 	if ( $inets =~ /^([^!]+)?!([^!]+)$/ ) {
 	    $inets = $1;
 	    $iexcl = $2;
@ -1680,7 +1680,7 @@ sub expand_rule( $$$$$$$$$$ )
 		$rule .= match_source_net "!$iexcl";
 		$iexcl = '';
 	    }
-	
+
 	}
    } else {
 	$iexcl = '';
@ -1691,7 +1691,7 @@ sub expand_rule( $$$$$$$$$$ )
    #
    if ( $dnets ) {
 	fatal_error "Invalid DEST" if  $dnets =~ /^([^!]+)?,!([^!]+)$/ || $dnets =~ /.*!.*!/;
-	
+
 	if ( $dnets =~ /^([^!]+)?!([^!]+)$/ ) {
 	    $dnets = $1;
 	    $dexcl = $2;
@ -1887,7 +1887,7 @@ sub set_global_variables() {
 # file to iptables-restore. That way, if things go wrong, the user (and Shorewall support)
 # has (have) something to look at to determine the error
 #
-# We may have to generate part of the input at run-time. The rules array in each chain 
+# We may have to generate part of the input at run-time. The rules array in each chain
 # table entry may contain rules (begin with '-A') or shell source. We alternate between
 # writing the rules ('-A') into the temporary file to be bassed to iptables-restore
 # (CAT_STATE) and and writing shell source into the generated script.
@ -1939,7 +1939,7 @@ sub create_netfilter_load() {
    push @table_list, 'filter';
    $state = NULL_STATE;
-  
+
    emit ( 'setup_netfilter()',
 	   '{'
 	   );
@ -1953,7 +1953,7 @@ sub create_netfilter_load() {
    emit 'exec 3>${VARDIR}/.iptables-restore-input';
    enter_cat_state;
-    
+
    for my $table ( @table_list ) {
 	emit_unindented "*$table";
@ -2019,7 +2019,7 @@ sub create_netfilter_load() {
 sub create_blacklist_reload() {
    $state = NULL_STATE;
-  
+
    emit(  'blacklist_reload()',
 	   '{'
 	   );
@ -2044,7 +2044,7 @@ sub create_blacklist_reload() {
    # Commit the changes to the table
    #
    enter_cat_state unless $state == CAT_STATE;
-    
+
    emit_unindented 'COMMIT';
    enter_cmd_state;
--- a/Shorewall-perl/Shorewall/Compiler.pm
+++ b/Shorewall-perl/Shorewall/Compiler.pm
@ -296,7 +296,7 @@ EOF
    for chain in PREROUTING OUTPUT; do
 	qt $IPTABLES -t raw -P $chain ACCEPT
    done
-    
+
 EOF
    }
@ -471,7 +471,7 @@ EOF
 # Second Phase of Script Generation
 #
 #    copies the 'prog.functions' file into the script, generates
-#    clear_routing_and_traffic_shaping() and the first part of 
+#    clear_routing_and_traffic_shaping() and the first part of
 #    'setup_routing_and_traffic_shaping()'
 #
 #    The bulk of that function is produced by the various config file
@ -542,7 +542,7 @@ sub generate_script_2 () {
 	    'delete_proxyarp',
 	    ''
 	    );
- 
+
    if ( $capabilities{NAT_ENABLED} ) {
 	emit(  'if [ -f ${VARDIR}/nat ]; then',
 	       '    while read external interface; do',
@ -646,7 +646,7 @@ else
        set_state "Started"
        run_started_exit
    fi
-        
+
    cp -f $(my_pathname) ${VARDIR}/.restore
 fi
--- a/Shorewall-perl/Shorewall/Config.pm
+++ b/Shorewall-perl/Shorewall/Config.pm
@ -22,10 +22,10 @@
 #
 #   This module is responsible for lower level configuration file handling.
 #   It also exports functions for generating warning and error messages.
-#   The get_configuration function parses the shorewall.conf, capabilities and 
+#   The get_configuration function parses the shorewall.conf, capabilities and
-#   modules files during compiler startup. The module also provides the basic 
+#   modules files during compiler startup. The module also provides the basic
 #   output file services such as creation of temporary 'object' files, writing
-#   into those files (emitters) and finalizing those files (renaming 
+#   into those files (emitters) and finalizing those files (renaming
 #   them to their final name and setting their mode appropriately).
 #
 package Shorewall::Config;
@ -176,7 +176,7 @@ our $debug;                   # If true, use Carp to report errors with stack tr
 #                       initialize() function does globals initialization for this
 #                       module and is called from an INIT block below. The function is
 #                       also called by Shorewall::Compiler::compiler at the beginning of
-#                       the second and subsequent calls to that function. 
+#                       the second and subsequent calls to that function.
 #
 sub initialize() {
    ( $command, $doing, $done ) = qw/ compile Compiling Compiled/; #describe the current command, it's present progressive, and it's completion.
@ -461,21 +461,21 @@ sub save_progress_message_short( $ ) {
 #
 # Set $timestamp
-# 
+#
 sub set_timestamp( $ ) {
    $timestamp = shift;
 }
 #
 # Set $verbose
-# 
+#
 sub set_verbose( $ ) {
    $verbose = shift;
 }
 #
 # Print the current TOD to STDOUT.
-# 
+#
 sub timestamp() {
    my ($sec, $min, $hr) = ( localtime ) [0,1,2];
    printf '%02d:%02d:%02d ', $hr, $min, $sec;
@ -739,7 +739,7 @@ sub split_line2( $$$ ) {
    if ( defined $columns ) {
 	fatal_error "Invalid $first entry" if $columns && @line != $columns;
-	return @line 
+	return @line
    }
    fatal_error "Shorewall Configuration file entries may not contain single quotes" if $currentline =~ /'/;
@ -843,7 +843,7 @@ sub read_a_line() {
 	    #
 	    # Remove Trailing Comments -- result might be a blank line
 	    #
-	    $currentline =~ s/#.*$//;       
+	    $currentline =~ s/#.*$//;
 	    #
 	    # Ignore ( concatenated ) Blank Lines
 	    #
@ -935,14 +935,14 @@ sub default_yes_no ( $$ ) {
 my %validlevels = ( debug   => 7,
 		    info    => 6,
-		    notice  => 5, 
+		    notice  => 5,
-		    warning => 4, 
+		    warning => 4,
-		    warn    => 4, 
+		    warn    => 4,
 		    err     => 3,
 		    error   => 3,
-		    crit    => 2, 
+		    crit    => 2,
-		    alert   => 1, 
+		    alert   => 1,
-		    emerg   => 0, 
+		    emerg   => 0,
 		    panic   => 0,
 		    none    => '',
 		    ULOG    => 'ULOG' );
@ -1002,7 +1002,7 @@ sub check_trivalue( $$ ) {
 	$config{var} = $default
    }
 }
-    
+
 #
 # Produce a report of the detected capabilities
 #
@ -1180,7 +1180,7 @@ sub determine_capabilities() {
    $capabilities{USEPKTTYPE}   = qt( "$iptables -A $sillyname -m pkttype --pkt-type broadcast -j ACCEPT" );
    $capabilities{ADDRTYPE}     = qt( "$iptables -A $sillyname -m addrtype --src-type BROADCAST -j ACCEPT" );
-    $capabilities{TCPMSS_MATCH} = qt( "$iptables -A $sillyname -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1000:1500 -j ACCEPT" ); 
+    $capabilities{TCPMSS_MATCH} = qt( "$iptables -A $sillyname -p tcp --tcp-flags SYN,RST SYN -m tcpmss --mss 1000:1500 -j ACCEPT" );
    qt( "$iptables -F $sillyname" );
    qt( "$iptables -X $sillyname" );
@ -1279,7 +1279,7 @@ sub process_shorewall_conf() {
 sub get_capabilities( $ ) {
    my $export = $_[0];
-    
+
    if ( ! $export && $> == 0 ) { # $> == $EUID
 	unless ( $config{IPTABLES} ) {
 	    fatal_error "Can't find iptables executable" unless $config{IPTABLES} = mywhich 'iptables';
@ -1358,7 +1358,7 @@ sub get_configuration( $ ) {
    check_trivalue ( 'IP_FORWARDING', 'on' );
    check_trivalue ( 'ROUTE_FILTER',  '' );
    check_trivalue ( 'LOG_MARTIANS',  '' );
- 
+
    default_yes_no 'ADD_IP_ALIASES'             , 'Yes';
    default_yes_no 'ADD_SNAT_ALIASES'           , '';
    default_yes_no 'DETECT_DNAT_IPADDRS'        , '';
@ -1632,7 +1632,7 @@ sub run_user_exit2( $$ ) {
 	}
 	pop_open;
-	
+
    }
 }
--- a/Shorewall-perl/Shorewall/FallbackPorts.pm
+++ b/Shorewall-perl/Shorewall/FallbackPorts.pm
@ -20,7 +20,7 @@
 #       along with this program; if not, write to the Free Software
 #       Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #
-# This module exports the %protocols and %services hashes built from 
+# This module exports the %protocols and %services hashes built from
 # /etc/protocols and /etc/services respectively.
 #
 # Module generated using buildports.pl 4.0.0-Beta7 - Fri Jun 29 14:10:45 2007
--- a/Shorewall-perl/Shorewall/IPAddrs.pm
+++ b/Shorewall-perl/Shorewall/IPAddrs.pm
@ -20,8 +20,8 @@
 #       along with this program; if not, write to the Free Software
 #       Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #
-#   This module provides interfaces for dealing with IPv4 addresses. 
+#   This module provides interfaces for dealing with IPv4 addresses.
-#   
+#
 package Shorewall::IPAddrs;
 require Exporter;
 use Shorewall::Config;
@ -121,7 +121,7 @@ sub validate_range( $$ ) {
    my $last  = decodeaddr $high;
    fatal_error "Invalid IP Range ($low-$high)" unless $first <= $last;
-}   
+}
 sub ip_range_explicit( $ ) {
    my $range = $_[0];
@ -151,7 +151,7 @@ sub ip_range_explicit( $ ) {
 sub validate_host( $ ) {
    my $host = $_[0];
-    
+
    if ( $host =~ /^(\d+\.\d+\.\d+\.\d+)-(\d+\.\d+\.\d+\.\d+)$/ ) {
 	validate_range $1, $2;
    } else {
--- a/Shorewall-perl/Shorewall/Nat.pm
+++ b/Shorewall-perl/Shorewall/Nat.pm
@ -47,7 +47,7 @@ our %addresses_to_add;
 #                       initialize() function does globals initialization for this
 #                       module and is called from an INIT block below. The function is
 #                       also called by Shorewall::Compiler::compiler at the beginning of
-#                       the second and subsequent calls to that function. 
+#                       the second and subsequent calls to that function.
 #
 sub initialize() {
@ -237,7 +237,7 @@ sub setup_one_masq($$$$$$$)
    #
    # And Generate the Rule(s)
    #
-    expand_rule( $chainref , 
+    expand_rule( $chainref ,
 		 POSTROUTE_RESTRICT ,
 		 $rule ,
 		 $networks ,
--- a/Shorewall-perl/Shorewall/Policy.pm
+++ b/Shorewall-perl/Shorewall/Policy.pm
@ -208,10 +208,10 @@ sub validate_policy()
 	unless ( $clientwild || $serverwild ) {
 	    if ( $zones{$server}{type} eq 'bport4' ) {
-		fatal_error "Invalid policy - DEST zone is a Bridge Port zone but the SOURCE zone is not associated with the same bridge" 
+		fatal_error "Invalid policy - DEST zone is a Bridge Port zone but the SOURCE zone is not associated with the same bridge"
 		    unless $zones{$client}{bridge} eq $zones{$server}{bridge} || single_interface( $client ) eq $zones{$server}{bridge};
 	    }
-	}   
+	}
 	my $chain = "${client}2${server}";
 	my $chainref;
@ -238,12 +238,12 @@ sub validate_policy()
 	}
 	$chainref->{loglevel}  = validate_level( $loglevel ) if defined $loglevel && $loglevel ne '';
-	 
+
 	if ( $synparams ne '' ) {
 	    $chainref->{synparams} = do_ratelimit $synparams, 'ACCEPT';
-	    $chainref->{synchain}  = $chain 
+	    $chainref->{synchain}  = $chain
 	}
-	
+
 	$chainref->{default}   = $default if $default;
 	if ( $clientwild ) {
@ -277,7 +277,7 @@ sub validate_policy()
 #
 sub policy_rules( $$$$ ) {
    my ( $chainref , $target, $loglevel, $default ) = @_;
-   
+
    unless ( $target eq 'NONE' ) {
 	add_rule $chainref, "-j $default" if $default && $default ne 'none';
 	log_rule $loglevel , $chainref , $target , '' if $loglevel ne '';
@ -392,7 +392,7 @@ sub setup_syn_flood_chains() {
    for my $chainref ( @policy_chains ) {
 	my $limit = $chainref->{synparams};
 	if ( $limit && ! $filter_table->{syn_flood_chain $chainref} ) {
-	    my $level = $chainref->{loglevel}; 
+	    my $level = $chainref->{loglevel};
 	    my $synchainref = new_chain 'filter' , syn_flood_chain $chainref;
 	    add_rule $synchainref , "${limit}-j RETURN";
 	    log_rule_limit $level , $synchainref , $chainref->{name} , 'DROP', '-m limit --limit 5/min --limit-burst 5 ' , '' , 'add' , ''
--- a/Shorewall-perl/Shorewall/Proc.pm
+++ b/Shorewall-perl/Shorewall/Proc.pm
@ -157,7 +157,7 @@ sub setup_martian_logging() {
 		   "    echo $value > $file" );
 	    emit ( 'else' ,
-		   "    error_message \"WARNING: Cannot set Martian logging on $interface\"") unless interface_is_optional( $interface); 
+		   "    error_message \"WARNING: Cannot set Martian logging on $interface\"") unless interface_is_optional( $interface);
 	    emit   "fi\n";
 	}
--- a/Shorewall-perl/Shorewall/Providers.pm
+++ b/Shorewall-perl/Shorewall/Providers.pm
@ -59,7 +59,7 @@ our @providers;
 #                       initialize() function does globals initialization for this
 #                       module and is called from an INIT block below. The function is
 #                       also called by Shorewall::Compiler::compiler at the beginning of
-#                       the second and subsequent calls to that function. 
+#                       the second and subsequent calls to that function.
 #
 sub initialize() {
@ -104,7 +104,7 @@ sub setup_route_marking() {
 sub copy_table( $$ ) {
    my ( $duplicate, $number ) = @_;
-    
+
    emit ( "ip route show table $duplicate | while read net route; do",
 	   '    case $net in',
 	   '        default|nexthop)',
@ -119,7 +119,7 @@ sub copy_table( $$ ) {
 sub copy_and_edit_table( $$$ ) {
    my ( $duplicate, $number, $copy ) = @_;
-    
+
    emit  ( "ip route show table $duplicate | while read net route; do",
 	    '    case $net in',
 	    '        default|nexthop)',
@ -137,18 +137,18 @@ sub copy_and_edit_table( $$$ ) {
 sub balance_default_route( $$$ ) {
    my ( $weight, $gateway, $interface ) = @_;
-    
+
    $balance = 1;
-    
+
    emit '';
-    
+
    if ( $first_default_route ) {
 	if ( $gateway ) {
 	    emit "DEFAULT_ROUTE=\"nexthop via $gateway dev $interface weight $weight\"";
 	} else {
 	    emit "DEFAULT_ROUTE=\"nexthop dev $interface weight $weight\"";
 	}
-	
+
 	$first_default_route = 0;
    } else {
 	if ( $gateway ) {
@ -164,21 +164,21 @@ sub add_a_provider( $$$$$$$$ ) {
    my ($table, $number, $mark, $duplicate, $interface, $gateway,  $options, $copy) = @_;
    fatal_error "Duplicate provider ($table)" if $providers{$table};
-    
+
    for my $providerref ( values %providers  ) {
 	fatal_error "Duplicate provider number ($number)" if $providerref->{number} == $number;
    }
-    
+
    emit "#\n# Add Provider $table ($number)\n#";
-    
+
    emit "if interface_is_usable $interface; then";
    push_indent;
    my $iface = chain_base $interface;
-    
+
    emit "${iface}_up=Yes";
    emit "qt ip route flush table $number";
    emit "echo \"qt ip route flush table $number\" >> \${VARDIR}/undo_routing";
-    
+
    if ( $duplicate ne '-' ) {
 	if ( $copy eq '-' ) {
 	    copy_table ( $duplicate, $number );
@ -218,17 +218,17 @@ sub add_a_provider( $$$$$$$$ ) {
    my $val = 0;
    if ( $mark ne '-' ) {
-	
+
 	$val = numeric_value $mark;
-	
+
 	verify_mark $mark;
-	
+
 	if ( $val < 256) {
 	    fatal_error "Invalid Mark Value ($mark) with HIGH_ROUTE_MARKS=Yes" if $config{HIGH_ROUTE_MARKS};
 	} else {
 	    fatal_error "Invalid Mark Value ($mark) with HIGH_ROUTE_MARKS=No" if ! $config{HIGH_ROUTE_MARKS};
 	}
-	
+
 	for my $providerref ( values %providers  ) {
 	    fatal_error "Duplicate mark value ($mark)" if $providerref->{mark} == $val;
 	}
@ -244,9 +244,9 @@ sub add_a_provider( $$$$$$$$ ) {
    $providers{$table}         = {};
    $providers{$table}{number} = $number;
    $providers{$table}{mark}   = $val;
-    
+
    my ( $loose, $optional ) = (0,0);
-    
+
    unless ( $options eq '-' ) {
 	for my $option ( split /,/, $options ) {
 	    if ( $option eq 'track' ) {
@ -270,9 +270,9 @@ sub add_a_provider( $$$$$$$$ ) {
    if ( $loose ) {
 	my $rulebase = 20000 + ( 256 * ( $number - 1 ) );
-	
+
 	emit "\nrulenum=0\n";
-	
+
 	emit  ( "find_interface_addresses $interface | while read address; do",
 		'    qt ip rule del from $address',
 		"    run_ip rule add from \$address pref \$(( $rulebase + \$rulenum )) table $number",
@ -286,12 +286,12 @@ sub add_a_provider( $$$$$$$$ ) {
 	       'done'
 	     );
    }
-    
+
    emit "\nprogress_message \"   Provider $table ($number) Added\"\n";
-    
+
    pop_indent;
    emit 'else';
-    
+
    if ( $optional ) {
 	emit ( "    error_message \"WARNING: Interface $interface is not configured -- Provider $table ($number) not Added\"",
 	       "    ${iface}_up="
@ -299,19 +299,19 @@ sub add_a_provider( $$$$$$$$ ) {
    } else {
 	emit "    fatal_error \"ERROR: Interface $interface is not configured -- Provider $table ($number) Cannot be Added\"";
    }
-    
+
    emit "fi\n";
 }
 sub add_an_rtrule( $$$$ ) {
    my ( $source, $dest, $provider, $priority ) = @_;
-    
+
    unless ( $providers{$provider} ) {
 	my $found = 0;
-	
+
 	if ( "\L$provider" =~ /^(0x[a-f0-9]+|0[0-7]*|[0-9]*)$/ ) {
 	    my $provider_number = numeric_value $provider;
-	    
+
 	    for my $provider ( keys %providers ) {
 		if ( $providers{$provider}{number} == $provider_number ) {
 		    $found = 1;
@ -319,14 +319,14 @@ sub add_an_rtrule( $$$$ ) {
 		}
 	    }
 	}
-	
+
 	fatal_error "Unknown provider ($provider)" unless $found;
    }
-    
+
    fatal_error "You must specify either the source or destination in a route_rules entry" if $source eq '-' && $dest eq '-';
-    
+
    $dest = $dest eq '-' ? '' : "to $dest";
-    
+
    if ( $source eq '-' ) {
 	$source = '';
    } elsif ( $source =~ /:/ ) {
@ -338,21 +338,21 @@ sub add_an_rtrule( $$$$ ) {
    } else {
 	$source = "iif $source";
    }
-    
+
    fatal_error "Invalid priority ($priority)" unless $priority && $priority =~ /^\d{1,5}$/;
-    
+
    $priority = "priority $priority";
-    
+
    emit ( "qt ip rule del $source $dest $priority",
 	   "run_ip rule add $source $dest $priority table $provider",
 	   "echo \"qt ip rule del $source $dest $priority\" >> \${VARDIR}/undo_routing"
 	 );
    progress_message "   Routing rule \"$currentline\" $done";
 }
- 
+
 sub setup_providers() {
    my $providers = 0;
-    
+
    my $fn = open_file 'providers';
    while ( read_a_line ) {
--- a/Shorewall-perl/Shorewall/Proxyarp.pm
+++ b/Shorewall-perl/Shorewall/Proxyarp.pm
@ -45,7 +45,7 @@ our @proxyarp;
 #                       initialize() function does globals initialization for this
 #                       module and is called from an INIT block below. The function is
 #                       also called by Shorewall::Compiler::compiler at the beginning of
-#                       the second and subsequent calls to that function. 
+#                       the second and subsequent calls to that function.
 #
 sub initialize() {
@ -145,7 +145,7 @@ sub setup_proxy_arp() {
 	    emit ( "if [ -f /proc/sys/net/ipv4/conf/$interface/proxy_arp ] ; then" ,
 		   "    echo $value > /proc/sys/net/ipv4/conf/$interface/proxy_arp" );
 	    emit ( 'else' ,
-		   "    error_message \"WARNING: Unable to set/reset proxy ARP on $interface\"" ) unless interface_is_optional( $interface ); 
+		   "    error_message \"WARNING: Unable to set/reset proxy ARP on $interface\"" ) unless interface_is_optional( $interface );
 	    emit   "fi\n";
 	}
    }
--- a/Shorewall-perl/Shorewall/Rules.pm
+++ b/Shorewall-perl/Shorewall/Rules.pm
@ -66,7 +66,7 @@ our @param_stack;
 #                       initialize() function does globals initialization for this
 #                       module and is called from an INIT block below. The function is
 #                       also called by Shorewall::Compiler::compiler at the beginning of
-#                       the second and subsequent calls to that function. 
+#                       the second and subsequent calls to that function.
 #
 sub initialize() {
@ -111,12 +111,12 @@ sub process_tos() {
 	    fatal_error "TOS field required" unless $tos ne '-';
-	    if ( defined ( my $tosval = $tosoptions{"\L$tos"} ) ) { 
+	    if ( defined ( my $tosval = $tosoptions{"\L$tos"} ) ) {
 		$tos = $tosval;
 	    } elsif ( numeric_value( $tos ) > 0x1e ) {
 		fatal_error "Invalid TOS value ($tos)";
 	    }
-		
+
 	    my $chainref;
 	    my $restriction = NO_RESTRICT;
@ -521,13 +521,13 @@ sub add_common_rules() {
    }
    run_user_exit1 'initdone';
-    
+
    setup_blacklist;
    $list = find_hosts_by_option 'nosmurfs';
    $chainref = new_standard_chain 'smurfs';
-    
+
    if ( $capabilities{ADDRTYPE} ) {
 	add_rule $chainref , '-s 0.0.0.0 -j RETURN';
 	add_rule_pair $chainref, '-m addrtype --src-type BROADCAST ', 'DROP', $config{SMURF_LOG_LEVEL} ;
@ -541,7 +541,7 @@ sub add_common_rules() {
    }
    add_rule_pair $chainref, '-s 224.0.0.0/4 ', 'DROP', $config{SMURF_LOG_LEVEL} ;
-    
+
    if ( $capabilities{ADDRTYPE} ) {
 	add_rule $rejectref , '-m addrtype --src-type BROADCAST -j DROP';
    } else {
@ -652,7 +652,7 @@ sub add_common_rules() {
 	    add_rule $filter_table->{input_chain $interface},  "-j $chain";
 	    add_rule $filter_table->{forward_chain $interface}, '-j ' . dynamic_fwd $interface;
 	    add_rule $filter_table->{output_chain $interface},  '-j ' . dynamic_out $interface;
-	}	
+	}
    }
    $list = find_interfaces_by_option 'upnp';
@ -689,7 +689,7 @@ sub setup_mac_lists( $ ) {
    my $level       = $config{MACLIST_LOG_LEVEL};
    my $disposition = $config{MACLIST_DISPOSITION};
    my $ttl         = $config{MACLIST_TTL};
-    
+
    progress_message2 "$doing MAC Filtration -- Phase $phase...";
    for my $hostref ( @$maclist_hosts ) {
@ -761,7 +761,7 @@ sub setup_mac_lists( $ ) {
 		if ( $addresses ) {
 		    for my $address ( split ',', $addresses ) {
 			my $source = match_source_net $address;
-			log_rule_limit $level, $chainref , mac_chain( $interface) , $disposition, '', '', 'add' , "${mac}${source}" 
+			log_rule_limit $level, $chainref , mac_chain( $interface) , $disposition, '', '', 'add' , "${mac}${source}"
 			    if defined $level && $level ne '';
 			add_rule $chainref , "${mac}${source}-j $targetref->{target}";
 		    }
@ -800,9 +800,9 @@ sub setup_mac_lists( $ ) {
 	    if ( $level ne '' || $disposition ne 'ACCEPT' ) {
 		my $variable = get_interface_addresses $interfaces{$interface}{bridge};
-		
+
 		if ( $capabilities{ADDRTYPE} ) {
-		    add_commands( $chainref, 
+		    add_commands( $chainref,
 				  "for address in $variable; do",
 				  "    echo \"-A $chainref->{name} -s \$address -m addrtype --dst-type BROADCAST -j RETURN\" >&3",
 				  "    echo \"-A $chainref->{name} -s \$address -d 224.0.0.0/4 -j RETURN\" >&3",
@ -810,7 +810,7 @@ sub setup_mac_lists( $ ) {
 		} else {
 		    my $variable1 = get_interface_bcasts $interfaces{$interface}{bridge};
-		    add_commands( $chainref, 
+		    add_commands( $chainref,
 				  "for address in $variable; do",
 				  "    for address1 in $variable1; do",
 				  "        echo \"-A $chainref->{name} -s \$address -d \$address1 -j RETURN\" >&3",
@ -915,12 +915,12 @@ sub process_rule1 ( $$$$$$$$$$$ ) {
    my $optimize = $wildcard ? ( $basictarget =~ /!$/ ? 0 : $config{OPTIMIZE} ) : 0;
    $param = '' unless defined $param;
-    
+
    #
    # Determine the validity of the action
    #
    my $actiontype = $targets{$basictarget} || find_macro( $basictarget );
-    
+
    fatal_error "Unknown action ($action)" unless $actiontype;
    if ( $actiontype == MACRO ) {
@ -933,7 +933,7 @@ sub process_rule1 ( $$$$$$$$$$$ ) {
 	    push @param_stack, $current_param;
 	    $current_param = $param;
 	}
-	
+
 	process_macro( $macros{$basictarget},
 		       $target ,
 		       $current_param,
@ -949,7 +949,7 @@ sub process_rule1 ( $$$$$$$$$$$ ) {
 		       $wildcard );
 	$macro_nest_level--;
-	
+
 	$current_param = pop @param_stack if $param ne '';
 	return;
@ -988,7 +988,7 @@ sub process_rule1 ( $$$$$$$$$$$ ) {
    #
    my $sourcezone;
    my $destzone;
-    
+
    if ( $source =~ /^(.+?):(.*)/ ) {
 	$sourcezone = $1;
 	$source = $2;
@ -1004,7 +1004,7 @@ sub process_rule1 ( $$$$$$$$$$$ ) {
 	$destzone = $dest;
 	$dest = ALLIPv4;
    }
-    
+
    fatal_error "Missing source zone" if $sourcezone eq '-';
    fatal_error "Unknown source zone ($sourcezone)" unless $zones{$sourcezone};
    fatal_error "Missing destination zone" if $destzone eq '-';
@ -1069,7 +1069,7 @@ sub process_rule1 ( $$$$$$$$$$$ ) {
    unless ( $section eq 'NEW' ) {
 	fatal_error "Entries in the $section SECTION of the rules file not permitted with FASTACCEPT=Yes" if $config{FASTACCEPT};
 	fatal_error "$basictarget rules are not allowed in the $section SECTION" if $actiontype & NONAT;
-	$rule .= "-m state --state $section " 
+	$rule .= "-m state --state $section "
    }
    #
@ -1211,7 +1211,7 @@ sub process_rule1 ( $$$$$$$$$$$ ) {
 }
 #
-# Process a Record in the rules file 
+# Process a Record in the rules file
 #
 #     Deals with the ugliness of wildcard zones ('all' in SOURCE and/or DEST column).
 #
@ -1264,7 +1264,7 @@ sub process_rule ( $$$$$$$$$$ ) {
 	} else {
 	    fatal_error "Invalid DEST ($dest)" unless $dest eq 'all';
 	}
-	    
+
    }
    my $action = isolate_basic_target $target;
@ -1425,7 +1425,7 @@ sub generate_matrix() {
    }
    #
-    # Set a breakpoint in this function if you want to step through generate_matrix(). 
+    # Set a breakpoint in this function if you want to step through generate_matrix().
    #
    sub start_matrix() {
 	progress_message2 'Generating Rule Matrix...';
@ -1497,7 +1497,7 @@ sub generate_matrix() {
 		for my $hostref ( @{$arrayref} ) {
 		    my $ipsec_match = match_ipsec_in $zone , $hostref;
 		    for my $net ( @{$hostref->{hosts}} ) {
-			add_rule( 
+			add_rule(
 				 $filter_table->{forward_chain $interface} ,
 				 join( '', match_source_net( $net ), $ipsec_match, "-j $frwd_ref->{name}" )
 				);
@ -1586,13 +1586,13 @@ sub generate_matrix() {
 		    my $variable = get_interface_bcasts $interface;
 		    my $chain    = output_chain $interface;
 		    my $chainref = $filter_table->{$chain};
-		    
+
-		    add_commands( $chainref, 
+		    add_commands( $chainref,
 				  "for address in $variable; do",
 				  "   echo \"-A $chain -d \$address -j $chain1\" >&3",
 				  'done' );
 		}
-		    
+
 		add_rule $filter_table->{output_chain $interface}  , "-d 224.0.0.0/4 -j $chain1";
 	    }
 	}
@ -1847,7 +1847,7 @@ sub setup_mss( $ ) {
 	$match  = "-m tcpmss --mss $clampmss: " if $capabilities{TCPMSS_MATCH};
 	$option = "--set-mss $clampmss";
    }
-    
+
    add_rule $filter_table->{FORWARD} , "-p tcp --tcp-flags SYN,RST SYN ${match}-j TCPMSS $option";
 }
--- a/Shorewall-perl/Shorewall/Tc.pm
+++ b/Shorewall-perl/Shorewall/Tc.pm
@ -158,7 +158,7 @@ our $prefix = '1';
 #                       initialize() function does globals initialization for this
 #                       module and is called from an INIT block below. The function is
 #                       also called by Shorewall::Compiler::compiler at the beginning of
-#                       the second and subsequent calls to that function. 
+#                       the second and subsequent calls to that function.
 #
 sub initialize() {
@ -231,7 +231,7 @@ sub process_tc_rule( $$$$$$$$$$ ) {
 	    for my $tccmd ( @tccmd ) {
 		if ( $tccmd->{match}($cmd) ) {
 		    fatal_error "$mark not valid with :C[FPT]" if $connmark;
-		    
+
 		    $target      = "$tccmd->{target} ";
 		    my $marktype = $tccmd->{mark};
@ -243,9 +243,9 @@ sub process_tc_rule( $$$$$$$$$$ ) {
 		    if ( $rest ) {
 			fatal_error "Invalid MARK ($original_mark)" if $marktype == NOMARK;
-			
+
 			$mark = $rest if $tccmd->{mask};
-			
+
 			if ( $marktype == SMALLMARK ) {
 			    verify_small_mark $mark;
 			} else {
@ -254,7 +254,7 @@ sub process_tc_rule( $$$$$$$$$$ ) {
 		    } elsif ( $tccmd->{mask} ) {
 			$mark = $tccmd->{mask};
 		    }
-		    
+
 		    last MARK;
 		}
 	    }
@ -339,7 +339,7 @@ sub convert_rate( $$ ) {
    } else {
 	$rate = rate_to_kbit $rate
    }
-	
+
    "${rate}kbit";
 }
@ -588,7 +588,7 @@ sub setup_tc() {
    } elsif ( $config{TC_ENABLED} eq 'Internal' ) {
 	setup_traffic_shaping;
    }
-    
+
    if ( my $fn = open_file 'tcrules' ) {
 	while ( read_a_line ) {
--- a/Shorewall-perl/Shorewall/Tunnels.pm
+++ b/Shorewall-perl/Shorewall/Tunnels.pm
@ -84,17 +84,17 @@ sub setup_tunnels() {
 		fatal_error "Invalid zone ($zone) for GATEWAY ZONE" if $type eq 'firewall' || $type eq 'bport4';
 		$inchainref  = ensure_filter_chain "${zone}2${firewall_zone}", 1;
 		$outchainref = ensure_filter_chain "${firewall_zone}2${zone}", 1;
-		
+
 		unless ( $capabilities{POLICY_MATCH} ) {
 		    add_rule $inchainref,  "-p 50 $source -j ACCEPT";
 		    add_rule $outchainref, "-p 50 $dest -j ACCEPT";
-		    
+
 		    unless ( $noah ) {
 			add_rule $inchainref,  "-p 51 $source -j ACCEPT";
 			add_rule $outchainref, "-p 51 $dest -j ACCEPT";
 		    }
 		}
-		
+
 		if ( $kind eq 'ipsec' ) {
 		    add_rule $inchainref,  "-p udp $source --dport 500 $options";
 		    add_rule $outchainref, "-p udp $dest --dport 500 $options";
--- a/Shorewall-perl/Shorewall/Zones.pm
+++ b/Shorewall-perl/Shorewall/Zones.pm
@ -1,5 +1,5 @@
 #
-# Shorewall-perl 4.0 -- /usr/share/shorewall-perl/Shorewall/Zones.pm      
+# Shorewall-perl 4.0 -- /usr/share/shorewall-perl/Shorewall/Zones.pm
 #
 #     This program is under GPL [http://www.gnu.org/copyleft/gpl.htm]
 #
@ -20,7 +20,7 @@
 #       along with this program; if not, write to the Free Software
 #       Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #
-#   This module contains the code which deals with /etc/shorewall/zones, 
+#   This module contains the code which deals with /etc/shorewall/zones,
 #   /etc/shorewall/interfaces and /etc/shorewall/hosts.
 #
 package Shorewall::Zones;
@ -54,7 +54,7 @@ our @EXPORT = qw( NOTHING
 		  @zones
 		  %zones
 		  $firewall_zone
-		  %interfaces 
+		  %interfaces
 		  @interfaces
 		  @bridges );
@ -134,7 +134,7 @@ our @bridges;
 #                       initialize() function does globals initialization for this
 #                       module and is called from an INIT block below. The function is
 #                       also called by Shorewall::Compiler::compiler at the beginning of
-#                       the second and subsequent calls to that function. 
+#                       the second and subsequent calls to that function.
 #
 sub initialize() {
@ -285,8 +285,8 @@ sub determine_zones()
 	}
 	$zones{$zone} = { type       => $type,
-			  parents    => \@parents, 
+			  parents    => \@parents,
-			  exclusions => [], 
+			  exclusions => [],
 			  bridge     => '',
 			  options    => { in_out  => parse_zone_option_list( $options || '', $type ) ,
 					  in      => parse_zone_option_list( $in_options || '', $type ) ,
@ -300,7 +300,7 @@ sub determine_zones()
    }
    fatal_error "No firewall zone defined" unless $firewall_zone;
-    
+
    my $pushed = 1;
    my %ordered;
@ -435,7 +435,7 @@ sub single_interface( $ ) {
 	    '';
 	}
    }
-} 
+}
 sub add_group_to_zone($$$$$)
 {
@ -491,7 +491,7 @@ sub add_group_to_zone($$$$$)
    $zoneref->{options}{complex} = 1 if @$arrayref || ( @newnetworks > 1 ) || ( @exclusions );
    push @{$zoneref->{exclusions}}, @exclusions;
-    
+
    push @{$arrayref}, { options => $options,
 			 hosts   => \@newnetworks,
 			 ipsec   => $type eq 'ipsec4' ? 'ipsec' : 'none' };
@ -533,9 +533,9 @@ sub validate_interfaces_file( $ )
    use constant { SIMPLE_IF_OPTION   => 1,
 		   BINARY_IF_OPTION   => 2,
-		   ENUM_IF_OPTION     => 3, 
+		   ENUM_IF_OPTION     => 3,
 	           MASK_IF_OPTION     => 3,
-	           
+
 	           IF_OPTION_ZONEONLY => 4 };
    my %validoptions = (arp_filter  => BINARY_IF_OPTION,
@ -569,7 +569,7 @@ sub validate_interfaces_file( $ )
 	    progress_message2 "$doing $fn...";
 	    $first_entry = 0;
 	}
-	
+
 	my ($zone, $interface, $networks, $options ) = split_line 2, 4, 'interfaces file';
 	my $zoneref;
 	my $bridge = '';
@ -588,7 +588,7 @@ sub validate_interfaces_file( $ )
 	( $interface, my ($port, $extra) ) = split /:/ , $interface, 3;
-	fatal_error "Invalid INTERFACE" if defined $extra || ! $interface;	
+	fatal_error "Invalid INTERFACE" if defined $extra || ! $interface;
 	fatal_error "Invalid Interface Name ($interface)" if $interface eq '+';
@ -620,13 +620,13 @@ sub validate_interfaces_file( $ )
 	    fatal_error "Zones of type 'bport' may only be associated with bridge ports" if $zone && $zoneref->{type} eq 'bport4';
 	    $interfaces{$interface}{bridge} = $interface;
 	}
-    
+
 	my $wildcard = 0;
 	if ( $interface =~ /\+$/ ) {
 	    $wildcard = 1;
 	    $interfaces{$interface}{root} = substr( $interface, 0, -1 );
-	} else {	    
+	} else {
 	    $interfaces{$interface}{root} = $interface;
 	}
@ -642,7 +642,7 @@ sub validate_interfaces_file( $ )
 	my $optionsref = {};
 	my %options;
-	
+
 	if ( $options ) {
 	    for my $option (split ',', $options ) {
@ -653,7 +653,7 @@ sub validate_interfaces_file( $ )
 		fatal_error "Invalid Interface option ($option)" unless my $type = $validoptions{$option};
 		fatal_error "The \"$option\" option may not be specified on a multi-zone interface" if $type & IF_OPTION_ZONEONLY && ! $zone;
-		
+
 		$type &= MASK_IF_OPTION;
 		if ( $type == SIMPLE_IF_OPTION ) {
@ -672,7 +672,7 @@ sub validate_interfaces_file( $ )
 				$options{arp_ignore} = $value;
 			    } else {
 				fatal_error "Invalid value ($value) for arp_ignore";
-			    } 
+			    }
 			} else {
 			    $options{arp_ignore} = 1;
 			}
@ -692,7 +692,7 @@ sub validate_interfaces_file( $ )
 	} elsif ( $port ) {
 	    $options{port} = 1;
 	}
-	
+
 	$interfaces{$interface}{options} = $optionsref = \%options;
 	push @ifaces, $interface;
@ -713,7 +713,7 @@ sub validate_interfaces_file( $ )
 	add_group_to_zone( $zone, $zoneref->{type}, $interface, \@networks, $optionsref ) if $zone && @networks;
    	$interfaces{$interface}{zone} = $zone; #Must follow the call to add_group_to_zone()
-    
+
 	progress_message "   Interface \"$currentline\" Validated";
    }
@ -723,7 +723,7 @@ sub validate_interfaces_file( $ )
    #
    for my $interface ( @ifaces ) {
 	my $interfaceref = $interfaces{$interface};
-	
+
 	if ( $interfaceref->{options}{bridge} ) {
 	    my @ports = grep $interfaces{$_}{options}{port} && $interfaces{$_}{bridge} eq $interface, @ifaces;
@ -735,7 +735,7 @@ sub validate_interfaces_file( $ )
 	}
 	push @interfaces, $interface unless $interfaceref->{options}{port};
-    }	
+    }
 }
 #
@ -902,7 +902,7 @@ sub validate_hosts_file()
 	#
 	# Now add a comma before '!'. Do it globally - add_group_to_zone() correctly checks for multiple exclusions
 	#
-	$hosts =~ s/!/,!/g;  
+	$hosts =~ s/!/,!/g;
 	#
 	# Take care of case where the hosts list begins with '!'
 	#
--- a/Shorewall-perl/buildports.pl
+++ b/Shorewall-perl/buildports.pl
@ -31,18 +31,18 @@ use lib '/usr/share/shorewall-perl';
 use Shorewall::Config qw( open_file
 			  push_open
 			  pop_open
-			  read_a_line1 
+			  read_a_line1
-			  split_line 
+			  split_line
-			  fatal_error 
+			  fatal_error
-			  %globals 
+			  %globals
-			  ensure_config_path 
+			  ensure_config_path
 			  set_shorewall_dir
 			  set_config_path );
 our $offset = "\t\t  ";
 our %service_hash;
-  
+
 sub print_it( $$ ) {
    my ( $name, $number ) = @_;
    my $tabs;
@ -61,7 +61,7 @@ sub print_it( $$ ) {
 sub print_service( $$ ) {
    my ( $service, $number ) = @_;
-    
+
    unless ( exists $service_hash{$service} ) {
 	print_it( $service, $number );
 	$service_hash{$service} = $number;
@ -107,7 +107,7 @@ print <<"EOF";
 #       along with this program; if not, write to the Free Software
 #       Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #
-# This module exports the %protocols and %services hashes built from 
+# This module exports the %protocols and %services hashes built from
 # /etc/protocols and /etc/services respectively.
 #
 # Module generated using buildports.pl $globals{VERSION} - $date
@ -132,7 +132,7 @@ while ( read_a_line1 ) {
    my ( $proto1, $number, @aliases ) = split_line( 2, 10, '/etc/protocols entry');
    print_it( $proto1, $number );
-    
+
    for my $alias ( @aliases ) {
 	last if $alias eq '-';
 	print_it( $alias, $number );
--- a/Shorewall-perl/diff-4.0-lib.base
+++ b/Shorewall-perl/diff-4.0-lib.base
@ -70,7 +70,7 @@
 #
@@ -111,20 +90,6 @@
 }
- 
+
 #
 -# Undo the effect of 'separate_list()'
 -#
@ -91,7 +91,7 @@
 qt()
@@ -310,83 +275,6 @@
 }
- 
+
 #
 -# Call this function to assert mutual exclusion with Shorewall. If you invoke the
 -# /sbin/shorewall program while holding mutual exclusion, you should pass "nolock" as
@ -150,7 +150,7 @@
 -
 -    if [ -z "$loaded" ]; then
 -	[ -f $lib ] || lib=${SHELLSHAREDIR}/lib.$1
-	
+-
 -	if [ -f $lib ]; then
 -	    progress_message "Loading library $lib..."
 -	    . $lib
@ -175,7 +175,7 @@
 #        the IP address is 128.0.0.0 or 128.0.0.1.
@@ -395,32 +283,6 @@
 LEFTSHIFT='<<'
- 
+
 #
 -# Validate an IP address
 -#
@ -196,7 +196,7 @@
 -		;;
 -	esac
 -    done
-    
+-
 -    IFS=$ifs
 -
 -    return 0
@ -208,7 +208,7 @@
 decodeaddr() {
@@ -456,88 +318,6 @@
 }
- 
+
 #
 -# Enumerate the members of an IP range -- When using a shell supporting only
 -# 32-bit signed arithmetic, the range cannot span 128.0.0.0.
@ -297,7 +297,7 @@
 ip_netmask() {
@@ -588,60 +368,6 @@
 }
- 
+
 #
 -# Netmask to VLSM
 -#
@ -331,7 +331,7 @@
 -	case $c in
 -	    @*)
 -               c=at_${c#@}
-	       ;;               
+-	       ;;
 -	    *.*)
 -		c="${c%.*}_${c##*.}"
 -		;;
@ -358,7 +358,7 @@
 chain_exists() # $1 = chain name
@@ -879,21 +605,6 @@
 }
- 
+
 #
 -# Set default config path
 -#
@ -380,7 +380,7 @@
 find_file()
@@ -918,54 +629,6 @@
 }
- 
+
 #
 -# Get fully-qualified name of file
 -#
@ -435,7 +435,7 @@
 set_state () # $1 = state
@@ -974,200 +637,6 @@
 }
- 
+
 #
 -# Determine which optional facilities are supported by iptables/netfilter
 -#
@ -626,7 +626,7 @@
 -    report_capability1 MANGLE_FORWARD
 -    report_capability1 COMMENTS
 -    report_capability1 ADDRTYPE
-    
+-
 -    echo CAPVERSION=$SHOREWALL_CAPVERSION
 -}
 -
@ -637,7 +637,7 @@
@@ -1286,82 +755,6 @@
     cut -b -${1}
 }
- 
+
 -#
 -# Add a logging rule.
 -#
@ -718,8 +718,8 @@
 {
     clear_one_tc() {
@@ -1496,65 +889,6 @@
- 
+
-     echo echo 
+     echo echo
 }
 -
 -# Determine which version of mktemp is present (if any) and set MKTEMP accortingly:
--- a/Shorewall-perl/prog.functions
+++ b/Shorewall-perl/prog.functions
@ -168,6 +168,6 @@ get_device_mtu1() # $1 = device
 #
 get_all_bcasts()
 {
-    ip -f inet addr show 2> /dev/null | grep 'inet.*brd' | sed 's/inet.*brd //; s/scope.*//;' | sort -u 
+    ip -f inet addr show 2> /dev/null | grep 'inet.*brd' | sed 's/inet.*brd //; s/scope.*//;' | sort -u
 }
-	
+
--- a/Shorewall-perl/prog.header
+++ b/Shorewall-perl/prog.header
@ -267,7 +267,7 @@ load_kernel_modules() # $1 = Yes, if we are to save moduleinfo in $VARDIR
 	fi
    elif [ $savemoduleinfo = Yes ]; then
 	[ -d ${VARDIR} ] || mkdir -p ${VARDIR}
-	> ${VARDIR}/.modulesdir	
+	> ${VARDIR}/.modulesdir
 	> ${VARDIR}/.modules
    fi
@ -585,9 +585,9 @@ get_interface_bcasts() # $1 = interface
 {
    local addresses=
-    ip -f inet addr show dev $1 2> /dev/null | grep 'inet.*brd' | sed 's/inet.*brd //; s/scope.*//;' | sort -u 
+    ip -f inet addr show dev $1 2> /dev/null | grep 'inet.*brd' | sed 's/inet.*brd //; s/scope.*//;' | sort -u
 }
-	
+
 #
 # Internal version of 'which'
 #
@ -887,7 +887,7 @@ find_echo() {
    result=$(which echo)
    [ -n "$result" ] && { echo "$result -e"; return; }
-    echo echo 
+    echo echo
 }
 ################################################################################
 # End of functions imported from /usr/share/shorewall/lib.base
`@ -1,2 +1,2 @@`
	`This is the Shorewall-perl Stable 4.0 branch of SVN.`	`This is the Shorewall-perl Stable 4.0 branch of SVN.`