From 77d9eeb9151cf43ed5a46d3f7de962f34033bbdb Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Thu, 19 Oct 2017 13:03:23 -0700 Subject: [PATCH] Eliminate extra parameter editing of TPROXY parameter list. - Clarify syntax for actions with multiple parameters Signed-off-by: Tom Eastep --- Shorewall/Perl/Shorewall/Rules.pm | 3 +-- Shorewall/manpages/shorewall-mangle.xml | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index 6c5495ad9..fe81cfd14 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -4658,8 +4658,7 @@ sub process_mangle_rule1( $$$$$$$$$$$$$$$$$$$ ) { my ( $port, $ip, $bad ); if ( $params ) { - ( $port, $ip, $bad ) = split_list $params, 'Parameter'; - fatal_error "Invalid TPROXY specification( TPROXY($params) )" if defined $bad; + ( $port, $ip ) = split /,/, $params, 2; } my $mark = in_hex( $globals{TPROXY_MARK} ) . '/' . in_hex( $globals{TPROXY_MARK} ); diff --git a/Shorewall/manpages/shorewall-mangle.xml b/Shorewall/manpages/shorewall-mangle.xml index b9e99579e..4a602f90f 100644 --- a/Shorewall/manpages/shorewall-mangle.xml +++ b/Shorewall/manpages/shorewall-mangle.xml @@ -676,7 +676,7 @@ SAME $FW 0.0.0.0/0 tcp 80,443 TCPMSS([mss][,ipsec]) + role="bold">TCPMSS([mss[,ipsec]]) Added in Shorewall 5.1.9. This target only applies to @@ -747,7 +747,7 @@ Normal-Service => 0x00 TPROXY([port][,address]) + role="bold">TPROXY([port[,address]]) Transparently redirects a packet without altering the IP