extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-02-04 11:59:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Sanitize confusing code; don't give zones and shorewall.conf execute permission

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1474 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2004-07-13 13:15:11 +00:00
parent 978b47bd43
commit 812f927d70
4 changed files with 28 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
STABLE2/changelog.txt
View File

@ -14,3 +14,20 @@ Change in 2.0.6
shorewall.conf shorewall.conf
firewall firewall
2) Sanitized some correct but confusing code in determine_hosts().
There was a loop:
for networks in $networks
...
It now reads:
for network in $networks
...
3) Don't give shorewall.conf and zones execute permission.

8
STABLE2/firewall
View File

@ -670,15 +670,15 @@ determine_hosts() {
networks=0.0.0.0/0 networks=0.0.0.0/0
fi fi
for networks in $networks; do for network in $networks; do
if [ -z "$hosts" ]; then if [ -z "$hosts" ]; then
hosts=$interface:$networks hosts=$interface:$network
else else
hosts="$hosts $interface:$networks" hosts="$hosts $interface:$network"
fi fi
if interface_has_option $interface routeback; then if interface_has_option $interface routeback; then
eval ${zone}_routeback=\"$interface:$networks \$${zone}_routeback\" eval ${zone}_routeback=\"$interface:$network \$${zone}_routeback\"
fi fi
done done
done done

4
STABLE2/install.sh
View File

@ -185,7 +185,7 @@ mkdir -p ${PREFIX}/var/lib/shorewall && chmod 700 ${PREFIX}/var/lib/shorewal
if [ -f ${PREFIX}/etc/shorewall/shorewall.conf ]; then if [ -f ${PREFIX}/etc/shorewall/shorewall.conf ]; then
backup_file /etc/shorewall/shorewall.conf backup_file /etc/shorewall/shorewall.conf
else else
run_install -o $OWNER -g $GROUP -m 0744 shorewall.conf ${PREFIX}/etc/shorewall/shorewall.conf run_install -o $OWNER -g $GROUP -m 0600 shorewall.conf ${PREFIX}/etc/shorewall/shorewall.conf
echo echo
echo "Config file installed as ${PREFIX}/etc/shorewall/shorewall.conf" echo "Config file installed as ${PREFIX}/etc/shorewall/shorewall.conf"
fi fi
@ -195,7 +195,7 @@ fi
if [ -f ${PREFIX}/etc/shorewall/zones ]; then if [ -f ${PREFIX}/etc/shorewall/zones ]; then
backup_file /etc/shorewall/zones backup_file /etc/shorewall/zones
else else
run_install -o $OWNER -g $GROUP -m 0744 zones ${PREFIX}/etc/shorewall/zones run_install -o $OWNER -g $GROUP -m 0600 zones ${PREFIX}/etc/shorewall/zones
echo echo
echo "Zones file installed as ${PREFIX}/etc/shorewall/zones" echo "Zones file installed as ${PREFIX}/etc/shorewall/zones"
fi fi

3
STABLE2/releasenotes.txt
View File

@ -26,3 +26,6 @@ Problems Corrected in version 2.0.6
Users experiencing this problem can use PKTTYPE=No in Users experiencing this problem can use PKTTYPE=No in
shorewall.conf to cause Shorewall to use IP address filtering of shorewall.conf to cause Shorewall to use IP address filtering of
broadcasts rather than packet type. broadcasts rather than packet type.
2) The shorewall.conf and zones file are no longer given execute
permission by the installer script.