diff --git a/Shorewall/Perl/Shorewall/Proc.pm b/Shorewall/Perl/Shorewall/Proc.pm index fe474d12d..facd1e916 100644 --- a/Shorewall/Perl/Shorewall/Proc.pm +++ b/Shorewall/Perl/Shorewall/Proc.pm @@ -145,7 +145,9 @@ sub setup_martian_logging() { emit ( 'for file in /proc/sys/net/ipv4/conf/*; do', " [ -f \$file/log_martians ] && echo $val > \$file/log_martians", - 'done' ); + 'done', + '' , + 'echo 0 > /proc/sys/net/ipv4/conf/all/log_martians' ); } for my $interface ( @$interfaces ) { @@ -159,14 +161,6 @@ sub setup_martian_logging() { " error_message \"WARNING: Cannot set Martian logging on $interface\"") unless interface_is_optional( $interface); emit "fi\n"; } - - if ( $config{LOG_MARTIANS} eq 'on' ) { - emit 'echo 1 > /proc/sys/net/ipv4/conf/all/log_martians'; - emit 'echo 1 > /proc/sys/net/ipv4/conf/default/log_martians'; - } elsif ( $config{LOG_MARTIANS} eq 'off' ) { - emit 'echo 0 > /proc/sys/net/ipv4/conf/all/log_martians'; - emit 'echo 0 > /proc/sys/net/ipv4/conf/default/log_martians'; - } } } diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index 50e22b694..1dd112b02 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -18,6 +18,8 @@ Changes in Shorewall 4.3.8 9) Allow 'compile' without a pathname. +10) Fix LOG_MARTIANS=Yes. + Changes in Shorewall 4.3.7 1) Fix forward treatment of interface options. diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 5cf375f63..e35191763 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -55,6 +55,10 @@ released late in 2009. 2) The swping program was not purging the interface status files when it first started. +3) When LOG_MARTIANS=Yes with Shorewall-perl, setting logmartians=0 in + an entry in /etc/shorewall/interface failed to suppress martian + logging on the interface. + ---------------------------------------------------------------------------- K N O W N P R O B L E M S R E M A I N I N G ----------------------------------------------------------------------------