extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-13 21:27:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply 4.0.4-pre fixes to trunk

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@7384 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-09-23 15:21:18 +00:00
parent 1135e5b5fe
commit 900a40b9d1
4 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Shorewall-perl/Shorewall/Chains.pm
View File

@ -966,9 +966,13 @@ sub mac_match( $ ) {
sub verify_mark( $ ) { sub verify_mark( $ ) {
my $mark = $_[0]; my $mark = $_[0];
my $limit = $config{HIGH_ROUTE_MARKS} ? 0xFFFF : 0xFF; my $limit = $config{HIGH_ROUTE_MARKS} ? 0xFFFF : 0xFF;
my $value = numeric_value( $mark );
fatal_error "Invalid Mark or Mask value ($mark)" fatal_error "Invalid Mark or Mask value ($mark)"
unless numeric_value( $mark ) <= $limit; unless $value <= $limit;
fatal_error "Invalid High Mark or Mask value ($mark)"
if ( $value > 0xFF && $value & 0xFF );
} }
sub verify_small_mark( $ ) { sub verify_small_mark( $ ) {

2
Shorewall-perl/Shorewall/Config.pm
View File

@ -863,7 +863,7 @@ sub read_a_line() {
# #
# Ignore ( concatenated ) Blank Lines # Ignore ( concatenated ) Blank Lines
# #
$currentline = '', next if $currentline =~ /^\s*$/; $currentline = '', $currentlinenumber = 0, next if $currentline =~ /^\s*$/;
# #
# Expand Shell Variables using %ENV # Expand Shell Variables using %ENV

5
Shorewall-perl/Shorewall/Proc.pm
View File

@ -96,7 +96,6 @@ sub setup_route_filtering() {
save_progress_message "Setting up Route Filtering..."; save_progress_message "Setting up Route Filtering...";
if ( $config{ROUTE_FILTER} ) { if ( $config{ROUTE_FILTER} ) {
my $val = $config{ROUTE_FILTER} eq 'on' ? 1 : 0; my $val = $config{ROUTE_FILTER} eq 'on' ? 1 : 0;
@ -115,7 +114,9 @@ sub setup_route_filtering() {
" error_message \"WARNING: Cannot set route filtering on $interface\"" ) unless interface_is_optional( $interface); " error_message \"WARNING: Cannot set route filtering on $interface\"" ) unless interface_is_optional( $interface);
emit "fi\n"; emit "fi\n";
} }
#
# According to Documentation/networking/ip-sysctl.txt, this must be turned on to do any filtering
#
emit 'echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter'; emit 'echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter';
emit "[ -n \"\$NOROUTES\" ] || ip route flush cache"; emit "[ -n \"\$NOROUTES\" ] || ip route flush cache";

2
Shorewall-perl/Shorewall/Providers.pm
View File

@ -347,9 +347,9 @@ sub add_an_rtrule( $$$$ ) {
validate_net ( $source, 0 ); validate_net ( $source, 0 );
$source = "iif $interface from $source"; $source = "iif $interface from $source";
} elsif ( $source =~ /\..*\..*/ ) { } elsif ( $source =~ /\..*\..*/ ) {
validate_net ( $source, 0 );
$source = "from $source"; $source = "from $source";
} else { } else {
validate_net ( $source, 0 );
$source = "iif $source"; $source = "iif $source";
} }