extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-07 02:07:08 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply Lennart Sorensen's patch to trunk

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8791 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-10-20 14:34:52 +00:00
parent 0d6186dc50
commit 96b02007a1
4 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall-common/changelog.txt
View File

@ -10,4 +10,6 @@ Changes in Shorewall 4.2.1
5) Add time match support. 5) Add time match support.
6) Applied Lennart Sorensen's patch for length match.
Initial release of Shorewall 4.2.0. Initial release of Shorewall 4.2.0.

4
Shorewall-common/releasenotes.txt
View File

@ -92,6 +92,10 @@ Problems corrected in Shorewall 4.2.1
shorewall in some cases. Shorewall now detects when the new syntax shorewall in some cases. Shorewall now detects when the new syntax
is accepted and uses it instead. is accepted and uses it instead.
4) The Shorewall-perl implementation of the LENGTH column in
/etc/shorewall/tcrules was incomplete with the result that
all LENGTH rules matched. Thanks to Lennart Sorensen for the patch.
Other changes in Shorewall 4.2.1 Other changes in Shorewall 4.2.1
1) With the recent renewed interest in DOS attacks, it seems 1) With the recent renewed interest in DOS attacks, it seems

11
Shorewall-perl/Shorewall/Chains.pm
View File

@ -123,6 +123,7 @@ our %EXPORT_TAGS = (
do_connlimit do_connlimit
do_time do_time
do_user do_user
do_length
do_tos do_tos
do_connbytes do_connbytes
do_helper do_helper
@ -1413,6 +1414,16 @@ sub do_helper( $ ) {
qq(-m helper --helper "$helper"); qq(-m helper --helper "$helper");
} }
#
# Create a "-m length" match for the passed TOS
#
sub do_length( $ ) {
my $length = $_[0];
require_capability( 'LENGTH_MATCH' , 'Your kernel and/or iptables does not have length match support.' , '' );
$length ne '-' ? "-m length --length $length " : '';
}
# #
# Match Source Interface # Match Source Interface
# #

8
Shorewall-perl/Shorewall/Tc.pm
View File

@ -284,7 +284,13 @@ sub process_tc_rule( $$$$$$$$$$$$ ) {
if ( ( my $result = expand_rule( ensure_chain( 'mangle' , $chain ) , if ( ( my $result = expand_rule( ensure_chain( 'mangle' , $chain ) ,
$restrictions{$chain} , $restrictions{$chain} ,
do_proto( $proto, $ports, $sports) . do_user( $user ) . do_test( $testval, $mask ) . do_tos( $tos ) . do_connbytes( $connbytes ) . do_helper( $helper ), do_proto( $proto, $ports, $sports) .
do_user( $user ) .
do_test( $testval, $mask ) .
do_length( $length ) .
do_tos( $tos ) .
do_connbytes( $connbytes ) .
do_helper( $helper ),
$source , $source ,
$dest , $dest ,
'' , '' ,