Update Version to Beta3

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5276 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2024-11-25 17:13:11 +01:00 · 2007-01-22 16:04:11 +00:00 · 2007-01-22 16:04:11 +00:00 · 9b1e179b6b
commit 9b1e179b6b
parent 9a552c06b1
12 changed files with 35 additions and 17 deletions
--- a/Shorewall-lite/fallback.sh
+++ b/Shorewall-lite/fallback.sh
@ -28,7 +28,7 @@
 #       shown below. Simply run this script to revert to your prior version of
 #       Shoreline Firewall.

-VERSION=3.4.0-Beta2
+VERSION=3.4.0-Beta3

 usage() # $1 = exit status
 {
--- a/Shorewall-lite/install.sh
+++ b/Shorewall-lite/install.sh
@ -22,7 +22,7 @@
 #       Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #

-VERSION=3.4.0-Beta2
+VERSION=3.4.0-Beta3

 usage() # $1 = exit status
 {
--- a/Shorewall-lite/shorewall-lite.spec
+++ b/Shorewall-lite/shorewall-lite.spec
@ -1,6 +1,6 @@
 %define name shorewall-lite
 %define version 3.4.0
-%define release 0Beta2
+%define release 0Beta3
 %define prefix /usr

 Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems.
@ -99,6 +99,8 @@ fi
 %doc COPYING changelog.txt releasenotes.txt

 %changelog
+* Mon Jan 22 2007 Tom Eastep tom@shorewall.net
+- Updated to 3.4.0-0Beta3
 * Wed Jan 03 2007 Tom Eastep tom@shorewall.net
 - Updated to 3.4.0-0Beta2
 - Handle rename of shorewall.conf
--- a/Shorewall-lite/uninstall.sh
+++ b/Shorewall-lite/uninstall.sh
@ -26,7 +26,7 @@
 #       You may only use this script to uninstall the version
 #       shown below. Simply run this script to remove Shorewall Firewall

-VERSION=3.4.0-Beta2
+VERSION=3.4.0-Beta3

 usage() # $1 = exit status
 {
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@ -8,6 +8,9 @@ Changes in 3.4.0 Beta 3

 4)  'noah' is implied by ipsecnat in /etc/shorewall/tunnels.

+5)  Reduce the number of rules in the 'blacklst' chain when
+    BLACKLIST_LOGLEVEL is specified.
+
 Changes in 3.4.0 Beta 2

 1)  Fix for empty blacklist file.
--- a/Shorewall/compiler
+++ b/Shorewall/compiler
@ -3208,11 +3208,7 @@ rules_chain() # $1 = source zone, $2 = destination zone
 #   $dport       = destination port selector
 #
 add_blacklist_rule() {
-    if [ -n "$BLACKLIST_LOGLEVEL" ]; then
-	log_rule $BLACKLIST_LOGLEVEL blacklst $BLACKLIST_DISPOSITION  $(fix_bang $source $proto $dport)
-    fi
-
-    run_iptables2 -A blacklst $source $proto $dport -j $disposition
+    run_iptables2 -A blacklst $source $proto $dport -j $target
 }

 #
@ -3299,11 +3295,14 @@ process_blacklist()
 {
    local disposition=$BLACKLIST_DISPOSITION
    local f=$(find_file blacklist)
+    local target

    if [ -s $TMP_DIR/blacklist ]; then

 	[ "$disposition" = REJECT ] && disposition=reject

+	[ -n "$BLACKLIST_LOGLEVEL" ] && target=blacklog || target=$disposition
+
 	progress_message2 "Compiling $f..."

 	cat >&3 << __EOF__
@ -3314,7 +3313,7 @@ load_blacklist()
 {
 __EOF__
 	INDENT="    "
-	
+
 	while read networks protocol ports; do
 	    process_blacklist_rec
 	done < $TMP_DIR/blacklist
@ -3337,6 +3336,17 @@ setup_blacklist() {

 	createchain blacklst no

+	if [ -n "$BLACKLIST_LOGLEVEL" ]; then
+	    createchain blacklog no
+	    log_rule_limit $BLACKLIST_LOGLEVEL blacklog blacklst $BLACKLIST_DISPOSITION "$LOGLIMIT" "" -A
+	    
+	    if [ $BLACKLIST_DISPOSITION = REJECT ]; then
+		run_iptables -A blacklog -j reject
+	    else
+		run_iptables -A blacklog -j $BLACKLIST_DISPOSITION
+	    fi
+	fi
+
 	[ -n "$BLACKLISTNEWONLY" ] && state="-m state --state NEW,INVALID" || state=

 	for host in $hosts; do
--- a/Shorewall/fallback.sh
+++ b/Shorewall/fallback.sh
@ -28,7 +28,7 @@
 #       shown below. Simply run this script to revert to your prior version of
 #       Shoreline Firewall.

-VERSION=3.4.0-Beta2
+VERSION=3.4.0-Beta3

 usage() # $1 = exit status
 {
--- a/Shorewall/install.sh
+++ b/Shorewall/install.sh
@ -22,7 +22,7 @@
 #       Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #

-VERSION=3.4.0-Beta2
+VERSION=3.4.0-Beta3

 usage() # $1 = exit status
 {
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@ -61,6 +61,9 @@ Other Changes in 3.4.0 Beta 3
    (unless 'isecnat:noah' was given). Given that AH is incompatible
    with nat-traversal, 'ipsecnat' now implies 'ipsecnat:noah'.

+2)  Shorewall now generates half as many rules as previously in the
+    'blacklst' chain when BLACKLIST_LOGLEVEL is specified.
+
 Migration Considerations:

 1)  Shorewall supports the notion of "default actions". A default
--- a/Shorewall/shorewall.spec
+++ b/Shorewall/shorewall.spec
@ -1,6 +1,6 @@
 %define name shorewall
 %define version 3.4.0
-%define release 0Beta2
+%define release 0Beta3
 %define prefix /usr

 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
@ -257,6 +257,8 @@ fi
 %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn Samples

 %changelog
+* Mon Jan 22 2007 Tom Eastep tom@shorewall.net
+- Updated to 3.4.0-0Beta3
 * Wed Jan 03 2007 Tom Eastep tom@shorewall.net
 - Updated to 3.4.0-0Beta2
 * Thu Dec 14 2006 Tom Eastep tom@shorewall.net
--- a/Shorewall/uninstall.sh
+++ b/Shorewall/uninstall.sh
@ -26,7 +26,7 @@
 #       You may only use this script to uninstall the version
 #       shown below. Simply run this script to remove Shorewall Firewall

-VERSION=3.4.0-Beta2
+VERSION=3.4.0-Beta3

 usage() # $1 = exit status
 {
--- a/tools/build/publish
+++ b/tools/build/publish
@ -93,9 +93,7 @@ while [ $# -gt 0 ]; do
 		f="$WEBSITE/$b"
 	    fi

-	    GENTOC=
-
-	    list_search $1 $NOTOC && GENTOC="--stringparam generate.toc ''"
+	    list_search $1 $NOTOC && GENTOC="--stringparam generate.toc ''" || GENTOC=

 	    echo "Converting $1 from XML to HTML ($b) ..."