From a546817aa6945e9b66114ba946c74d0e0d1f4927 Mon Sep 17 00:00:00 2001 From: teastep Date: Tue, 18 May 2004 13:56:35 +0000 Subject: [PATCH] Backport fixes; allow bang in accounting rules git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1336 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall2/changelog.txt | 4 +++- Shorewall2/firewall | 10 ++++++---- Shorewall2/releasenotes.txt | 2 +- 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/Shorewall2/changelog.txt b/Shorewall2/changelog.txt index 99cea9575..5c2139497 100644 --- a/Shorewall2/changelog.txt +++ b/Shorewall2/changelog.txt @@ -5,4 +5,6 @@ Changes since 2.0.2 2) Restore file now loads kernel modules. -3) Minor tweaks to the restore mechanism. \ No newline at end of file +3) Minor tweaks to the restore mechanism. + +4) Allow "!" in accounting rules. diff --git a/Shorewall2/firewall b/Shorewall2/firewall index 6b68482bc..55d02dcef 100755 --- a/Shorewall2/firewall +++ b/Shorewall2/firewall @@ -2238,8 +2238,8 @@ process_accounting_rule() { ensurechain1 $chain - if iptables -A $chain $rule ; then - [ "x$rule2" != x ] && run_iptables -A $jumpchain $rule2 + if iptables -A $chain $(fix_bang $rule) ; then + [ -n "$rule2" ] && run_iptables2 -A $jumpchain $rule2 progress_message " Accounting rule" $action $chain $source $dest $proto $port $sport Added else accounting_error @@ -2730,7 +2730,7 @@ process_actions1() { case $temp in ACCEPT|REJECT|DROP) eval ${temp}_common=$xaction - if ! list_search $xaction $USEDACTIONS; then + if [ -n "$xaction" ] && ! list_search $xaction $USEDACTIONS; then USEDACTIONS="$USEDACTIONS $xaction" [ $COMMAND = check ] || createactionchain $xaction fi @@ -5415,6 +5415,8 @@ define_firewall() # $1 = Command (Start or Restart) verify_os_version verify_ip + [ -d /var/lib/shorewall ] || mkdir -p /var/lib/shorewall + echo '#bin/sh' > /var/lib/shorewall/restore-$$ save_command "# Restore base file generated $(date)" save_command ". /usr/share/shorewall/functions" @@ -5952,7 +5954,7 @@ do_initialize() { determine_capabilities [ -z "${STATEDIR}" ] && STATEDIR=/var/state/shorewall - + [ -d $STATEDIR ] || mkdir -p $STATEDIR [ -z "$FW" ] && FW=fw diff --git a/Shorewall2/releasenotes.txt b/Shorewall2/releasenotes.txt index 123f60e8d..0105b6fff 100755 --- a/Shorewall2/releasenotes.txt +++ b/Shorewall2/releasenotes.txt @@ -17,4 +17,4 @@ None. New Features: -None. \ No newline at end of file +1) "!" is now allowed in accounting rules.