From a6c9e804df158618f2ac879805f34b953416676d Mon Sep 17 00:00:00 2001 From: teastep Date: Mon, 11 Dec 2006 21:51:35 +0000 Subject: [PATCH] Allow physdev match without bridging git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5102 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall/compiler | 10 +++++----- Shorewall/firewall | 4 ++-- Shorewall/lib.dynamiczones | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Shorewall/compiler b/Shorewall/compiler index 8e1e34df5..8b6d4cb53 100755 --- a/Shorewall/compiler +++ b/Shorewall/compiler @@ -138,7 +138,7 @@ run_iptables() { # # Purge the temporary files that we use to prevent duplicate '-m' specifications # - [ -n "$BRIDGING" ] && [ -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev + [ -n "$PHYSDEV_MATCH" ] && [ -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev [ -n "$IPRANGE_MATCH" ] && [ -f $TMP_DIR/iprange ] && rm -f $TMP_DIR/iprange fi @@ -153,7 +153,7 @@ run_iptables2() { # # Purge the temporary files that we use to prevent duplicate '-m' specifications # - [ -n "$BRIDGING" ] && [ -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev + [ -n "$PHYSDEV_MATCH" ] && [ -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev [ -n "$IPRANGE_MATCH" ] && [ -f $TMP_DIR/iprange ] && rm -f $TMP_DIR/iprange fi @@ -168,7 +168,7 @@ qt_iptables() { # # Purge the temporary files that we use to prevent duplicate '-m' specifications # - [ -n "$BRIDGING" ] && [ -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev + [ -n "$PHYSDEV_MATCH" ] && [ -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev [ -n "$IPRANGE_MATCH" ] && [ -f $TMP_DIR/iprange ] && rm -f $TMP_DIR/iprange fi @@ -3883,7 +3883,7 @@ activate_rules() if havenatchain $destchain ; then run_iptables2 -t nat -A $sourcechain $@ -j $destchain elif [ -z "$KLUDGEFREE" ]; then - [ -n "$BRIDGING" -a -f $TMP_DIR/physdev ] && -rm -f $TMP_DIR/physdev + [ -n "$PHYSDEV_MATCH" -a -f $TMP_DIR/physdev ] && -rm -f $TMP_DIR/physdev [ -n "$IPRANGE_MATCH" -a -f $TMP_DIR/iprange ] && rm -f $TMP_DIR/iprange fi } @@ -3903,7 +3903,7 @@ activate_rules() \$${sourcechain}_rule $@ -j $destchain eval ${sourcechain}_rule=\$\(\(\$${sourcechain}_rule + 1\)\) elif [ -z "$KLUDGEFREE" ]; then - [ -n "$BRIDGING" -a -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev + [ -n "$PHYSDEV_MATCH" -a -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev [ -n "$IPRANGE_MATCH" -a -f $TMP_DIR/iprange ] && rm -f $TMP_DIR/iprange fi diff --git a/Shorewall/firewall b/Shorewall/firewall index b2fe54758..10fb676df 100755 --- a/Shorewall/firewall +++ b/Shorewall/firewall @@ -92,7 +92,7 @@ run_iptables() { # # Purge the temporary files that we use to prevent duplicate '-m' specifications # - [ -n "$BRIDGING" ] && [ -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev + [ -n "$PHYSDEV_MATCH" ] && [ -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev [ -n "$IPRANGE_MATCH" ] && [ -f $TMP_DIR/iprange ] && rm -f $TMP_DIR/iprange fi @@ -129,7 +129,7 @@ qt_iptables() { # # Purge the temporary files that we use to prevent duplicate '-m' specifications # - [ -n "$BRIDGING" ] && [ -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev + [ -n "$PHYSDEV_MATCH" ] && [ -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev [ -n "$IPRANGE_MATCH" ] && [ -f $TMP_DIR/iprange ] && rm -f $TMP_DIR/iprange fi diff --git a/Shorewall/lib.dynamiczones b/Shorewall/lib.dynamiczones index ec13ead60..e2ce9e37d 100644 --- a/Shorewall/lib.dynamiczones +++ b/Shorewall/lib.dynamiczones @@ -42,7 +42,7 @@ add_to_zone() # $1...${n-1} = [:] $n = zone do_iptables() # $@ = command { - [ -n "$BRIDGING" ] && [ -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev + [ -n "$PHYSDEV_MATCH" ] && [ -f $TMP_DIR/physdev ] && rm -f $TMP_DIR/physdev [ -n "$IPRANGE_MATCH" ] && [ -f $TMP_DIR/iprange ] && rm -f $TMP_DIR/iprange if ! $IPTABLES $@ ; then