mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-23 22:58:52 +01:00
Fix ECN handling with MANGLE_FORWARD=Yes
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6955 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
4a9cda63ea
commit
ad2cf6706a
@ -8,6 +8,8 @@ Changes in 4.0.1
|
||||
|
||||
4) Corrent handling of 'PATH' in Shorewall-perl.
|
||||
|
||||
5) Correct handling of ECN with MANGLE_FORWARD.
|
||||
|
||||
Changes in 4.0.0 Final
|
||||
|
||||
1) Fix lite install.sh manpage problem.
|
||||
|
@ -58,6 +58,10 @@ Problems corrected in 4.0.1.
|
||||
6) If no PATH was available when Shorewall-perl is run, a Perl run-time
|
||||
warning was issued.
|
||||
|
||||
7) If the "Mangle FORWARD Chain" capability was supported, entries in
|
||||
the /etc/shorewall/ecn file would cause invalid iptables
|
||||
commands to be generated.
|
||||
|
||||
Other changes in Shorewall 4.0.1.
|
||||
|
||||
1) A new EXPAND_POLICIES option is added to shorewall.conf. The
|
||||
|
@ -869,13 +869,8 @@ setup_ecn() # $1 = file name
|
||||
flushmangle $chain
|
||||
else
|
||||
createmanglechain $chain
|
||||
|
||||
if [ -n "$MANGLE_FORWARD" ]; then
|
||||
run_iptables -t mangle -A PREROUTING -p tcp -o $interface -j $chain
|
||||
else
|
||||
run_iptables -t mangle -A POSTROUTING -p tcp -o $interface -j $chain
|
||||
run_iptables -t mangle -A OUTPUT -p tcp -o $interface -j $chain
|
||||
fi
|
||||
run_iptables -t mangle -A POSTROUTING -p tcp -o $interface -j $chain
|
||||
run_iptables -t mangle -A OUTPUT -p tcp -o $interface -j $chain
|
||||
fi
|
||||
done
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user