From afd784055816398bed72843ad53ac3990ab0fd16 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Fri, 18 Jul 2003 23:12:34 +0000
Subject: [PATCH] Suppress DHCP message when there are no DHCP rules

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@666 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall/changelog.txt    |  4 +++-
 Shorewall/firewall         | 14 +++++++++-----
 Shorewall/releasenotes.txt |  3 +++
 3 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt
index af7f211f3..aebaf9266 100755
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@@ -48,4 +48,6 @@ Changes since 1.4.5
 
 20. Display policy chain along with policy in 'check' command.
 
-21. Support Linux 2.6 compressed modules.
\ No newline at end of file
+21. Support Linux 2.6 compressed modules.
+
+22. Don't display DHCP message when there are no DHCP interface.
diff --git a/Shorewall/firewall b/Shorewall/firewall
index 718a01c30..61527c546 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -3615,13 +3615,17 @@ add_common_rules() {
     #
     # DHCP
     #
-    echo "Adding rules for DHCP"
+    interfaces=`find_interfaces_by_option dhcp`
 
-    for interface in `find_interfaces_by_option dhcp`; do
-	run_iptables -A `input_chain $interface` -p udp --dport 67:68 -j ACCEPT
-	run_iptables -A OUTPUT	  -o $interface	 -p udp --dport 67:68 -j ACCEPT
-    done
+    if [ -n "$interfaces" ]; then
 
+	echo "Adding rules for DHCP"
+
+	for interface in $interfaces; do
+	    run_iptables -A `input_chain $interface` -p udp --dport 67:68 -j ACCEPT
+	    run_iptables -A OUTPUT    -o $interface  -p udp --dport 67:68 -j ACCEPT
+	done
+    fi
     #
     # RFC 1918
     #
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index 78d69d8da..0e2d14c7f 100755
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -17,6 +17,9 @@ Problems Corrected:
 4) The handling of z1!z2 in the SOURCE column of DNAT and REDIRECT
    rules has been corrected.
 
+5) The message "Adding rules for DHCP" is now suppressed if there are
+   no DHCP rules to add.
+
 Migration Issues:
 
 1) In earlier versions, an undocumented feature allowed entries in