From b4cc254fef0bfd9b3e6d745eca1cd582981fa683 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Fri, 12 Dec 2008 23:31:57 +0000
Subject: [PATCH] Fix DHCP rule in stop_firewall()

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9010 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-common/releasenotes.txt    | 5 +++--
 Shorewall-perl/Shorewall/Compiler.pm | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/Shorewall-common/releasenotes.txt b/Shorewall-common/releasenotes.txt
index b4a6bce84..7df1ccfd1 100644
--- a/Shorewall-common/releasenotes.txt
+++ b/Shorewall-common/releasenotes.txt
@@ -19,8 +19,8 @@ Other changes in 4.3.2
     an anycast or multicast destination address.
 
 3)  The nosmurfs option has been added to
-    /etc/shorewall8/interfaces. The option drops incoming packets whose
-    source address is an anycast or multicast addreess.
+    /etc/shorewall8/interfaces. The option drops incoming packets with
+    a source address that is an anycast or multicast addreess.
 
 4)  Multi-ISP is now enabled in Shorewall8.
 
@@ -61,6 +61,7 @@ New Features in Shorewall 4.3
 	blacklist
         bridge
 	dhcp
+	nosmurfs
 	optional
 	routeback
 	sourceroute
diff --git a/Shorewall-perl/Shorewall/Compiler.pm b/Shorewall-perl/Shorewall/Compiler.pm
index b082425fe..b683abebc 100644
--- a/Shorewall-perl/Shorewall/Compiler.pm
+++ b/Shorewall-perl/Shorewall/Compiler.pm
@@ -527,7 +527,7 @@ EOF
 	    #
 	    # This might be a bridge
 	    #
-	    emit "do_iptables -A FORWARD -p udp -i $interface -o $interface --dport $ports-j ACCEPT";
+	    emit "do_iptables -A FORWARD -p udp -i $interface -o $interface --dport $ports -j ACCEPT";
 	}
     }