Remove extended mark requirement to use 'track' with HIGH_ROUTE_MARKS=No

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@4237 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/changelog.txt

@@ -4,3 +4,6 @@ Changes in 3.3.0
 
 2) Fixed output of 'hits' command under busybox 1.2.0.
 
+3)  Remove requirement for extended marks with 'track'.
+
+

Shorewall/compiler

@@ -6074,9 +6074,9 @@ rules_chain() # $1 = source zone, $2 = destination zone
 #
 setup_routes()
 {
-    local mask=0xFF
+    local mask=0xFF mark_op="--set-mark"
 
-    [ -n "$HIGH_ROUTE_MARKS" ] && mask=0xFF00
+    [ -n "$HIGH_ROUTE_MARKS" ] && mask=0xFF00 && mark_op="--or-mark"
 
     run_iptables -t mangle -A PREROUTING -m connmark ! --mark 0/$mask -j CONNMARK --restore-mark --mask $mask
     run_iptables -t mangle -A OUTPUT     -m connmark ! --mark 0/$mask -j CONNMARK --restore-mark --mask $mask
@@ -6088,7 +6088,7 @@ setup_routes()
 	eval mark_value=\$${iface}_routemark
 
 	run_iptables -t mangle -A PREROUTING -i $interface -m mark --mark 0/$mask -j routemark
-	run_iptables -t mangle -A routemark  -i $interface                        -j MARK --or-mark $mark_value
+	run_iptables -t mangle -A routemark  -i $interface                        -j MARK $mark_op $mark_value
 
     done
 

Shorewall/releasenotes.txt

@@ -50,6 +50,9 @@ Migration Considerations:
     removed. Please use ipsets to implement dynamic zones as described
     in http://www.shorewall.net/DynamicZones.html.
 
+2)  Shorewall no longer requires extended MARK support to use the 'track'
+    provider option when HIGH_ROUTE_MARKS=No.
+
 New Features:
 
 None.