From c1298792efcbd49d1f1c481f4adad0cc8bf426ae Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Fri, 27 Apr 2007 18:14:52 +0000
Subject: [PATCH] More flailing with 'detect'

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6141 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall-common/changelog.txt    |  4 ++++
 Shorewall-common/lib.base         | 14 ++++++++++++++
 Shorewall-common/lib.config       | 14 --------------
 Shorewall-common/releasenotes.txt | 11 ++++++++++-
 4 files changed, 28 insertions(+), 15 deletions(-)

diff --git a/Shorewall-common/changelog.txt b/Shorewall-common/changelog.txt
index 7b43cc3e7..b19ded03f 100644
--- a/Shorewall-common/changelog.txt
+++ b/Shorewall-common/changelog.txt
@@ -4,6 +4,10 @@ Changes in 3.9.5
 
 2)  Fix LOGALLNEW.
 
+3)  Implement log level, protocol and port validation.
+
+4)  Fix MACLIST log rule generation problem.
+
 Changes in 3.9.4
 
 1)  Fix port 0 problem (again!).
diff --git a/Shorewall-common/lib.base b/Shorewall-common/lib.base
index e1ff7a576..dc1bdb313 100644
--- a/Shorewall-common/lib.base
+++ b/Shorewall-common/lib.base
@@ -103,6 +103,20 @@ list_search() # $1 = element to search for , $2-$n = list
     return 1
 }
 
+#
+# Undo the effect of 'separate_list()'
+#
+combine_list()
+{
+    local f o=
+
+    for f in $* ; do
+        o="${o:+$o,}$f"
+    done
+
+    echo $o
+}
+
 #
 # Suppress all output for a command
 #
diff --git a/Shorewall-common/lib.config b/Shorewall-common/lib.config
index 6fd41f5ea..9a0edfc8d 100644
--- a/Shorewall-common/lib.config
+++ b/Shorewall-common/lib.config
@@ -98,20 +98,6 @@ separate_list() {
     echo "$newlist"
 }
 
-#
-# Undo the effect of 'separate_list()'
-#
-combine_list()
-{
-    local f o=
-
-    for f in $* ; do
-        o="${o:+$o,}$f"
-    done
-
-    echo $o
-}
-
 #
 # Display elements of a list with leading white space
 #
diff --git a/Shorewall-common/releasenotes.txt b/Shorewall-common/releasenotes.txt
index 1d3c7421f..b0d1faa14 100644
--- a/Shorewall-common/releasenotes.txt
+++ b/Shorewall-common/releasenotes.txt
@@ -21,10 +21,19 @@ Problems corrected in 3.9.5.
     some configurations.
 
 2)  Invalid rules were generated by LOGALLNEW.
+
+3)  Setting MACLIST_LOG_LEVEL="" and MACLIST_DISPOSITION=ACCEPT or
+    MACLIST_DISPOSITION=REJECT resulted in Perl run-time errors.
     
 Other changes in Shorewall 3.9.4
 
-None.
+1)  The Shorewall-perl compiler now validates all log levels. It also
+    validates all protocol names against /etc/protocols and all service
+    names against /etc/services.
+
+    In all cases, the iptables-restore input will include the numeric
+    values associated with log level, protocols and services so that
+    iptables-restore doesn't have to convert these names.
 
 Migration Considerations: