diff --git a/Shorewall-perl/Shorewall/Compiler.pm b/Shorewall-perl/Shorewall/Compiler.pm index e24dd1cf9..1a57fc709 100644 --- a/Shorewall-perl/Shorewall/Compiler.pm +++ b/Shorewall-perl/Shorewall/Compiler.pm @@ -980,7 +980,7 @@ sub compiler { # # MACLIST Filtration # - setup_mac_lists 1; + setup_mac_lists 1 if $family == F_IPV4; # # Process the rules file. # @@ -997,7 +997,7 @@ sub compiler { # # MACLIST Filtration again # - setup_mac_lists 2; + setup_mac_lists 2 if $family == F_IPV4; # # Apply Policies # diff --git a/Shorewall-perl/Shorewall/Config.pm b/Shorewall-perl/Shorewall/Config.pm index 2da9de88d..f104c6ac3 100644 --- a/Shorewall-perl/Shorewall/Config.pm +++ b/Shorewall-perl/Shorewall/Config.pm @@ -422,9 +422,7 @@ sub initialize( $ ) { LOGBURST => undef, LOGALLNEW => undef, BLACKLIST_LOGLEVEL => undef, - MACLIST_LOG_LEVEL => undef, TCP_FLAGS_LOG_LEVEL => undef, - SMURF_LOG_LEVEL => undef, LOG_VERBOSITY => undef, STARTUP_LOG => undef, # @@ -460,7 +458,6 @@ sub initialize( $ ) { # # Firewall Options # - IP_FORWARDING => undef, TC_ENABLED => undef, TC_EXPERT => undef, CLEAR_TC => undef, @@ -470,15 +467,12 @@ sub initialize( $ ) { ADMINISABSENTMINDED => undef, BLACKLISTNEWONLY => undef, MODULE_SUFFIX => undef, - MACLIST_TABLE => undef, - MACLIST_TTL => undef, MAPOLDACTIONS => '', FASTACCEPT => undef, IMPLICIT_CONTINUE => undef, HIGH_ROUTE_MARKS => undef, OPTIMIZE => undef, EXPORTPARAMS => undef, - SHOREWALL_COMPILER => undef, EXPAND_POLICIES => undef, KEEP_RT_TABLES => undef, DELETE_THEN_ADD => undef, @@ -486,12 +480,10 @@ sub initialize( $ ) { DONT_LOAD => '', AUTO_COMMENT => undef, MANGLE_ENABLED => undef , - NULL_ROUTE_RFC1918 => undef , USE_DEFAULT_RT => undef , # # Packet Disposition # - MACLIST_DISPOSITION => undef, TCP_FLAGS_DISPOSITION => undef, BLACKLIST_DISPOSITION => undef, ); diff --git a/Shorewall6/shorewall6 b/Shorewall6/shorewall6 index 78052103d..98ff54f3e 100755 --- a/Shorewall6/shorewall6 +++ b/Shorewall6/shorewall6 @@ -1592,13 +1592,14 @@ case "$COMMAND" in start_command $@ ;; stop|clear) - if [ "x$2" = x-f ]; then - [ -x ${VARDIR}/.restore ] && FIREWALL=${VARDIR}/.restore - shift; - fi - [ $# -ne 1 ] && usage 1 get_config + if [ -x ${VARDIR}/.restore ]; then + FIREWALL=${VARDIR}/.restore + else + fatal_error "Shorewall6 has never been started" + fi + export NOROUTES mutex_on $SHOREWALL_SHELL $FIREWALL $debugging $nolock $COMMAND