More combining of products

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9489 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2009-02-22 17:43:56 +00:00
parent f68ec9d096
commit c355ec2509
9 changed files with 20 additions and 1752 deletions

View File

@ -1,172 +1,2 @@
Changes in Shorewall 4.2.7
Changes in Shorewall 4.3.5
1) Added /etc/shorewall/notrack.
2) Added new columns to the routestopped file.
3) Moved tunnel rules back to the front of the NEW section.
4) Handle long sport lists.
Changes in Shorewall 4.2.6
1) Added macro.BitTorrent32
2) Add COUNT action.
3) Add swping
4) Add RESTORE_DEFAULT_ROUTE option
5) Use dhcpcd's database to detect dynamic gateways.
6) Fix TCP_FLAGS_DISPOSITION=REJECT
7) Allow protocol and port inversion.
8) Don't check for "-m state" until after modules are loaded
9) Fix Shorewall6[-lite]/Makefile
10) Reorganized generated script to be more like 4.3.
11) Added 'restored' script.
12) Another ctorigdstport fix.
13) Allow 'here documents' in extension scripts
14) Another ctorigdst fix.
15) Add flow key support.
16) Fix 'show connections'.
Changes in Shorewall 4.2.5
1) Add 'fallback' providers option.
2) Support for xtables-addons IPP2P.
3) Slow down startup some more by adding more modules and modules
search directories.
4) Fix 'shorewall6 debug start'
5) Added macro.Git.
6) Fix running of tcclear script.
7) Added macro.IRC.
8) Fix --ctorigport usage
Changes in Shorewall 4.2.4.6
1) Fix hosts exclusion in DNAT/REDIRECT.
2) Work around http://rt.cpan.org/Public/Bug/Display.html?id=13851
Changes in Shorewall 4.2.4.5
1) Fix critical hosts handling in Shorewall6.
Changes in Shorewall 4.2.4.4
1) Fix exclusion yet another time.
Changes in Shorewall 4.2.4.3
1) Fix exclusion again
Changes in Shorewall 4.2.4.2
1) Fix 'refresh'
Changes in Shorewall 4.2.4.1
1) Fix 'shorewall6 restore' etc.
2) Fix init scripts.
Changes in Shorewall 4.2.4-RC3
1) Fix exclusion handling with certain hosts options.
2) Rework zone exclusion to more accurately model what the user specifies.
Changes in Shorewall 4.2.4-RC2
1) Update samples.
2) Remove special handling of 2000::/3 routes.
3) Fix handling of multi-zone interfaces.
Changes in Shorewall 4.2.4-RC1
1) Merge changes from 4.3.3 -- IPv6 support.
Changes in Shorewall 4.2.3
1) Verify User/Group names.
2) Don't allow compiled script named 'shorewall'.
3) Avoid problems when '$' appears on the first line of
/etc/shorewall/compile.
4) Add the output of "netstat -tunap" to dump
5) Allow '+' as an interface.
6) Change ipp2p detection to support latest version.
7) Fix NEW_CONNTRACK_MATCH.
8) Make use of --goto.
9) Allow ressetting individual chains.
10) Correct faulty optimization.
Changes in Shorewall 4.2.2
1) Insure that lines copied from a user file are newline-terminated.
2) Added macro.JAP.
3) Added macro.DAAP.
4) Added macro.DCC.
5) Added macro.GNUnet.
6) Prevent invalid rules when KLUDGEFREE is not set.
7) Separated detection of old conntrack syntax from new conntrack
feature detection.
8) Fix nonat rules with destination IP address.
9) Correct NEW_CONNTRACK_MATCH with server port but no dest port.
Changes in Shorewall 4.2.1
1) Added CONNBYTES to tcrules manpage. Flesh out description of HELPER.
2) Fixed minor CONNBYTES editing issue.
3) Add CONNLIMIT to policy and rules.
4) Allow use of iptables-1.4.1.
5) Add time match support.
6) Applied Lennart Sorensen's patch for length match.
7) Take advantage of --ctorigdstport
8) Fix syntax error in 'export'
Initial release of Shorewall 4.2.0.

View File

@ -1,6 +1,6 @@
#! /usr/bin/perl -w
#
# The Shoreline Firewall4 (Shorewall-perl) Packet Filtering Firewall Compiler - V4.2
# The Shoreline Firewall4 (Shorewall-perl) Packet Filtering Firewall Compiler - V4.4
#
# This program is under GPL [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
#

View File

@ -162,8 +162,6 @@ if [ -n "$PREFIX" ]; then
install -d $OWNERSHIP -m 755 ${PREFIX}${DEST}
fi
else
[ -x /usr/share/shorewall-shell/compiler -o -x /usr/share/shorewall-perl/compiler.pl ] || \
{ echo " ERROR: No Shorewall compiler is installed" >&2; exit 1; }
if [ -z "$CYGWIN" ]; then
if [ -d /etc/apt -a -e /usr/bin/dpkg ]; then
DEBIAN=yes

View File

@ -35,7 +35,6 @@ SHOREWALL_CAPVERSION=40205
[ -n "${VARDIR:=/var/lib/shorewall}" ]
[ -n "${SHAREDIR:=/usr/share/shorewall}" ]
[ -n "${CONFDIR:=/etc/shorewall}" ]
PERLSHAREDIR=/usr/share/shorewall-perl
#
# Message to stderr

View File

@ -584,12 +584,12 @@ show_command() {
echo "dropBcast # Silently Drop Broadcast/multicast"
echo "dropInvalid # Silently Drop packets that are in the INVALID conntrack state"
echo "dropNotSyn # Silently Drop Non-syn TCP packets"
echo "drop1918src # Drop packets with an RFC 1918 source address (Shorewall-perl only)"
echo "drop1918dst # Drop packets with an RFC 1918 original dest address (Shorewall-perl only)"
echo "drop1918src # Drop packets with an RFC 1918 source address"
echo "drop1918dst # Drop packets with an RFC 1918 original dest address"
echo "forwardUPnP # Allow traffic that upnpd has redirected from"
echo "rejNotSyn # Silently Reject Non-syn TCP packets"
echo "rej1918src # Reject packets with an RFC 1918 source address (Shorewall-perl only)"
echo "rej1918dst # Reject packets with an RFC 1918 original dest address (Shorewall-perl only)"
echo "rej1918src # Reject packets with an RFC 1918 source address"
echo "rej1918dst # Reject packets with an RFC 1918 original dest address"
if [ -f ${CONFDIR}/actions ]; then
cat ${SHAREDIR}/actions.std ${CONFDIR}/actions | grep -Ev '^\#|^$'
@ -696,10 +696,6 @@ dump_command() {
clear_term
echo "$PRODUCT $version Dump at $HOSTNAME - $(date)"
echo
if [ -f /usr/share/shorewall-perl/version ]; then
echo " Shorewall-perl $(cat /usr/share/shorewall-perl/version)"
echo
fi
show_reset
host=$(echo $HOSTNAME | sed 's/\..*$//')

View File

@ -1890,7 +1890,7 @@ do_initialize() {
[ -f $VERSION_FILE ] && VERSION=$(cat $VERSION_FILE)
[ -d /usr/share/shorewall-perl ] && set -a;
set -a;
run_user_exit params

File diff suppressed because it is too large Load Diff

View File

@ -379,7 +379,7 @@ compiler() {
run_user_exit params
set +a
perl $debugflags /usr/share/shorewall-perl/compiler.pl $options $@
perl $debugflags /usr/share/shorewall/compiler.pl $options $@
}
#
@ -1524,11 +1524,6 @@ version_command() {
echo $version
if [ -n "$all" ]; then
if [ -f /usr/share/shorewall-perl/version ]; then
echo "Shorewall-perl $(cat /usr/share/shorewall-perl/version)"
fi
fi
}
if [ $# -eq 0 ]; then

View File

@ -1,4 +1,4 @@
%define name shorewall-common
%define name shorewall
%define version 4.2.7
%define release 0base
@ -13,20 +13,14 @@ Source: %{name}-%{version}.tgz
URL: http://www.shorewall.net/
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-root
Requires: iptables iproute shorewall_compiler
Requires: iptables iproute
Supersedes: shorewall-common shorewall-perl
%description
The Shoreline Firewall, more commonly known as "Shorewall", is a Netfilter
(iptables) based firewall that can be used on a dedicated firewall system,
a multi-function gateway/ router/server or on a standalone GNU/Linux system.
Shorewall offers two alternative firewall compilers, shorewall-perl and
shorewall-shell. The shorewall-perl compilers is suggested for new installed
systems and shorewall-shell is provided for backwards compability and smooth
legacy system upgrades because shorewall perl is not fully compatible with
all legacy configurations.
%prep
%setup
@ -136,6 +130,10 @@ fi
%attr(0644,root,root) /usr/share/shorewall/configpath
%attr(0755,root,root) /usr/share/shorewall/wait4ifup
%attr(755,root,root) /usr/share/shorewall/compiler.pl
%attr(0644,root,root) /usr/share/shorewall/prog.*
%attr(0644,root,root) /usr/share/shorewall/Shorewall/*.pm
%attr(0644,root,root) /usr/share/shorewall/configfiles/shorewall.conf
%attr(0644,root,root) /usr/share/shorewall/configfiles/zones
%attr(0644,root,root) /usr/share/shorewall/configfiles/policy