Shorewall 2.2.0 RC4

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1889 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-01-07 04:15:58 +00:00
parent ab1d9e870f
commit c5ae67869a
4 changed files with 22 additions and 7 deletions

View File

@ -116,6 +116,10 @@
# matches these options will have their source address # matches these options will have their source address
# changed. # changed.
# #
# Yes or yes -- must be the only option listed
# and matches all outbound traffic that will be
# encrypted.
#
# reqid=<number> where <number> is specified # reqid=<number> where <number> is specified
# using setkey(8) using the 'unique:<number> # using setkey(8) using the 'unique:<number>
# option for the SPD level. # option for the SPD level.

View File

@ -1018,6 +1018,13 @@ case "$1" in
echo echo
ip route ls table $table ip route ls table $table
done done
if qt which lsmod; then
echo
echo "Modules"
echo
lsmod | grep -E '^ip_|^ipt_'
fi
;; ;;
hits) hits)
[ -n "$debugging" ] && set -x [ -n "$debugging" ] && set -x

View File

@ -2162,7 +2162,7 @@ setup_nat() {
} }
do_one_nat() { do_one_nat() {
local add_ip_aliases=$ADD_IP_ALIASES, iface=${interface%:*} local add_ip_aliases=$ADD_IP_ALIASES iface=${interface%:*}
if [ -n "$add_ip_aliases" ]; then if [ -n "$add_ip_aliases" ]; then
case $interface in case $interface in
@ -4879,12 +4879,12 @@ get_routed_networks() # $1 = interface name
setup_masq() setup_masq()
{ {
do_ipsec_options() { do_ipsec_options() {
local options=$(separate_list $ipsec) option local options="$(separate_list $ipsec)" option
policy ="-m policy --pol ipsec --dir out" policy="-m policy --pol ipsec --dir out"
options=$(separate_list $options)
for option in $options; do for option in $options; do
case $option in case $option in
[Yy]es) ;;
strict) policy="$policy --strict" ;; strict) policy="$policy --strict" ;;
next) policy="$policy --next" ;; next) policy="$policy --next" ;;
reqid=*) policy="$policy --reqid ${option#*=}" ;; reqid=*) policy="$policy --reqid ${option#*=}" ;;
@ -4905,7 +4905,7 @@ setup_masq()
} }
setup_one() { setup_one() {
local add_snat_aliases=$ADD_SNAT_ALIASES, pre_nat= policy= destnets= local add_snat_aliases=$ADD_SNAT_ALIASES pre_nat= policy= destnets=
[ "x$ipsec" = x- ] && ipsec= [ "x$ipsec" = x- ] && ipsec=
@ -4921,7 +4921,11 @@ setup_masq()
policy="-m policy --pol none --dir out" policy="-m policy --pol none --dir out"
;; ;;
*) *)
[ -n "$ipsec" ] && do_ipsec_options || [ -n "$POLICY_MATCH" ] && policy="-m policy --pol none --dir out" if [ -n "$ipsec" ]; then
do_ipsec_options
elif [ -n "$POLICY_MATCH" ]; then
policy="-m policy --pol none --dir out"
fi
;; ;;
esac esac

View File

@ -1 +1 @@
2.2.0-RC3 2.2.0-RC4