Release documentation for interface lists in masq and nat files

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8070 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2024-11-15 04:04:10 +01:00 · 2008-01-15 03:48:37 +00:00 · 2008-01-15 03:48:37 +00:00 · d189364d9a
commit d189364d9a
parent da02d6d9af
2 changed files with 53 additions and 2 deletions
--- a/Shorewall-common/changelog.txt
+++ b/Shorewall-common/changelog.txt
@ -8,7 +8,9 @@ Changes in 4.1.4

 3)  Don't fully populate /etc/shorewall under Cygwin

-4)  Fix part of the DNAT/REDIRECT fiasco.
+4)  Fix the DNAT/REDIRECT fiasco.
+
+5)  Allow interface lists in the masq and nat files.

 Changes in 4.1.3

--- a/Shorewall-common/releasenotes.txt
+++ b/Shorewall-common/releasenotes.txt
@ -89,6 +89,55 @@ Other changes in Shorewall 4.1.4.
 	     REDIRECT-
 	     DNAT-

+3)  The /etc/shorewall/masq and /etc/shorewall/nat file now accept a
+    comma-separated list of interface names where before only a single
+    interface name could be listed (Shorewall-perl only).
+
+    This feature is not for beginners. It iterates over the
+    list of interfaces, substituting each interface in place of the
+    list and processing the resulting entry according to the semantics
+    of earlier Shorewall versions. If you don't know where to use this,
+    don't try.
+
+    Example 1:
+
+    /etc/shorewall/masq:
+
+    #INTERFACE              SOURCE          ADDRESS
+    eth0,eth1		    eth2	    1.2.3.4
+
+    equivalent to:
+
+    #INTERFACE              SOURCE          ADDRESS
+    eth0		    eth2	    1.2.3.4
+    eth1		    eth2	    1.2.3.4
+
+    Example 2:
+
+    /etc/shorewall/masq:
+
+    #INTERFACE			SOURCE      ADDRESS
+    eth0,eth1::192.168.1.0/24	eth2	    1.2.3.4
+
+    equivalent to:
+
+    #INTERFACE              SOURCE          ADDRESS
+    eth0::192.168.1.0/24    eth2	    1.2.3.4
+    eth1::192.168.1.0/24    eth2	    1.2.3.4
+
+    Example 3:
+
+    /etc/shorewall/nat:
+
+    #EXTERNAL        INTERFACE       INTERNAL
+    206.124.146.178  eth0,wlan0      192.168.1.3
+
+    equivalent to:
+
+    #EXTERNAL        INTERFACE       INTERNAL
+    206.124.146.178  eth0            192.168.1.3
+    206.124.146.178  wlan0           192.168.1.3
+
 Migration Issues.

 1)  Previously, when HIGH_ROUTE_MARKS=Yes, Shorewall allowed non-zero