From d1fc2daf9d53c3e032bc97b019151a5f908da93e Mon Sep 17 00:00:00 2001 From: teastep Date: Mon, 28 Jun 2004 17:35:03 +0000 Subject: [PATCH] Fix bogus code in process_tc_rule() git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1411 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- STABLE2/changelog.txt | 2 ++ STABLE2/firewall | 6 +----- STABLE2/releasenotes.txt | 5 +++++ 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/STABLE2/changelog.txt b/STABLE2/changelog.txt index 5f15550f2..5ab89b4a7 100644 --- a/STABLE2/changelog.txt +++ b/STABLE2/changelog.txt @@ -34,3 +34,5 @@ Changes since 2.0.2 comments in the rules file WRT "all" in SOURCE or DEST. 16) Pass INVALID icmp packets through the blacklisting chains. + +17) Fix bogus code in process_tc_rule() diff --git a/STABLE2/firewall b/STABLE2/firewall index d684f0d4b..26b5296ce 100755 --- a/STABLE2/firewall +++ b/STABLE2/firewall @@ -2052,11 +2052,7 @@ process_tc_rule() esac fi - if [ "x$dest" != "x-" ]; then - verify_interface $dest || fatal_error "Unknown interface $dest in rule \"$rule\"" - r="${r}$(match_dest_dev $dest) " - fi - + [ "x$dest" = "x-" ] || r="${r}-d $dest " [ "$proto" = "all" ] || r="${r}-p $proto " [ "x$port" = "x-" ] || r="${r}--dport $port " [ "x$sport" = "x-" ] || r="${r}--sport $sport " diff --git a/STABLE2/releasenotes.txt b/STABLE2/releasenotes.txt index 71755621f..0df160bb5 100644 --- a/STABLE2/releasenotes.txt +++ b/STABLE2/releasenotes.txt @@ -44,6 +44,11 @@ Problems Corrected since 2.0.2 not possible to blacklist hosts that are mounting certain types of ICMP-based DOS attacks. +Problems corrected since 2.0.3: + +1) Non-empty entries in the /etc/shorewall/tcrules DEST column + generated an error message and Shorewall failed to start. + ----------------------------------------------------------------------- Issues when migrating from Shorewall 2.0.2 to Shorewall 2.0.3: