extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-20 09:47:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

Remove documentation for find_interface_by_mac()

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2521 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-08-18 20:18:08 +00:00
parent a77c49a02e
commit e4433f4b8f
4 changed files with 18 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Shorewall/changelog.txt
View File

@ -7,9 +7,7 @@ Changes in 2.5.3
3) Set COMMAND=restore in restore-base. 3) Set COMMAND=restore in restore-base.
4) Implement find_interface_by_mac() 4) Allow exclusion lists in actions.
5) Allow exclusion lists in actions.
Changes in 2.5.2 Changes in 2.5.2

13
Shorewall/firewall
View File

@ -1406,6 +1406,14 @@ validate_policy()
ALL_POLICY_CHAINS= ALL_POLICY_CHAINS=
for zone in $ZONES $FW; do
chain=${zone}2${zone}
eval ${chain}_is_policy=Yes
eval ${chain}_is_optional=Yes
eval ${chain}_policy=ACCEPT
ALL_POLICY_CHAINS="$ALL_POLICY_CHAINS $chain"
done
strip_file policy strip_file policy
while read client server policy loglevel synparams; do while read client server policy loglevel synparams; do
@ -1472,7 +1480,7 @@ validate_policy()
chain=${client}2${server} chain=${client}2${server}
if is_policy_chain $chain ; then if is_policy_chain $chain ; then
startup_error "Duplicate policy $policy" startup_error "Duplicate policy: $client $server $policy"
fi fi
[ "x$loglevel" = "x-" ] && loglevel= [ "x$loglevel" = "x-" ] && loglevel=
@ -7724,6 +7732,7 @@ apply_policy_rules() {
eval loglevel=\$${chain}_loglevel eval loglevel=\$${chain}_loglevel
eval synparams=\$${chain}_synparams eval synparams=\$${chain}_synparams
eval epolicy=\$${chain}_epolicy eval epolicy=\$${chain}_epolicy
eval optional=\$${chain}_is_optional
[ -n "$synparams" ] && setup_syn_flood_chain $chain $synparams $loglevel [ -n "$synparams" ] && setup_syn_flood_chain $chain $synparams $loglevel
@ -7731,7 +7740,7 @@ apply_policy_rules() {
[ "$epolicy" = ACCEPT ] && ordinal=2 || ordinal=3 [ "$epolicy" = ACCEPT ] && ordinal=2 || ordinal=3
[ -n "$synparams" ] && \ [ -n "$synparams" ] && \
run_iptables -I $chain $ordinal -p tcp --syn -j @$chain run_iptables -I $chain $ordinal -p tcp --syn -j @$chain
elif [ "$policy" != CONTINUE ]; then elif [ -z "$optional" -a "$policy" != CONTINUE ]; then
# #
# The chain doesn't exist. Create the chain and add policy # The chain doesn't exist. Create the chain and add policy
# rules # rules

6
Shorewall/policy
View File

@ -10,6 +10,12 @@
# source/destination pair, the file is processed in order until a # source/destination pair, the file is processed in order until a
# match is found ("all" will match any client or server). # match is found ("all" will match any client or server).
# #
# INTRA-ZONE POLICIES ARE PRE-DEFINED
#
# For $FW and for all of the zoned defined in /etc/shorewall/zones,
# the POLICY for connections from the zone to itself is ACCEPT and may
# not be modified by entries in this file.
#
# Columns are: # Columns are:
# #
# SOURCE Source zone. Must be the name of a zone defined # SOURCE Source zone. Must be the name of a zone defined

33
Shorewall/releasenotes.txt
View File

@ -17,23 +17,6 @@ New Features in Shorewall 2.5.3
scripts. The value of this variable is sometimes of interest to scripts. The value of this variable is sometimes of interest to
programmers providing custom /etc/shorewall/tcstart scripts. programmers providing custom /etc/shorewall/tcstart scripts.
4) If you have problems with ethernet interfaces switching names when
your system is rebooted, you can now work around the problem. For
each interface, select a shell variable name and set the variable
to the value echoed by the 'find_interface_by_mac' function.
Example: To set EXT_IF to the interface with MAC address
00:02:e3:08:55:fa, in /etc/shorewall/params:
EXT_IF=$(find_interface_by_mac 00:02:e3:08:55:fa)
Now simply use $EXT_IF any time that you wish to refer to that
interface.
WARNING: If you have this problem, you will not wish to use the
"-f" option in the Shorewall SysV init script (usually named
/etc/init.d/shorewall).
Problems Corrected in 2.5.2: Problems Corrected in 2.5.2:
1) You may now include port lists in in the /etc/shorewall/accounting 1) You may now include port lists in in the /etc/shorewall/accounting
@ -408,20 +391,4 @@ New Features in Shorewall 2.5.*
scripts. The value of this variable is sometimes of interest to scripts. The value of this variable is sometimes of interest to
programmers providing custom /etc/shorewall/tcstart scripts. programmers providing custom /etc/shorewall/tcstart scripts.
14) If you have problems with ethernet interfaces switching names when
your system is rebooted, you can now work around the problem. For
each interface, select a shell variable name and set the variable
to the value echoed by the 'find_interface_by_mac' function.
Example: To set EXT_IF to the interface with MAC address
00:02:e3:08:55:fa, in /etc/shorewall/params:
EXT_IF=$(find_interface_by_mac 00:02:e3:08:55:fa)
Now simply use $EXT_IF any time that you wish to refer to that
interface.
WARNING: If you have this problem, you will not wish to use the
"-f" option in the Shorewall SysV init script (usually named
/etc/init.d/shorewall).