Fix RETAIN_ALIASES=Yes behavior; only 'detect' first address for SNAT

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6149 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-perl/Shorewall/Chains.pm

@@ -105,6 +105,7 @@ our @EXPORT = qw( STANDARD
 		  expand_rule
 		  addnatjump
 		  insertnatjump
+		  get_interface_address
 		  get_interface_addresses
 		  create_netfilter_load
 

Shorewall-perl/Shorewall/Nat.pm

@@ -185,17 +185,13 @@ sub setup_one_masq($$$$$$)
 		$target .= "--to $addr ";
 	    }
 	} elsif ( $addresses eq 'detect' ) {
-	    add_commands( $chainref , 
+	    my $variable = get_interface_address $interface;
-			  'addrlist=',
+	    $target = "-j SNAT --to-source $variable";
-			  join( '', 'for address in ' , get_interface_addresses( $interface ), '; do' ),
-			  '    addrlist="$addrlist --to-source $address"',
-			  'done' );
-	    $target = '-j SNAT $addrlist';
 
 	    if ( interface_is_optional $interface ) {
 		add_commands( $chainref,
 			      '',
-			      'if [ -n "$addrlist" ]; then' );
+			      "if [ \"$variable\" != 0.0.0.0 ]; then" );
 		push_cmd_mode( $chainref );
 		$detectaddress = 1;
 	    }

Shorewall-perl/compiler.pl

@@ -529,16 +529,14 @@ sub generate_script_2 () {
 	    ''
 	    );
  
-    if ( $capabilities{NAT_ENABLED} && ! $config{RETAIN_ALIASES} ) {
+    if ( $capabilities{NAT_ENABLED} ) {
-	emitj( '',
+	emitj( 'if [ -f ${VARDIR}/nat ]; then',
-	       'if [ -f ${VARDIR}/nat ]; then',
 	       '    while read external interface; do',
 	       '        del_ip_addr $external $interface',
 	       '    done < ${VARDIR}/nat',
 	       '',
 	       '    rm -f ${VARDIR}/nat',
-	       'fi',
+	       "fi\n" );
-	       '' );
     }
 
     emit "delete_tc1\n"            if $config{CLEAR_TC};
@@ -571,7 +569,7 @@ sub generate_script_3() {
     dump_zone_contents;
     emit_unindented '__EOF__';
 
-    emit '> ${VARDIR}/nat' unless $config{RETAIN_ALIASES};
+    emit '> ${VARDIR}/nat';
 
     add_addresses;