From f30faa416f8588eb8ea5beb3ab69425b48e248c5 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Fri, 3 Oct 2003 14:39:34 +0000
Subject: [PATCH] Fix user/group name and qualified destination

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@752 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall/firewall         | 2 +-
 Shorewall/releasenotes.txt | 9 +++++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/Shorewall/firewall b/Shorewall/firewall
index 2cbe645a4..e6b432736 100755
--- a/Shorewall/firewall
+++ b/Shorewall/firewall
@@ -2469,7 +2469,7 @@ add_a_rule()
 				fi
 
 				run_iptables2 -A $chain $proto $multiport $state $cli $sports \
-				    -d $srv $dports $ratelimit -j $target
+				    -d $srv $dports $ratelimit $userandgroup -j $target
 			    fi
 			done
 		    done
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index e25377c69..071b61d24 100755
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -88,8 +88,13 @@ Problems Corrected since version 1.4.6:
 17) The log message generated from the 'logunclean' interface option
     has been changed to reflect a disposition of LOG rather than DROP.
 
-18) The RFC1918 file has been updated to reflect recent IANA
-    allocations.
+18) When a user name and/or a group name was specified in the USER SET
+    column and the destination zone was qualified with a IP address,
+    the user and/or group name was not being used to qualify the rule.
+
+    Example:
+
+    ACCEPT fw  net:192.0.2.12 tcp 23 - - - vladimir:
 
 Migration Issues: