extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-08-16 03:34:10 +02:00
Code Issues Packages Projects Releases Wiki Activity

Couple of tweaks

Browse Source
This commit is contained in:
Tom Eastep
2011-06-09 16:54:32 -07:00
parent 76e68bd04b
commit f5bda84e79
3 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
Shorewall/Perl/Shorewall/Misc.pm
View File

@ -476,7 +476,6 @@ sub setup_mss();
sub add_common_rules() { sub add_common_rules() {
my $interface; my $interface;
my $chainref; my $chainref;
my $chainref1;
my $target; my $target;
my $target1; my $target1;
my $rule; my $rule;
@ -547,9 +546,9 @@ sub add_common_rules() {
$chainref = $filter_table->{forward_chain $interface}; $chainref = $filter_table->{forward_chain $interface};
if ( @filters ) { if ( @filters ) {
add_jump( $chainref , $target1, 0, match_source_net( $_ ) . $ipsec ), $chainref->{filtered}++ for @filters; add_jump( $chainref , $target1, ! $ipsec, match_source_net( $_ ) . $ipsec ), $chainref->{filtered}++ for @filters;
} elsif ( $interfaceref->{bridge} eq $interface ) { } elsif ( $interfaceref->{bridge} eq $interface ) {
add_jump( $chainref , $target1, 0, match_dest_dev( $interface ) . $ipsec ), $chainref->{filtered}++ unless $interfaceref->{options}{routeback} || $interfaceref->{options}{routefilter}; add_jump( $chainref , $target1, ! $ipsec, match_dest_dev( $interface ) . $ipsec ), $chainref->{filtered}++ unless $interfaceref->{options}{routeback} || $interfaceref->{options}{routefilter};
} }
add_rule( $chainref, "$globals{STATEMATCH} ESTABLISHED,RELATED -j ACCEPT" ), $chainref->{filtered}++ if $config{FASTACCEPT}; add_rule( $chainref, "$globals{STATEMATCH} ESTABLISHED,RELATED -j ACCEPT" ), $chainref->{filtered}++ if $config{FASTACCEPT};

4
Shorewall/known_problems.txt
View File

@ -37,3 +37,7 @@
ERROR: iptables-restore Failed. Input is in ERROR: iptables-restore Failed. Input is in
/var/lib/shorewall/.iptables-restore-input /var/lib/shorewall/.iptables-restore-input
6) The following extraneous warning message may be ignored:
WARNING: sfilter is ineffective with FASTACCEPT=Yes

4
Shorewall/releasenotes.txt
View File

@ -44,6 +44,10 @@ VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
ERROR: iptables-restore Failed. Input is in ERROR: iptables-restore Failed. Input is in
/var/lib/shorewall/.iptables-restore-input /var/lib/shorewall/.iptables-restore-input
6) The following incorrect warning message has been eliminated:
WARNING: sfilter is ineffective with FASTACCEPT=Yes
4.4.20.1 4.4.20.1
1) The address of the Free Software Foundation has been corrected in 1) The address of the Free Software Foundation has been corrected in