extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-11 16:18:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix GATEWAY handling for pptpserverz

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1644 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2004-09-24 17:18:04 +00:00
parent 70d8190878
commit f847ec5263
4 changed files with 23 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
STABLE2/changelog.txt
View File

@ -58,3 +58,7 @@ Changes in 2.0.9
2) Added warning about ADD_SNAT_ALIASES in the masq file. 2) Added warning about ADD_SNAT_ALIASES in the masq file.
3) Added "brctl show" to the status command. 3) Added "brctl show" to the status command.
Changes in 2.0.10
1) Corrected GATEWAY handling for 'pptpserver's

11
STABLE2/firewall
View File

@ -1509,11 +1509,11 @@ setup_tunnels() # $1 = name of tunnels file
progress_message " PPTP tunnel to $1 defined." progress_message " PPTP tunnel to $1 defined."
} }
setup_pptp_server() setup_pptp_server() # $1 = gateway
{ {
addrule $inchain -p 47 -j ACCEPT addrule $inchain -p 47 -s $1 -j ACCEPT
addrule $outchain -p 47 -j ACCEPT addrule $outchain -p 47 -d $1 -j ACCEPT
addrule $inchain -p tcp --dport 1723 -j ACCEPT addrule $inchain -p tcp --dport 1723 -s $1 -j ACCEPT
progress_message " PPTP server defined." progress_message " PPTP server defined."
} }
@ -1581,6 +1581,7 @@ setup_tunnels() # $1 = name of tunnels file
if validate_zone $z; then if validate_zone $z; then
inchain=${z}2${FW} inchain=${z}2${FW}
outchain=${FW}2${z} outchain=${FW}2${z}
gateway=${gateway:-0.0.0.0/0}
case $kind in case $kind in
ipsec|IPSEC|ipsec:*|IPSEC:*) ipsec|IPSEC|ipsec:*|IPSEC:*)
setup_one_ipsec $gateway $kind $z1 setup_one_ipsec $gateway $kind $z1
@ -1600,7 +1601,7 @@ setup_tunnels() # $1 = name of tunnels file
pptpclient|PPTPCLIENT) pptpclient|PPTPCLIENT)
setup_pptp_client $gateway setup_pptp_client $gateway
;; ;;
pptpserver|PPTPSERVER) pptpserver|PPTPSERVER) $gateway
setup_pptp_server setup_pptp_server
;; ;;
openvpn|OPENVPN|openvpn:*|OPENVPN:*) openvpn|OPENVPN|openvpn:*|OPENVPN:*)

8
STABLE2/releasenotes.txt
View File

@ -1,4 +1,4 @@
Shorewall 2.0.9 Shorewall 2.0.10
---------------------------------------------------------------------- ----------------------------------------------------------------------
Problems Corrected in version 2.0.4 Problems Corrected in version 2.0.4
@ -129,6 +129,12 @@ New Fewatures in version 2.0.9
1) The "shorewall status" command now includes the output of "brctl 1) The "shorewall status" command now includes the output of "brctl
show" if the bridge tools are installed. show" if the bridge tools are installed.
-----------------------------------------------------------------------
Problems corrected in version 2.0.10
1) The GATEWAY column was previously ignored in 'pptpserver' entries in
/etc/shorewall/tunnels.

11
Shorewall2/firewall
View File

@ -1602,11 +1602,11 @@ setup_tunnels() # $1 = name of tunnels file
progress_message " PPTP tunnel to $1 defined." progress_message " PPTP tunnel to $1 defined."
} }
setup_pptp_server() setup_pptp_server() # $1 = gateway
{ {
addrule $inchain -p 47 -j ACCEPT addrule $inchain -p 47 -s $1 -j ACCEPT
addrule $outchain -p 47 -j ACCEPT addrule $outchain -p 47 -d $1 -j ACCEPT
addrule $inchain -p tcp --dport 1723 -j ACCEPT addrule $inchain -p tcp --dport 1723 -s $1 -j ACCEPT
progress_message " PPTP server defined." progress_message " PPTP server defined."
} }
@ -1674,6 +1674,7 @@ setup_tunnels() # $1 = name of tunnels file
if validate_zone $z; then if validate_zone $z; then
inchain=${z}2${FW} inchain=${z}2${FW}
outchain=${FW}2${z} outchain=${FW}2${z}
gateway=${gateway:-0.0.0.0/0}
case $kind in case $kind in
ipsec|IPSEC|ipsec:*|IPSEC:*) ipsec|IPSEC|ipsec:*|IPSEC:*)
setup_one_ipsec $gateway $kind $z1 setup_one_ipsec $gateway $kind $z1
@ -1693,7 +1694,7 @@ setup_tunnels() # $1 = name of tunnels file
pptpclient|PPTPCLIENT) pptpclient|PPTPCLIENT)
setup_pptp_client $gateway setup_pptp_client $gateway
;; ;;
pptpserver|PPTPSERVER) pptpserver|PPTPSERVER) $gateway
setup_pptp_server setup_pptp_server
;; ;;
openvpn|OPENVPN|openvpn:*|OPENVPN:*) openvpn|OPENVPN|openvpn:*|OPENVPN:*)