2007-07-04 17:45:19 +02:00
|
|
|
--- /home/teastep/shorewall/branches/3.4/Shorewall/compiler 2007-07-04 08:07:46.000000000 -0700
|
2007-07-08 16:20:09 +02:00
|
|
|
+++ compiler 2007-07-08 07:18:45.000000000 -0700
|
2007-07-04 17:45:19 +02:00
|
|
|
@@ -35,6 +35,12 @@
|
2007-07-02 19:20:49 +02:00
|
|
|
# SHOREWALL_DIR A directory name was passed to /sbin/shorewall
|
|
|
|
# VERBOSE Standard Shorewall verbosity control.
|
|
|
|
|
2007-07-04 17:45:19 +02:00
|
|
|
+BASE_VERSION=40000
|
|
|
|
+BASE_VERSION_PRINTABLE=4.0.0
|
|
|
|
+CONFIG_VERSION=40000
|
|
|
|
+CONFIG_VERSION_PRINTABLE=4.0.0
|
|
|
|
+
|
2007-07-02 19:20:49 +02:00
|
|
|
+
|
|
|
|
#
|
|
|
|
# Fatal error -- stops the compiler after issuing the error message
|
|
|
|
#
|
2007-07-04 17:45:19 +02:00
|
|
|
@@ -673,11 +679,11 @@
|
2007-06-22 22:52:53 +02:00
|
|
|
progress_message2 "Compiling IP Forwarding..."
|
|
|
|
|
|
|
|
case "$IP_FORWARDING" in
|
|
|
|
- On|on)
|
|
|
|
+ On|on|ON|Yes|yes|YES)
|
|
|
|
save_progress_message "IP Forwarding Enabled"
|
|
|
|
save_command "echo 1 > /proc/sys/net/ipv4/ip_forward"
|
|
|
|
;;
|
|
|
|
- Off|off)
|
|
|
|
+ Off|off|OFF|No|no|NO)
|
|
|
|
save_progress_message "IP Forwarding Disabled!"
|
|
|
|
save_command "echo 0 > /proc/sys/net/ipv4/ip_forward"
|
|
|
|
;;
|
2007-07-04 17:45:19 +02:00
|
|
|
@@ -3767,7 +3773,7 @@
|
2007-06-16 17:43:14 +02:00
|
|
|
|
|
|
|
save_progress_message "Setting up Route Filtering..."
|
|
|
|
|
|
|
|
- if [ -z "$ROUTE_FILTER" ]; then
|
|
|
|
+ if [ "$ROUTE_FILTER" = no ]; then
|
|
|
|
indent >&3 << __EOF__
|
|
|
|
|
|
|
|
for f in /proc/sys/net/ipv4/conf/*; do
|
2007-07-04 17:45:19 +02:00
|
|
|
@@ -3791,8 +3797,10 @@
|
2007-06-16 17:43:14 +02:00
|
|
|
|
|
|
|
save_command "echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter"
|
|
|
|
|
|
|
|
- if [ -n "$ROUTE_FILTER" ]; then
|
|
|
|
+ if [ "$ROUTE_FILTER" = yes ]; then
|
|
|
|
save_command "echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter"
|
|
|
|
+ elif [ "$ROUTE_FILTER" = no ]; then
|
|
|
|
+ save_command "echo 0 > /proc/sys/net/ipv4/conf/default/rp_filter"
|
|
|
|
fi
|
|
|
|
|
|
|
|
save_command "[ -n \"\$NOROUTES\" ] || ip route flush cache"
|
2007-07-04 17:45:19 +02:00
|
|
|
@@ -3808,7 +3816,7 @@
|
2007-06-16 17:43:14 +02:00
|
|
|
|
|
|
|
save_progress_message "Setting up Martian Logging..."
|
|
|
|
|
|
|
|
- if [ -z "$LOG_MARTIANS" ]; then
|
|
|
|
+ if [ "$LOG_MARTIANS" = no ]; then
|
|
|
|
indent >&3 << __EOF__
|
|
|
|
|
|
|
|
for f in /proc/sys/net/ipv4/conf/*; do
|
2007-07-04 17:45:19 +02:00
|
|
|
@@ -3831,9 +3839,12 @@
|
2007-06-16 17:43:14 +02:00
|
|
|
__EOF__
|
|
|
|
done
|
|
|
|
|
|
|
|
- if [ -n "$LOG_MARTIANS" ]; then
|
|
|
|
+ if [ "$LOG_MARTIANS" = yes ]; then
|
|
|
|
save_command "echo 1 > /proc/sys/net/ipv4/conf/all/log_martians"
|
|
|
|
save_command "echo 1 > /proc/sys/net/ipv4/conf/default/log_martians"
|
|
|
|
+ elif [ "$LOG_MARTIANS" = no ]; then
|
|
|
|
+ save_command "echo 0 > /proc/sys/net/ipv4/conf/all/log_martians"
|
|
|
|
+ save_command "echo 0 > /proc/sys/net/ipv4/conf/default/log_martians"
|
|
|
|
fi
|
|
|
|
|
|
|
|
fi
|
2007-07-04 17:45:19 +02:00
|
|
|
@@ -4890,7 +4901,7 @@
|
2007-06-16 17:43:14 +02:00
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
- run_iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN ${match}-j TCPMSS $option
|
|
|
|
+ run_iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS $option
|
|
|
|
}
|
|
|
|
|
|
|
|
progress_message2 "Initializing..."
|
2007-07-08 16:20:09 +02:00
|
|
|
@@ -4930,7 +4941,7 @@
|
|
|
|
|
|
|
|
cat >&3 << __EOF__
|
|
|
|
#
|
|
|
|
-# Compiled firewall script generated by Shorewall $VERSION - $(date)"
|
|
|
|
+# Compiled firewall script generated by Shorewall-shell $VERSION - $(date)"
|
|
|
|
#
|
|
|
|
__EOF__
|
|
|
|
|
2007-07-04 17:45:19 +02:00
|
|
|
@@ -5732,6 +5743,11 @@
|
2007-07-02 19:13:36 +02:00
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
+VERSION=$(cat $SHELLSHAREDIR/version)
|
|
|
|
+
|
2007-07-04 17:45:19 +02:00
|
|
|
+[ "$SHOREWALL_LIBVERSION" -eq $BASE_VERSION ] || fatal_error "Shorewall-shell $VERSION requires Shorewall-common lib.base version $BASE_VERSION_PRINTABLE"
|
|
|
|
+[ "$SHOREWALL_CONFIGVERSION" -eq $CONFIG_VERSION ] || fatal_error "Shorewall-shell $VERSION requires Shorewall-common lib.config version $CONFIG_VERSION_PRINTABLE"
|
2007-07-02 19:13:36 +02:00
|
|
|
+
|
|
|
|
PROGRAM=compiler
|
|
|
|
|
|
|
|
COMMAND="$1"
|