From 062c7ec822dc34bb81f76bda06ab90682eb184bd Mon Sep 17 00:00:00 2001 From: teastep Date: Thu, 5 Mar 2009 16:18:58 +0000 Subject: [PATCH] Change 'Provides' for Shorewall6-lite git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9605 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall/Perl/Shorewall/IPAddrs.pm | 8 +++----- Shorewall/Perl/Shorewall/Rules.pm | 10 ++++++++-- Shorewall/changelog.txt | 2 ++ Shorewall/install.sh | 2 -- Shorewall/releasenotes.txt | 16 +++++++++++++++- Shorewall6-lite/init.sh | 2 +- 6 files changed, 29 insertions(+), 11 deletions(-) diff --git a/Shorewall/Perl/Shorewall/IPAddrs.pm b/Shorewall/Perl/Shorewall/IPAddrs.pm index 52e2465ee..a25589f7b 100644 --- a/Shorewall/Perl/Shorewall/IPAddrs.pm +++ b/Shorewall/Perl/Shorewall/IPAddrs.pm @@ -27,6 +27,7 @@ package Shorewall::IPAddrs; require Exporter; use Shorewall::Config qw( :DEFAULT split_list require_capability in_hex8 F_IPV4 F_IPV6 ); +use Socket; use strict; @@ -142,13 +143,10 @@ sub validate_4address( $$ ) { unless ( valid_4address $addr ) { fatal_error "Invalid IP Address ($addr)" unless $allow_name; - fatal_error "Unknown Host ($addr)" unless (@addrs = gethostbyname $addr); + fatal_error "Unknown Host ($addr)" unless (defined ( $addr = gethostbyname $addr) ); if ( defined wantarray ) { - shift @addrs for (1..4); - for ( @addrs ) { - $_ = inet_htoa $_; - } + @addrs = ( inet_ntoa( $addr ) ); } } diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm index 9fa870192..618ee3ba1 100644 --- a/Shorewall/Perl/Shorewall/Rules.pm +++ b/Shorewall/Perl/Shorewall/Rules.pm @@ -1165,8 +1165,14 @@ sub process_rule1 ( $$$$$$$$$$$$$ ) { if ( $actiontype & NATONLY ) { unless ( $destzone eq '-' || $destzone eq '' ) { - fatal_error "Unknown destination zone ($destzone)" unless $destref = defined_zone( $destzone ); - warning_message "Destination zone ($destzone) ignored"; + $destref = defined_zone( $destzone ); + + if ( $destref ) { + warning_message "Destination zone ($destzone) ignored"; + } else { + $dest = join ':', $destzone, $dest; + $destzone = ''; + } } } else { fatal_error "Missing destination zone" if $destzone eq '-' || $destzone eq ''; diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index 79dc6905a..9bb2f7093 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -4,6 +4,8 @@ Changes in Shorewall 4.3.7 2) Replace $VARDIR/.restore with $VARDIR/firewall +3) Fix DNAT- parsing of DEST column. + Changes in Shorewall 4.3.6 1) Add SAME tcrules target. diff --git a/Shorewall/install.sh b/Shorewall/install.sh index 90e82350a..20614223f 100755 --- a/Shorewall/install.sh +++ b/Shorewall/install.sh @@ -202,7 +202,6 @@ else echo "shorewall control program installed in ${PREFIX}/bin/shorewall" fi - # # Install the Firewall Script # @@ -242,7 +241,6 @@ if [ ! -f ${PREFIX}/etc/shorewall/shorewall.conf ]; then echo "Config file installed as ${PREFIX}/etc/shorewall/shorewall.conf" fi - if [ -n "$ARCHLINUX" ] ; then sed -e 's!LOGFILE=/var/log/messages!LOGFILE=/var/log/messages.log!' -i ${PREFIX}/etc/shorewall/shorewall.conf fi diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 289297aea..0242ea2ed 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -46,7 +46,21 @@ released late in 2009. norfc1918 nosmurfs tcpflags - + +2) Matt LaPlante reported a problem whereby a valid DNAT- rule was + badly mis-handled. + + The rule: + + DNAT- loc net:1.2.3.4:2525 tcp 25 + + The result: + + WARNING: Destination zone (1.2.3.4) ignored : /etc/shorewall/rules (line 459) + Can't call method "inet_htoa" without a package or object reference at + /usr/share/shorewall-perl/Shorewall/IPAddrs.pm line 150, + <$currentfile> line 459. + ---------------------------------------------------------------------------- K N O W N P R O B L E M S R E M A I N I N G ---------------------------------------------------------------------------- diff --git a/Shorewall6-lite/init.sh b/Shorewall6-lite/init.sh index 1938a3cbb..17a01bb2e 100755 --- a/Shorewall6-lite/init.sh +++ b/Shorewall6-lite/init.sh @@ -41,7 +41,7 @@ RCDLINKS="2,S41 3,S41 6,K41" # description: Packet filtering firewall ### BEGIN INIT INFO -# Provides: shorewall6 +# Provides: shorewall6-lite # Required-Start: $network # Required-Stop: # Default-Start: 2 3 5