From 11b86e99e66689ab86c3a2d6cea1d9742725338c Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Sun, 14 Feb 2010 07:55:41 -0800
Subject: [PATCH] Fix detection of FLOW_FILTER when LOAD_HELPERS_ONLY=No

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Config.pm |  1 +
 Shorewall/changelog.txt            |  2 ++
 Shorewall/known_problems.txt       | 13 +++++++++++++
 Shorewall/releasenotes.txt         |  8 ++++++--
 4 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index cbcfc147e..7fcae69fd 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -2468,6 +2468,7 @@ sub determine_capabilities() {
 	$capabilities{GOTO_TARGET}     = detect_capability( 'GOTO_TARGET' );
 	$capabilities{LOG_TARGET}      = detect_capability( 'LOG_TARGET' );
 	$capabilities{LOGMARK_TARGET}  = detect_capability( 'LOGMARK_TARGET' );
+	$capabilities{FLOW_FILTER}     = detect_capability( 'FLOW_FILTER' );
 
 
 	qt1( "$iptables -F $sillyname" );
diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt
index 0576f3a9a..98ddf4a4c 100644
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@@ -2,6 +2,8 @@ Changes in Shorewall 4.4.7.2
 
 1)  Fix detection of "Old hashlimit match".
 
+2)  Detect FLOW_FILTER when LOAD_HELPERS_ONLY=No
+
 Changes in Shorewall 4.4.7.1
 
 1)  Don't apply rate limiting twice in NAT rules.
diff --git a/Shorewall/known_problems.txt b/Shorewall/known_problems.txt
index 1546371ef..2a751d107 100644
--- a/Shorewall/known_problems.txt
+++ b/Shorewall/known_problems.txt
@@ -3,3 +3,16 @@
     the values given in the rule.
 
     Corrected in 4.4.7.1
+
+2)  Detection of the 'Old hashlimit match' capability was broken in
+    /sbin/shorewall, /sbin/shorewall-lite and in the IPv4 version of 
+    shorecap. This problem only affects users of older distributions
+    such as RH3L5 and derivatives.
+
+    Corrected in 4.4.7.2
+
+2)  On older distributions such as RHEL5 and derivatives, when
+    LOAD_HELPERS_ONLY=No, Shorewall would fail to start if a TYPE was
+    specified in /etc/shorewall/tcinterfaces.
+
+    Corrected in 4.4.7.2
diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt
index d1e98a85b..70540f4e5 100644
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@@ -1,4 +1,4 @@
-Shorewall 4.4.7 Patch Release 1.
+Shorewall 4.4.7 Patch Release 2.
 
 ----------------------------------------------------------------------------
                R E L E A S E  4 . 4  H I G H L I G H T S
@@ -184,13 +184,17 @@ Shorewall 4.4.7 Patch Release 1.
     one from the release (not recommended).
 
 ----------------------------------------------------------------------------
-       P R O B L E M S   C O R R E C T E D   I N   4 . 4 . 7 . 1
+       P R O B L E M S   C O R R E C T E D   I N   4 . 4 . 7 . 2
 ----------------------------------------------------------------------------
 
 1)  Detection of the 'Old hashlimit match' capability was broken in
     /sbin/shorewall, /sbin/shorewall-lite and in the IPv4 version of 
     shorecap.
 
+2)  On older distributions such as RHEL5 and derivatives, when
+    LOAD_HELPERS_ONLY=No, Shorewall would fail to start if a TYPE was
+    specified in /etc/shorewall/tcinterfaces.
+ 
 ----------------------------------------------------------------------------
        P R O B L E M S   C O R R E C T E D   I N   4 . 4 . 7 . 1
 ----------------------------------------------------------------------------