From 1596f5362ba4be23428913e4fe0358a46df6bba4 Mon Sep 17 00:00:00 2001
From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb>
Date: Thu, 25 Mar 2004 15:28:16 +0000
Subject: [PATCH] Fix option handling

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1228 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
 Shorewall2/changelog.txt    |  2 ++
 Shorewall2/firewall         |  4 ++--
 Shorewall2/hosts            |  2 +-
 Shorewall2/releasenotes.txt | 19 ++++++-------------
 4 files changed, 11 insertions(+), 16 deletions(-)

diff --git a/Shorewall2/changelog.txt b/Shorewall2/changelog.txt
index 6036b48b5..bac12070d 100644
--- a/Shorewall2/changelog.txt
+++ b/Shorewall2/changelog.txt
@@ -21,3 +21,5 @@ Changes since 2.0.0
 10) Add additional options to hosts file
 
 11) Replace 'subnet' with 'network' in the code
+
+12) Fix item 10 above :-(
diff --git a/Shorewall2/firewall b/Shorewall2/firewall
index bfadf7226..a07108dd1 100755
--- a/Shorewall2/firewall
+++ b/Shorewall2/firewall
@@ -760,7 +760,7 @@ validate_hosts_file() {
 
 	    for option in $(separate_list $options) ; do
 		case $option in
-		    maclist|-)
+		    maclist|routeback|norfc1918|nobogons|blacklist|tcpflags|nosmurfs|newnotsyn|-)
 			;;
 		    routeback)
 			[ -z "$ports" ] && \
@@ -4736,7 +4736,7 @@ add_common_rules() {
     #
     # Bogons
     #
-    hosts="$(find_hosts_by_option bogons)"
+    hosts="$(find_hosts_by_option nobogons)"
     
     if [ -n "$hosts" ]; then
 	echo "Enabling Bogon Filtering"
diff --git a/Shorewall2/hosts b/Shorewall2/hosts
index 746fd2634..2aaf93a97 100644
--- a/Shorewall2/hosts
+++ b/Shorewall2/hosts
@@ -81,7 +81,7 @@
 #				       reserved by RFC 1918 -- see 
 #				       'norfc1918' above).
 #
-#	.	.	blacklist    - This option only makes sense for ports
+#			blacklist    - This option only makes sense for ports
 #				       on a bridge.
 # 
 #				       Check packets arriving on this port
diff --git a/Shorewall2/releasenotes.txt b/Shorewall2/releasenotes.txt
index 6dd803c43..06ce80e1e 100755
--- a/Shorewall2/releasenotes.txt
+++ b/Shorewall2/releasenotes.txt
@@ -1,4 +1,4 @@
-Shorewall 2.0.1-RC1
+Shorewall 2.0.1-RC2
 
 ----------------------------------------------------------------------
 Problems Corrected since 2.0.0
@@ -13,19 +13,12 @@ Problems Corrected since 2.0.0
 3) Thanks to Sean Mathews, a long-standing problem with Proxy ARP and
    IPSEC has been corrected. Thanks Sean!!!
 
-Problems Corrected since 2.0.1 Beta 1
+Problems Corrected since 2.0.1 RC1
 
-1) The BOGON_LOG_LEVEL variable is now included in shorewall.conf. It
-   was inadvertently omitted from the Beta 1 file.
+1) Although the release notes listed a set of new options available in
+   the /etc/shorewall/hosts file, those options were not accepted.
 
-2) Previously, setting 'norfc1918' also set 'nobogons'; setting
-   'nobogons' by itself had no effect.
-
-Problems Corrected since 2.0.1 Beta 2
-
-1) The Default value for ALL INTERFACES in the /etc/shorewall/nat file
-   is supposed to be 'no' but it remained 'yes' as in 1.4.
- 
+2) The 'nobogons' interface option didn't work.
 -----------------------------------------------------------------------
 Issues when migrating from Shorewall 2.0.0 to Shorewall 2.0.1:
 
@@ -80,7 +73,7 @@ New Features:
 4) Shorewall now traps two common zone definition errors:
 
    - Including the firewall zone in a /etc/shorewall/hosts record.
-   - Defining a interface for a zone in both /etc/shorewall/interfaces
+   - Defining an interface for a zone in both /etc/shorewall/interfaces
      and /etc/shorewall/hosts.
 
    In the second case, the following will appear during "shorewall