diff --git a/Lrp2/usr/share/shorewall/firewall b/Lrp2/usr/share/shorewall/firewall
index 41dc667f1..fee1eb195 100755
--- a/Lrp2/usr/share/shorewall/firewall
+++ b/Lrp2/usr/share/shorewall/firewall
@@ -1229,6 +1229,21 @@ disable_ipv6() {
fi
}
+disable_ipv6_1() {
+ local foo=$(ip -f inet6 addr ls 2> /dev/null)
+
+ if [ -n "$foo" ]; then
+ if qt which ip6tables; then
+ progress_message "Disabling IPV6..."
+ ip6tables -P FORWARD DROP
+ ip6tables -P INPUT DROP
+ ip6tables -P OUTPUT DROP
+ else
+ error_message "WARNING: DISABLE_IPV6=Yes in shorewall.conf but this system does not appear to have ip6tables"
+ fi
+ fi
+}
+
#
# Stop the Firewall
#
@@ -1280,7 +1295,7 @@ stop_firewall() {
delete_proxy_arp
[ -n "$CLEAR_TC" ] && delete_tc1
- [ -n "$DISABLE_IPV6" ] && disable_ipv6
+ [ -n "$DISABLE_IPV6" ] && disable_ipv6_1
if [ -z "$ADMINISABSENTMINDED" ]; then
for chain in INPUT OUTPUT FORWARD; do
diff --git a/Lrp2/usr/share/shorewall/version b/Lrp2/usr/share/shorewall/version
index 2165f8f9b..e01025862 100644
--- a/Lrp2/usr/share/shorewall/version
+++ b/Lrp2/usr/share/shorewall/version
@@ -1 +1 @@
-2.0.4
+2.0.5
diff --git a/STABLE2/changelog.txt b/STABLE2/changelog.txt
index 289f4a887..74ec39b33 100644
--- a/STABLE2/changelog.txt
+++ b/STABLE2/changelog.txt
@@ -4,4 +4,6 @@ Changes in 2.0.4
Change in 2.0.5
-2) Eradicate more RESTOREBASE messages.
+1) Eradicate more RESTOREBASE messages.
+
+2) Remove 'mangle' reference from shorewall.conf.
\ No newline at end of file
diff --git a/STABLE2/releasenotes.txt b/STABLE2/releasenotes.txt
index 63c29616d..ea223cf5b 100644
--- a/STABLE2/releasenotes.txt
+++ b/STABLE2/releasenotes.txt
@@ -13,5 +13,5 @@ Problems Corrected in version 2.0.5
"shorewll stop" in the case where DISABLE_IPV6=Yes in
shorewall.conf.
-
-
+2) An anachronistic reference to the mangle option was removed from
+ shorewall.conf.
diff --git a/STABLE2/shorewall.conf b/STABLE2/shorewall.conf
index 7961726f8..2c1c63d07 100644
--- a/STABLE2/shorewall.conf
+++ b/STABLE2/shorewall.conf
@@ -325,9 +325,8 @@ ADD_SNAT_ALIASES=No
#
# If you say "Yes" or "yes" here, Traffic Shaping is enabled in the firewall. If
# you say "No" or "no" then traffic shaping is not enabled. If you enable traffic
-# shaping you must have iproute[2] installed (the "ip" and "tc" utilities) and
-# you must enable packet mangling above.
-#
+# shaping you must have iproute[2] installed (the "ip" and "tc" utilities).
+
TC_ENABLED=No
#
diff --git a/STABLE2/shorewall.spec b/STABLE2/shorewall.spec
index 01626f5db..ae73bcecc 100644
--- a/STABLE2/shorewall.spec
+++ b/STABLE2/shorewall.spec
@@ -1,5 +1,5 @@
%define name shorewall
-%define version 2.0.4
+%define version 2.0.5
%define release 1
%define prefix /usr
@@ -141,7 +141,9 @@ fi
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
%changelog
-* Tue Jul 06 2004 Tom Eastep tom@shorewall.net
+* Fri Jul 09 2004 Tom Eastep tom@shorewall.net
+- Updated to 2.0.5-1
+** Tue Jul 06 2004 Tom Eastep tom@shorewall.net
- Updated to 2.0.4-1
* Fri Jul 02 2004 Tom Eastep tom@shorewall.net
- Updated to 2.0.3c-1
diff --git a/Shorewall-docs2/errata.xml b/Shorewall-docs2/errata.xml
index f513184fb..913088210 100644
--- a/Shorewall-docs2/errata.xml
+++ b/Shorewall-docs2/errata.xml
@@ -13,7 +13,7 @@
- 2004-07-06
+ 2004-07-09
2001-2004
@@ -87,6 +87,24 @@
Problems in Version 2.0
+
+ Shorewall 2.0.3a through 2.0.4
+
+
+
+ Error messages regarding $RESTOREBASE occur during shorewall stop if DISABLE_IPV6=Yes in
+ shorewall.conf.
+
+
+
+ Corrected in this
+ firewall script which may be installed in
+ /usr/share/shorewall/firewall as described above. Also fixed in
+ Shorewall Version 2.0.5.
+
+
Shorewall 2.0.2 and all Shorewall 2.0.3 Releases.