diff --git a/Shorewall2/fallback.sh b/Shorewall2/fallback.sh index 84e04bc2a..2627602d9 100755 --- a/Shorewall2/fallback.sh +++ b/Shorewall2/fallback.sh @@ -28,7 +28,7 @@ # shown below. Simply run this script to revert to your prior version of # Shoreline Firewall. -VERSION=2.1.10 +VERSION=2.1.11 usage() # $1 = exit status { diff --git a/Shorewall2/firewall b/Shorewall2/firewall index 4b0d2c2ea..36bef0c20 100755 --- a/Shorewall2/firewall +++ b/Shorewall2/firewall @@ -5479,12 +5479,14 @@ initialize_netfilter () { if [ -n "$CLAMPMSS" ]; then case $CLAMPMSS in Yes) - run_iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu + option="--clamp-mss-to-pmtu" ;; *) - run_iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss $CLAMPMSS + option="--set-mss $CLAMPMSS" ;; esac + + run_iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS $option fi if [ -z "$NEWNOTSYN" ]; then @@ -5499,7 +5501,7 @@ initialize_netfilter () { run_iptables -A newnotsyn -i $interface $(match_source_hosts $network) $policy -p tcp --tcp-flags ACK ACK -j ACCEPT run_iptables -A newnotsyn -i $interface $(match_source_hosts $network) $policy -p tcp --tcp-flags RST RST -j ACCEPT run_iptables -A newnotsyn -i $interface $(match_source_hosts $network) $policy -p tcp --tcp-flags FIN FIN -j ACCEPT - run_iptables -A newnotsyn -i $interface $(match_source_hosts ${host#*:}) $policy -j RETURN + run_iptables -A newnotsyn -i $interface $(match_source_hosts $network) $policy -j RETURN done run_user_exit newnotsyn diff --git a/Shorewall2/install.sh b/Shorewall2/install.sh index a31b82924..5a624ea61 100755 --- a/Shorewall2/install.sh +++ b/Shorewall2/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA # -VERSION=2.1.10 +VERSION=2.1.11 usage() # $1 = exit status { diff --git a/Shorewall2/shorewall.spec b/Shorewall2/shorewall.spec index 7a99e914a..5474775f0 100644 --- a/Shorewall2/shorewall.spec +++ b/Shorewall2/shorewall.spec @@ -1,5 +1,5 @@ %define name shorewall -%define version 2.1.10 +%define version 2.1.11 %define release 1 %define prefix /usr @@ -137,6 +137,8 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel %changelog +* Sun Oct 14 2004 Tom Eastep tom@shorewall.net +- Updated to 2.1.11-1 * Sun Oct 03 2004 Tom Eastep tom@shorewall.net - Updated to 2.1.10-1 * Thu Sep 15 2004 Tom Eastep tom@shorewall.net diff --git a/Shorewall2/uninstall.sh b/Shorewall2/uninstall.sh index 9269381bf..304bb16c9 100755 --- a/Shorewall2/uninstall.sh +++ b/Shorewall2/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Seattle Firewall -VERSION=2.1.10 +VERSION=2.1.11 usage() # $1 = exit status {