From 27433b33e5582ad3619de98aacd14f49f5af80e7 Mon Sep 17 00:00:00 2001 From: teastep <teastep@fbd18981-670d-0410-9b5c-8dc0c1a9a2bb> Date: Sun, 22 Apr 2007 14:50:19 +0000 Subject: [PATCH] Fix 'routeback' on multi-zone interface git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6060 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-perl/Shorewall/Interfaces.pm | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/Shorewall-perl/Shorewall/Interfaces.pm b/Shorewall-perl/Shorewall/Interfaces.pm index 47ec926ff..cbe1f2f61 100644 --- a/Shorewall-perl/Shorewall/Interfaces.pm +++ b/Shorewall-perl/Shorewall/Interfaces.pm @@ -147,9 +147,12 @@ sub get_routed_networks ( $$ ) { sub validate_interfaces_file() { - use constant { SIMPLE_IF_OPTION => 1, - BINARY_IF_OPTION => 2, - ENUM_IF_OPTION => 3 }; + use constant { SIMPLE_IF_OPTION => 1, + BINARY_IF_OPTION => 2, + ENUM_IF_OPTION => 3, + MASK_IF_OPTION => 3, + + IF_OPTION_ZONEONLY => 4 }; my %validoptions = (arp_filter => BINARY_IF_OPTION, arp_ignore => ENUM_IF_OPTION, @@ -162,7 +165,7 @@ sub validate_interfaces_file() nosmurfs => SIMPLE_IF_OPTION, optional => SIMPLE_IF_OPTION, proxyarp => BINARY_IF_OPTION, - routeback => SIMPLE_IF_OPTION, + routeback => SIMPLE_IF_OPTION + IF_OPTION_ZONEONLY, routefilter => BINARY_IF_OPTION, sourceroute => BINARY_IF_OPTION, tcpflags => SIMPLE_IF_OPTION, @@ -228,7 +231,11 @@ sub validate_interfaces_file() ( $option, my $value ) = split /=/, $option; fatal_error "Invalid Interface option ($option)" unless my $type = $validoptions{$option}; + + fatal_error "The \"$option\" option may not be specified on a multi-zone interface" if $type & IF_OPTION_ZONEONLY && ! $zone; + $type &= MASK_IF_OPTION; + if ( $type == SIMPLE_IF_OPTION ) { fatal_error "Option $option does not take a value" if defined $value; $options{$option} = 1;