holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Fix nested IPSEC zones

Browse Source
This commit is contained in:
Tom Eastep 2009-08-26 12:44:10 -07:00
parent 608d7b11da
commit 383f3e8bcf
3 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -1694,7 +1694,7 @@ sub generate_matrix() {
add_jump( add_jump(
$sourcechainref, $sourcechainref,
source_exclusion( $hostref->{exclusions}, $frwd_ref ), source_exclusion( $hostref->{exclusions}, $frwd_ref ),
1, ! @{$zoneref->{parents}},
join( '', $interfacematch , match_source_net( $net ), $ipsec_match ) join( '', $interfacematch , match_source_net( $net ), $ipsec_match )
); );
} }

2
Shorewall/changelog.txt
View File

@ -16,6 +16,8 @@ Changes in Shorewall 4.4.1
8) Fix log level in rules at the end of INPUT and OUTPUT chains. 8) Fix log level in rules at the end of INPUT and OUTPUT chains.
9) Fix nested ipsec zones.
Changes in Shorewall 4.4.0 Changes in Shorewall 4.4.0
1) Fix 'compile ... -' so that it no longer requires '-v-1' 1) Fix 'compile ... -' so that it no longer requires '-v-1'

2
Shorewall/releasenotes.txt
View File

@ -173,6 +173,8 @@ Shorewall 4.4.1
rules at the end of the INPUT and OUTPUT chains would still use the rules at the end of the INPUT and OUTPUT chains would still use the
LOG target rather than ULOG. LOG target rather than ULOG.
2) Using CONTINUE policies with a nested IPSEC zone was broken.
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
K N O W N P R O B L E M S R E M A I N I N G K N O W N P R O B L E M S R E M A I N I N G
---------------------------------------------------------------------------- ----------------------------------------------------------------------------