Expunge ULOG from Shorewall6

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9053 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-common/changelog.txt

@@ -16,6 +16,10 @@ Changes in Shorewall 4.3.3
 
 8) Add RFC 2526 anycast addresses to nosmurfs
 
+9) Add man pages for Shorewall6 and 6 Lite.
+
+10) Fix IP6TABLES when not specified.
+
 Changes in Shorewall 4.3.2
 
 1) Added 'dhcp' option.

Shorewall-common/releasenotes.txt

@@ -28,7 +28,8 @@ There are two incompatible changes in this release.
 
 Problems Corrected in 4.3.3
 
-None.
+1)  Previously, if IP6TABLES wasn't specified in shorewall6.conf, it
+    was set to iptables rather than ip6tables.
 
 Other changes in 4.3.3
 
@@ -61,9 +62,10 @@ Other changes in 4.3.3
     /etc/shorewall6/interfaces. The option is the IPv6 analog of the
     'proxyarp' option in /etc/shorewall/interfaces.
 
-7)  Source anycast addresses defined by RFC 2526 are not trapped by
+7)  Source anycast addresses defined by RFC 2526 are now trapped by
     'nosmurfs'.
 
+8)  Manpages are now included for Shorewall6 and Shorewall6-lite.
 
 Migration Issues.
 

Shorewall-perl/Shorewall/Config.pm

@@ -258,6 +258,8 @@ use constant { MIN_VERBOSITY => -1,
 	       F_IPV6 => 6,
 	   };
 
+our %validlevels;
+
 #
 # Initialize globals -- we take this novel approach to globals initialization to allow
 #                       the compiler to run multiple times in the same process. The
@@ -406,6 +408,21 @@ sub initialize( $ ) {
 	      TCP_FLAGS_DISPOSITION => undef,
 	      BLACKLIST_DISPOSITION => undef,
 	    );
+
+	%validlevels = ( DEBUG   => 7,
+			 INFO    => 6,
+			 NOTICE  => 5,
+			 WARNING => 4,
+			 WARN    => 4,
+			 ERR     => 3,
+			 ERROR   => 3,
+			 CRIT    => 2,
+			 ALERT   => 1,
+			 EMERG   => 0,
+			 PANIC   => 0,
+			 NONE    => '',
+			 ULOG    => 'ULOG',
+			 NFLOG   => 'NFLOG');
     } else {
 	$globals{SHAREDIR} = '/usr/share/shorewall';
 	$globals{CONFDIR} =  '/etc/shorewall6';
@@ -489,6 +506,20 @@ sub initialize( $ ) {
 	      TCP_FLAGS_DISPOSITION => undef,
 	      BLACKLIST_DISPOSITION => undef,
 	    );
+
+	%validlevels = ( DEBUG   => 7,
+			 INFO    => 6,
+			 NOTICE  => 5,
+			 WARNING => 4,
+			 WARN    => 4,
+			 ERR     => 3,
+			 ERROR   => 3,
+			 CRIT    => 2,
+			 ALERT   => 1,
+			 EMERG   => 0,
+			 PANIC   => 0,
+			 NONE    => '',
+			 NFLOG   => 'NFLOG');
 	}
     #
     # From parsing the capabilities file
@@ -1471,20 +1502,6 @@ sub default_yes_no_ipv4 ( $$ ) {
     warning_message "$var=Yes is ignored for IPv6" if $family == F_IPV6 && $config{$var};
 }
 
-my %validlevels = ( DEBUG   => 7,
-		    INFO    => 6,
-		    NOTICE  => 5,
-		    WARNING => 4,
-		    WARN    => 4,
-		    ERR     => 3,
-		    ERROR   => 3,
-		    CRIT    => 2,
-		    ALERT   => 1,
-		    EMERG   => 0,
-		    PANIC   => 0,
-		    NONE    => '',
-		    ULOG    => 'ULOG',
-		    NFLOG   => 'NFLOG');
 
 my @suffixes = qw(group range threshold nlgroup cprange qthreshold);
 

manpages6/shorewall6-policy.xml

@@ -206,7 +206,7 @@
       <varlistentry>
         <term><emphasis role="bold">LOG LEVEL</emphasis> (Optional) -
         [<emphasis>log-level</emphasis>|<emphasis
-        role="bold">ULOG</emphasis>]</term>
+        role="bold">NFLOG</emphasis>]</term>
 
         <listitem>
           <para>If supplied, each connection handled under the default POLICY
@@ -214,8 +214,8 @@
           generated. See syslog.conf(5) for a description of log
           levels.</para>
 
-          <para>You may also specify ULOG (must be in upper case). This will
+          <para>You may also specify NFLOG (must be in upper case). This will
-          log to the ULOG target and will send to a separate log through use
+          log to the NFLOG target and will send to a separate log through use
           of ulogd (<ulink
           url="http://www.netfilter.org/projects/ulogd/index.html">http://www.netfilter.org/projects/ulogd/index.html</ulink>).</para>
 

manpages6/shorewall6-rules.xml

@@ -367,8 +367,8 @@
               </listitem>
             </itemizedlist>
 
-            <para>You may also specify <emphasis role="bold">ULOG</emphasis>
+            <para>You may also specify <emphasis role="bold">NFLOG</emphasis>
-            (must be in upper case) as a log level.This will log to the ULOG
+            (must be in upper case) as a log level.This will log to the NFLOG
             target for routing to a separate log through use of ulogd (<ulink
             url="http://www.netfilter.org/projects/ulogd/index.html">http://www.netfilter.org/projects/ulogd/index.html</ulink>).</para>
 

manpages6/shorewall6.conf.xml

@@ -60,10 +60,10 @@
     level to choose, 6 (info) is a safe bet. You may specify levels by name or
     by number.</para>
 
-    <para>If you have built your kernel with ULOG target support, you may also
+    <para>If you have built your kernel with NFLOG target support, you may
-    specify a log level of ULOG (must be all caps). Rather than log its
+    also specify a log level of NFLOG (must be all caps). Rather than log its
     messages to syslogd, Shorewall6 will direct netfilter to log the messages
-    via the ULOG target which will send them to a process called 'ulogd'.
+    via the NFLOG target which will send them to a process called 'ulogd'.
     ulogd is available with most Linux distributions (although it probably
     isn't installed by default). Ulogd is also available from <ulink
     url="http://www.netfilter.org/projects/ulogd/index.html">http://www.netfilter.org/projects/ulogd/index.html</ulink>