From 56caf3687f5478242559460689c965f73370c8a9 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Mon, 6 Aug 2012 09:26:14 -0700
Subject: [PATCH] Factor out the ?IF __CT_TARGET tests in the conntrack files.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/configfiles/conntrack  | 33 +++++++++++++++++++++---------
 Shorewall6/configfiles/conntrack | 35 ++++++++++++++++++++++----------
 2 files changed, 47 insertions(+), 21 deletions(-)

diff --git a/Shorewall/configfiles/conntrack b/Shorewall/configfiles/conntrack
index 2ca3b9eab..3ff7ec943 100644
--- a/Shorewall/configfiles/conntrack
+++ b/Shorewall/configfiles/conntrack
@@ -7,34 +7,47 @@
 FORMAT 2
 #ACTION			SOURCE		DESTINATION	PROTO	DEST		SOURCE	USER/
 #								PORT(S)		PORT(S)	GROUP
-?IF __CT_TARGET &&  __AMANDA_HELPER
+?IF __CT_TARGET
+
+?IF __AMANDA_HELPER
 CT:helper:amanda	all		-		udp	10080
 ?ENDIF
-?IF __CT_TARGET &&  __FTP_HELPER
+
+?IF __FTP_HELPER
 CT:helper:ftp		all		-		tcp	21
 ?ENDIF
-?IF __CT_TARGET &&  __H323_HELPER
+
+?IF __H323_HELPER
 CT:helper:RAS		all		-		udp	1719
 CT:helper:Q.931		all		-		tcp	1720
 ?ENDIF
-?IF __CT_TARGET &&  __IRC_HELPER
+
+?IF __IRC_HELPER
 CT:helper:irc		all		-		tcp	6667
 ?ENDIF
-?IF __CT_TARGET &&  __NETBIOS_NS_HELPER
+
+?IF __NETBIOS_NS_HELPER
 CT:helper:netbios-ns	all		-		udp	137
 ?ENDIF
-?IF __CT_TARGET &&  __PPTP_HELPER
+
+?IF __PPTP_HELPER
 CT:helper:pptp		all		-		tcp	1729
 ?ENDIF
-?IF __CT_TARGET &&  __SANE_HELPER
+
+?IF __SANE_HELPER
 CT:helper:sane		all		-		tcp	6566
 ?ENDIF
-?IF __CT_TARGET &&  __SIP_HELPER
+
+?IF __SIP_HELPER
 CT:helper:sip		all		-		udp	5060
 ?ENDIF
-?IF __CT_TARGET &&  __SNMP_HELPER
+
+?IF __SNMP_HELPER
 CT:helper:snmp		all		-		udp	161
 ?ENDIF
-?IF __CT_TARGET &&  __TFTP_HELPER
+
+?IF __TFTP_HELPER
 CT:helper:tftp		all		-		udp	69
 ?ENDIF
+
+?ENDIF
diff --git a/Shorewall6/configfiles/conntrack b/Shorewall6/configfiles/conntrack
index b59c8455c..81dd45c47 100644
--- a/Shorewall6/configfiles/conntrack
+++ b/Shorewall6/configfiles/conntrack
@@ -1,40 +1,53 @@
 #
 # Shorewall version 4 - conntrack File
 #
-# For information about entries in this file, type "man shorewall6-conntrack"
+# For information about entries in this file, type "man shorewal6-conntrack"
 #
 #############################################################################################
 FORMAT 2
 #ACTION			SOURCE		DESTINATION	PROTO	DEST		SOURCE	USER/
 #								PORT(S)		PORT(S)	GROUP
-?IF __CT_TARGET &&  __AMANDA_HELPER
+?IF __CT_TARGET
+
+?IF __AMANDA_HELPER
 CT:helper:amanda	all		-		udp	10080
 ?ENDIF
-?IF __CT_TARGET &&  __FTP_HELPER
+
+?IF __FTP_HELPER
 CT:helper:ftp		all		-		tcp	21
 ?ENDIF
-?IF __CT_TARGET &&  __H323_HELPER
+
+?IF __H323_HELPER
 CT:helper:RAS		all		-		udp	1719
 CT:helper:Q.931		all		-		tcp	1720
 ?ENDIF
-?IF __CT_TARGET &&  __IRC_HELPER
+
+?IF __IRC_HELPER
 CT:helper:irc		all		-		tcp	6667
 ?ENDIF
-?IF __CT_TARGET &&  __NETBIOS_NS_HELPER
+
+?IF __NETBIOS_NS_HELPER
 CT:helper:netbios-ns	all		-		udp	137
 ?ENDIF
-?IF __CT_TARGET &&  __PPTP_HELPER
+
+?IF __PPTP_HELPER
 CT:helper:pptp		all		-		tcp	1729
 ?ENDIF
-?IF __CT_TARGET &&  __SANE_HELPER
+
+?IF __SANE_HELPER
 CT:helper:sane		all		-		tcp	6566
 ?ENDIF
-?IF __CT_TARGET &&  __SIP_HELPER
+
+?IF __SIP_HELPER
 CT:helper:sip		all		-		udp	5060
 ?ENDIF
-?IF __CT_TARGET &&  __SNMP_HELPER
+
+?IF __SNMP_HELPER
 CT:helper:snmp		all		-		udp	161
 ?ENDIF
-?IF __CT_TARGET &&  __TFTP_HELPER
+
+?IF __TFTP_HELPER
 CT:helper:tftp		all		-		udp	69
 ?ENDIF
+
+?ENDIF