From 5758ba3f6975bb4e1333281b9833ed354318ff19 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Tue, 5 May 2009 14:13:05 -0700 Subject: [PATCH] Fix SCTP source port filtering --- Shorewall/Perl/Shorewall/Tc.pm | 4 ++-- Shorewall/releasenotes.txt | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Shorewall/Perl/Shorewall/Tc.pm b/Shorewall/Perl/Shorewall/Tc.pm index 4c7ab1433..14a136360 100644 --- a/Shorewall/Perl/Shorewall/Tc.pm +++ b/Shorewall/Perl/Shorewall/Tc.pm @@ -836,7 +836,7 @@ sub process_tc_filter( ) { } elsif ( $protonumber == UDP ) { $rule1 = join( ' ', 'match udp src', hex_value( $sport ), "0x$smask" ); } else { - $rule1 = "match u32 0x${sport}0000 0x${smask}0000 at nexthdr+0\\" , + $rule1 = "match u32 0x${sport}0000 0x${smask}0000 at nexthdr+0" , } emit( "\nrun_tc $rule\\" , @@ -893,7 +893,7 @@ sub process_tc_filter( ) { } elsif ( $protonumber == UDP ) { $rule2 = join( ' ', 'match udp src', hex_value( $sport ), "0x$smask" ); } else { - $rule2 = "match u32 0x${sport}0000 0x${smask}0000 at nexthdr+0\\" , + $rule2 = "match u32 0x${sport}0000 0x${smask}0000 at nexthdr+0" , } emit( "\nrun_tc ${rule}\\", diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index e2c6739f0..1031596c2 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -206,7 +206,7 @@ None. Local traffic (that coming from the firewall and from the DMZ server) is placed in the effectively unrestricted class 1:10. The - default class is guaranteed have of the download capacity and my + default class is guaranteed half of the download capacity and my work system (172.20.1.107) is guarandeed the other half. ----------------------------------------------------------------------------