From 57d1a5612f0804a79a577b95082742939508262d Mon Sep 17 00:00:00 2001 From: teastep Date: Mon, 9 Apr 2007 03:51:25 +0000 Subject: [PATCH] Fix a few 3.9.1 bugs git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5866 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-common/lib.config | 10 ++++------ Shorewall-perl/Shorewall/Rules.pm | 14 +++++++------- 2 files changed, 11 insertions(+), 13 deletions(-) diff --git a/Shorewall-common/lib.config b/Shorewall-common/lib.config index a8bd77bb0..95165b714 100644 --- a/Shorewall-common/lib.config +++ b/Shorewall-common/lib.config @@ -2085,12 +2085,10 @@ do_initialize() { ;; esac - if [ $PROGRAM != compiler ]; then - strip_file zones - strip_file routestopped - strip_file interfaces - strip_file hosts - fi + strip_file zones + strip_file routestopped + strip_file interfaces + strip_file hosts if [ $PROGRAM = compiler ]; then strip_file_and_lib_load accounting accounting diff --git a/Shorewall-perl/Shorewall/Rules.pm b/Shorewall-perl/Shorewall/Rules.pm index 084437752..de8fd588d 100644 --- a/Shorewall-perl/Shorewall/Rules.pm +++ b/Shorewall-perl/Shorewall/Rules.pm @@ -436,18 +436,18 @@ sub process_routestopped() { my $source = match_source_net $h; my $dest = match_dest_net $h; - emit "\$IPTABLES INPUT -i $interface $source ACCEPT"; - emit "\$IPTABLES OUTPUT -o $interface $dest ACCEPT" if $config{ADMINISABSENTMINDED}; + emit "\$IPTABLES -A INPUT -i $interface $source -j ACCEPT"; + emit "\$IPTABLES -A OUTPUT -o $interface $dest -j ACCEPT" if $config{ADMINISABSENTMINDED}; my $matched = 0; if ( $source{$host} ) { - emit "\$IPTABLES FORWARD -i $interface $source ACCEPT"; + emit "\$IPTABLES -A FORWARD -i $interface $source -j ACCEPT"; $matched = 1; } if ( $dest{$host} ) { - emit "\$IPTABLES FORWARD -o $interface $dest ACCEPT"; + emit "\$IPTABLES -A FORWARD -o $interface $dest -j ACCEPT"; $matched = 1; } @@ -752,11 +752,11 @@ sub setup_mac_lists( $ ) { add_command $chainref, " ip -f inet addr show $interface 2> /dev/null | grep 'inet.*brd' | sed 's/inet //; s/brd //; s/scope.*//;' | while read address broadcast; do"; add_command $chainref, ' address=${address%/*}'; add_command $chainref, ' if [ -n "$broadcast" ]; then'; - add_command $chainref, ' echo "-A $chain -s $address -d $broadcast -j RETURN" >&3'; + add_command $chainref, " echo \"-A $chainref->{name} -s \$address -d \$broadcast -j RETURN\" >&3"; add_command $chainref, ' fi'; add_command $chainref, ''; - add_command $chainref, ' echo "-A $chain -s $address -d 255.255.255.255 -j RETURN" >&3'; - add_command $chainref, ' echo "-A $chain -s $address -d 224.0.0.0/4 -j RETURN" >&3'; + add_command $chainref, " echo \"-A $chainref->{name} -s \$address -d 255.255.255.255 -j RETURN\" >&3"; + add_command $chainref, " echo \"-A $chainref->{name} -s \$address -d 224.0.0.0/4 -j RETURN\" >&3"; add_command $chainref, ' done'; add_command $chainref, 'else'; add_command $chainref, " fatal_error \"Interface $interface must be up before Shorewall can start\"";