Shorewall 2.0.15

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1897 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2005-01-12 21:02:14 +00:00 · 2005-01-12 21:02:14 +00:00 · 5d8c550d88
commit 5d8c550d88
parent 3f706c77e7
10 changed files with 20 additions and 9 deletions
--- a/Lrp2/usr/share/shorewall/action.AllowTrcrt
+++ b/Lrp2/usr/share/shorewall/action.AllowTrcrt
@ -1,11 +1,11 @@
 #
 # Shorewall 2.0 /etc/shorewall/action.AllowTrcrt
 #
-#	This action accepts Traceroute (for up to 20 hops):
+#	This action accepts Traceroute (for up to 30 hops):
 #
 ######################################################################################
 #TARGET  SOURCE		DEST      	PROTO	DEST    SOURCE	 	RATE	USER/
 #                       	        	PORT    PORT(S)		LIMIT	GROUP
-ACCEPT	 -	        -               udp	33434:33454 #UDP Traceroute
+ACCEPT	 -	        -               udp	33434:33524 #UDP Traceroute
 ACCEPT	 -		-		icmp	8	    #ICMP Traceroute
 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
--- a/Lrp2/usr/share/shorewall/firewall
+++ b/Lrp2/usr/share/shorewall/firewall
@ -1860,7 +1860,7 @@ setup_syn_flood_chain ()
    run_iptables -N $chain
    run_iptables -A $chain -m limit --limit $limit $limit_burst -j RETURN
    [ -n "$3" ] && \
-	log_rule_limit $3 $chain $chain DROP "-m limit --limit 5/min --limit-burst 5" "" ""
+	log_rule_limit $3 $chain DROP "-m limit --limit 5/min --limit-burst 5" ""
    run_iptables -A $chain -j DROP
 }

--- a/Lrp2/usr/share/shorewall/version
+++ b/Lrp2/usr/share/shorewall/version
@ -1 +1 @@
-2.0.14
+2.0.15
--- a/STABLE2/changelog.txt
+++ b/STABLE2/changelog.txt
@ -113,3 +113,5 @@ Changes in 2.0.14
 Changes in 2.0.15

 1)  Increased port range for Traceroute.
+
+2)  Corrected port of rate-limit logging change.
--- a/STABLE2/fallback.sh
+++ b/STABLE2/fallback.sh
@ -28,7 +28,7 @@
 #       shown below. Simply run this script to revert to your prior version of
 #       Shoreline Firewall.

-VERSION=2.0.14
+VERSION=2.0.15

 usage() # $1 = exit status
 {
--- a/STABLE2/firewall
+++ b/STABLE2/firewall
@ -1860,7 +1860,7 @@ setup_syn_flood_chain ()
    run_iptables -N $chain
    run_iptables -A $chain -m limit --limit $limit $limit_burst -j RETURN
    [ -n "$3" ] && \
-	log_rule_limit $3 $chain $chain DROP "-m limit --limit 5/min --limit-burst 5" "" ""
+	log_rule_limit $3 $chain DROP "-m limit --limit 5/min --limit-burst 5" ""
    run_iptables -A $chain -j DROP
 }

--- a/STABLE2/install.sh
+++ b/STABLE2/install.sh
@ -22,7 +22,7 @@
 #       Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #

-VERSION=2.0.14
+VERSION=2.0.15

 usage() # $1 = exit status
 {
--- a/STABLE2/releasenotes.txt
+++ b/STABLE2/releasenotes.txt
@ -269,3 +269,10 @@ Problems corrected in 2.0.15

 1)  The range of ports opened by the AllowTrcrt action has been
    expanded to 33434:33524.
+
+2)  Code mis-ported from 2.2.0 caused the following error during
+    "shorewall start" where SYN rate-limiting is present in
+    /etc/shorewall/policy:
+
+      Bad argument `DROP'
+      Try `iptables -h' or 'iptables --help' for more information.
--- a/STABLE2/shorewall.spec
+++ b/STABLE2/shorewall.spec
@ -1,5 +1,5 @@
 %define name shorewall
-%define version 2.0.14
+%define version 2.0.15
 %define release 1
 %define prefix /usr

@ -141,6 +141,8 @@ fi
 %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel

 %changelog
+* Wed Jan 12 2005 Tom Eastep tom@shorewall.net
+- Updated to 2.0.15-1
 * Mon Jan 03 2005 Tom Eastep tom@shorewall.net
 - Updated to 2.0.14-1
 * Thu Dec 02 2004 Tom Eastep tom@shorewall.net
--- a/STABLE2/uninstall.sh
+++ b/STABLE2/uninstall.sh
@ -26,7 +26,7 @@
 #       You may only use this script to uninstall the version
 #       shown below. Simply run this script to remove Seattle Firewall

-VERSION=2.0.14
+VERSION=2.0.15

 usage() # $1 = exit status
 {
 @ -1 +1 @@
 .0.14
 .0.15