Rest of the fix for proxy arp clearing

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5492 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2007-03-11 16:37:53 +00:00 · 2007-03-11 16:37:53 +00:00 · 6ad67cfb80
commit 6ad67cfb80
parent fffe3bad21
3 changed files with 15 additions and 21 deletions
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@ -1,3 +1,7 @@
+Changes in 3.4.1
+
+1)  Add rest of proxy arp fix.
+
 Changes in 3.4.0 Final

 1)  Add missing logic for "!" rules.
--- a/Shorewall/compiler
+++ b/Shorewall/compiler
@ -4627,12 +4627,12 @@ __EOF__
 	    [ -z "\${haveroute}\${NOROUTES}" ] && qt ip route del \$address dev \$interface
 	done < \${VARDIR}/proxyarp

-	rm -f \${VARDIR}/proxyarp
+        for f in /proc/sys/net/ipv4/conf/*; do
+            [ -f \$f/proxy_arp ] && echo 0 > \$f/proxy_arp
+        done
    fi

-    for f in /proc/sys/net/ipv4/conf/*; do
-	    [ -f \$f/proxy_arp ] && echo 0 > \$f/proxy_arp
-    done
+    rm -f \${VARDIR}/proxyarp

 __EOF__
    [ -n "$CLEAR_TC" ] && save_command "delete_tc1"
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@ -1,4 +1,4 @@
-Shorewall 3.4.0
+Shorewall 3.4.1

 Release Highlights

@ -28,24 +28,14 @@ Release Highlights
    /etc/shorewall/route_rules and reverses those changes when
    appropriate.

-Problems Corrected in 3.4.0 Final.
+Problems Corrected in 3.4.1

-1)  In the rules file, following the action with "!" is supposed to
-    exempt the rule from being suppressed by OPTIMIZE=1. That feature
-    was not working.
-
-2)  If both a macro body and a macro invocation contained an entry in the
-    SOURCE or DEST column, then compilation failed with the error:
-
-	   merge_macro_source_dest: command not found
-
-3)  An obscure bug in rule activation having to do with the new
-    exclusion feature in /etc/shorewall/hosts has been corrected.
-
-4) The "shorewall-[lite] [re]start and stop" commands reset the
+1) The "shorewall-[lite] [re]start and stop" commands reset the
   proxy_arp flag on all interfaces on the system making it impossible
-   to control proxy arp manually with Shorewall installed. With this
-   change, shorewall will only clear proxy arp if there were entries in
+   to control proxy arp manually with Shorewall installed. There was a
+   partial fix included in 3.4.0; unfortunately, it did not correct the
+   problem completely. Shorewall 3.4.1 includes the rest of the change 
+   necessarey to only clear proxy arp if there were entries in
   /etc/shorewall/proxyarp the last time that Shorewall was
   [re]started.