holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Merge Tuomo Soini's 'shorewall add' patch

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2174 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-05-26 16:10:53 +00:00
parent 6f46bb3859
commit 7974d98eea
3 changed files with 19 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall2/changelog.txt
View File

@ -4,6 +4,8 @@ Changes in 2.4.0-RC2
2) Fix detection via 'nexthop' so it will work with BusyBox 2) Fix detection via 'nexthop' so it will work with BusyBox
3) Merge Tuomo Soini's fix for "shorewall add"
Changes in 2.4.0-RC1 Changes in 2.4.0-RC1
1) Fix output from firewall itself vis-a-vis multiple providers. 1) Fix output from firewall itself vis-a-vis multiple providers.

23
Shorewall2/firewall
View File

@ -7641,7 +7641,8 @@ refresh_firewall()
add_to_zone() # $1...${n-1} = <interface>[:<hosts>] $n = zone add_to_zone() # $1...${n-1} = <interface>[:<hosts>] $n = zone
{ {
local interface host zone z h z1 z2 chain local interface host zone z h z1 z2 chain
local dhcp_interfaces blacklist_interfaces maclist_interfaces tcpflags_interfaces local dhcp_interfaces blacklist_interfaces maclist_interfaces
local tcpflags_interfaces newhostlist=
local rulenum source_chain dest_hosts iface hosts hostlist= local rulenum source_chain dest_hosts iface hosts hostlist=
nat_chain_exists() # $1 = chain name nat_chain_exists() # $1 = chain name
@ -7725,16 +7726,16 @@ add_to_zone() # $1...${n-1} = <interface>[:<hosts>] $n = zone
while read z hosts; do while read z hosts; do
if [ "$z" = "$zone" ]; then if [ "$z" = "$zone" ]; then
for h in $hosts; do for h in $hostlist; do
for host in $hostlist; do list_search $h $hosts
if [ "$h" = "$host" ]; then if [ "$?" -gt 0 ]; then
rm -f ${STATEDIR}/zones_$$ newhostlist="$newhostlist $h"
startup_error "$host already in zone $zone" else
fi error_message "$h already in zone $zone"
done fi
done done
[ -z "$hosts" ] && hosts=$hostlist || hosts="$hosts $hostlist" [ -z "$hosts" ] && hosts=$newhostlist || hosts="$hosts $newhostlist"
fi fi
eval ${z}_hosts=\"$hosts\" eval ${z}_hosts=\"$hosts\"
@ -7748,7 +7749,7 @@ add_to_zone() # $1...${n-1} = <interface>[:<hosts>] $n = zone
# #
# Create a new Zone state file # Create a new Zone state file
# #
for newhost in $hostlist; do for newhost in $newhostlist; do
# #
# Isolate interface and host parts # Isolate interface and host parts
# #
@ -7908,7 +7909,7 @@ delete_from_zone() # $1 = <interface>[:<hosts>] $2 = zone
fi fi
done done
[ -n "$found" ] || error_message "Warning: $1 does not appear to be in zone $2" [ -n "$found" ] || error_message "Warning: $host does not appear to be in zone $zone"
done done
for h in $temp; do for h in $temp; do

5
Shorewall2/releasenotes.txt
View File

@ -6,6 +6,11 @@ Problems Corrected since 2.4.0-RC1
1) The value 'detect' in the GATEWAY column of the providers file 1) The value 'detect' in the GATEWAY column of the providers file
is no longer restricted to P-T-P interfaces. is no longer restricted to P-T-P interfaces.
2) Previously "shorewall add" would terminate with an error if any of
the listed hosts were already in the specified zone. Now a warning
message is issued and an attempt is made to add the non-duplicate
hosts to the zone (Patch by Tuomo Soini).
----------------------------------------------------------------------- -----------------------------------------------------------------------
Upgrade Issues when moving to 2.4.0 Upgrade Issues when moving to 2.4.0