Limit providers to 15

Shorewall/Perl/Shorewall/Providers.pm

@@ -311,6 +311,7 @@ sub add_a_provider( ) {
 	    }
 	} else {
 	    fatal_error "Invalid Mark Value ($mark)" unless $config{HIGH_ROUTE_MARKS} && $config{WIDE_TC_MARKS};
+	    fatal_error "Invalid Mark Value ($mark)" if $val > 0xf0000;
 	}
 
 	for my $providerref ( values %providers  ) {

Shorewall/changelog.txt

@@ -12,6 +12,8 @@ Changes in Shorewall 4.4.5
 
 6)  Fix 'show policies' in Shorewall6.
 
+7)  Limit the maximum provider mark to 0xf0000.
+
 Changes in Shorewall 4.4.4
 
 1)  Change STARTUP_LOG and LOG_VERBOSITY in default shorewall6.conf.

Shorewall/releasenotes.txt

@@ -173,6 +173,10 @@ Shorewall 4.4.5
     default. If, for some reason, you don't want 'track' then specify
     'notrack' for the provider.
 
+14) With HIGH_ROUTE_MARKS=Yes and WIDE_TC_MARKS=Yes, the maximum
+    provider mark value is 0xf0000. This limits the number of providers
+    to 15.
+
 ----------------------------------------------------------------------------
           P R O B L E M S   C O R R E C T E D   I N   4 . 4 . 5
 ----------------------------------------------------------------------------
@@ -230,6 +234,10 @@ None.
     	     $FW             dmz             REJECT          info
     	     $FW             all             ACCEPT
 
+3)  With HIGH_ROUTE_MARKS=Yes and WIDE_TC_MARKS=Yes, the maximum
+    provider mark value is now 0xf0000. This limits the number of
+    providers to 15.
+
 ----------------------------------------------------------------------------
                 N E W   F E A T U R E S   I N   4 . 4 . 0
 ----------------------------------------------------------------------------