From 86bd2afd97030ba5cd8f86a5a8b414fcb98f4456 Mon Sep 17 00:00:00 2001 From: teastep Date: Wed, 29 Dec 2004 00:06:02 +0000 Subject: [PATCH] fix :: handling in setup_masq() git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1868 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall2/changelog.txt | 2 ++ Shorewall2/firewall | 9 +++------ Shorewall2/releasenotes.txt | 6 +++++- 3 files changed, 10 insertions(+), 7 deletions(-) diff --git a/Shorewall2/changelog.txt b/Shorewall2/changelog.txt index 2a1b46dbf..bb6158a53 100644 --- a/Shorewall2/changelog.txt +++ b/Shorewall2/changelog.txt @@ -196,3 +196,5 @@ Changes since 2.0.3 95) Change encryption to blowfish in 'ipsecvpn' script. 96) Correct rate limiting rule example. + +97) Fix :: handling in setup_masq(). diff --git a/Shorewall2/firewall b/Shorewall2/firewall index caf7bf10a..b3aaa719d 100755 --- a/Shorewall2/firewall +++ b/Shorewall2/firewall @@ -4905,7 +4905,7 @@ setup_masq() } setup_one() { - local add_snat_aliases=$ADD_SNAT_ALIASES, pre_nat= policy= + local add_snat_aliases=$ADD_SNAT_ALIASES, pre_nat= policy= destnets= [ "x$ipsec" = x- ] && ipsec= @@ -4946,7 +4946,6 @@ setup_masq() *:) add_snat_aliases= fullinterface=${fullinterface%:} - destnets="0.0.0.0/0" ;; *:*) # Alias name OR networks @@ -4958,12 +4957,10 @@ setup_masq() ;; *) #it's an alias name - destnets="0.0.0.0/0" ;; esac ;; *) - destnets="0.0.0.0/0" ;; esac @@ -5003,7 +5000,7 @@ setup_masq() if ! list_search $addr $aliases_to_add; then [ -n "$RETAIN_ALIASES" ] || save_command qt ip addr del $addr dev $interface aliases_to_add="$aliases_to_add $addr $fullinterface" - case $fullinterface in + case $fullinterface in *:*) fullinterface=${fullinterface%:*}:$((${fullinterface#*:} + 1 )) ;; @@ -5058,7 +5055,7 @@ setup_masq() [ -n "$ports" ] && fatal_error "Ports only allowed with UDP or TCP ($ports)" fi - destination=$destnets + destination=${destnets:=0.0.0.0/0} [ -z "$pre_nat" ] && chain=$(masq_chain $interface) || chain=$(snat_chain $interface) diff --git a/Shorewall2/releasenotes.txt b/Shorewall2/releasenotes.txt index cf837a5f3..7aeb193ea 100755 --- a/Shorewall2/releasenotes.txt +++ b/Shorewall2/releasenotes.txt @@ -200,7 +200,11 @@ Problems corrected since 2.2.0 RC2 local: lo:: bad variable name 2) The rate limiting example in /etc/shorewall/rules has been changed - to use the RATE LIMIT column. + to use the RATE LIMIT column. + +3) Entries in /etc/shorewall/masq with the INTERFACE column containing + :: would generate a progress message but would not generate + an iptables rule. ----------------------------------------------------------------------- Issues when migrating from Shorewall 2.0 to Shorewall 2.2: