holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

fix <if>:: handling in setup_masq()

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1868 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2004-12-29 00:06:02 +00:00
parent eba3a8f095
commit 86bd2afd97
3 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall2/changelog.txt
View File

@ -196,3 +196,5 @@ Changes since 2.0.3
95) Change encryption to blowfish in 'ipsecvpn' script. 95) Change encryption to blowfish in 'ipsecvpn' script.
96) Correct rate limiting rule example. 96) Correct rate limiting rule example.
97) Fix <if>:: handling in setup_masq().

9
Shorewall2/firewall
View File

@ -4905,7 +4905,7 @@ setup_masq()
} }
setup_one() { setup_one() {
local add_snat_aliases=$ADD_SNAT_ALIASES, pre_nat= policy= local add_snat_aliases=$ADD_SNAT_ALIASES, pre_nat= policy= destnets=
[ "x$ipsec" = x- ] && ipsec= [ "x$ipsec" = x- ] && ipsec=
@ -4946,7 +4946,6 @@ setup_masq()
*:) *:)
add_snat_aliases= add_snat_aliases=
fullinterface=${fullinterface%:} fullinterface=${fullinterface%:}
destnets="0.0.0.0/0"
;; ;;
*:*) *:*)
# Alias name OR networks # Alias name OR networks
@ -4958,12 +4957,10 @@ setup_masq()
;; ;;
*) *)
#it's an alias name #it's an alias name
destnets="0.0.0.0/0"
;; ;;
esac esac
;; ;;
*) *)
destnets="0.0.0.0/0"
;; ;;
esac esac
@ -5003,7 +5000,7 @@ setup_masq()
if ! list_search $addr $aliases_to_add; then if ! list_search $addr $aliases_to_add; then
[ -n "$RETAIN_ALIASES" ] || save_command qt ip addr del $addr dev $interface [ -n "$RETAIN_ALIASES" ] || save_command qt ip addr del $addr dev $interface
aliases_to_add="$aliases_to_add $addr $fullinterface" aliases_to_add="$aliases_to_add $addr $fullinterface"
case $fullinterface in case $fullinterface in
*:*) *:*)
fullinterface=${fullinterface%:*}:$((${fullinterface#*:} + 1 )) fullinterface=${fullinterface%:*}:$((${fullinterface#*:} + 1 ))
;; ;;
@ -5058,7 +5055,7 @@ setup_masq()
[ -n "$ports" ] && fatal_error "Ports only allowed with UDP or TCP ($ports)" [ -n "$ports" ] && fatal_error "Ports only allowed with UDP or TCP ($ports)"
fi fi
destination=$destnets destination=${destnets:=0.0.0.0/0}
[ -z "$pre_nat" ] && chain=$(masq_chain $interface) || chain=$(snat_chain $interface) [ -z "$pre_nat" ] && chain=$(masq_chain $interface) || chain=$(snat_chain $interface)

6
Shorewall2/releasenotes.txt
View File

@ -200,7 +200,11 @@ Problems corrected since 2.2.0 RC2
local: lo:: bad variable name local: lo:: bad variable name
2) The rate limiting example in /etc/shorewall/rules has been changed 2) The rate limiting example in /etc/shorewall/rules has been changed
to use the RATE LIMIT column. to use the RATE LIMIT column.
3) Entries in /etc/shorewall/masq with the INTERFACE column containing
<ifname>:: would generate a progress message but would not generate
an iptables rule.
----------------------------------------------------------------------- -----------------------------------------------------------------------
Issues when migrating from Shorewall 2.0 to Shorewall 2.2: Issues when migrating from Shorewall 2.0 to Shorewall 2.2: