From 8c2a228a7da98bc5037fd56ffcd31583885e0a94 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Fri, 11 Sep 2009 07:47:31 -0700 Subject: [PATCH] Apply Jesse Shrieve's SNAT patch --- Shorewall/Perl/Shorewall/Nat.pm | 6 +++++- Shorewall/changelog.txt | 2 ++ Shorewall/releasenotes.txt | 4 ++++ 3 files changed, 11 insertions(+), 1 deletion(-) diff --git a/Shorewall/Perl/Shorewall/Nat.pm b/Shorewall/Perl/Shorewall/Nat.pm index c529af2ae..518745405 100644 --- a/Shorewall/Perl/Shorewall/Nat.pm +++ b/Shorewall/Perl/Shorewall/Nat.pm @@ -239,7 +239,11 @@ sub process_one_masq( ) if ( $addr =~ /^.*\..*\..*\./ ) { $target = '-j SNAT '; my ($ipaddr, $rest) = split ':', $addr; - validate_address $ipaddr, 0; + if ( $addr =~ /^(.+)-(.+)$/ ) { + validate_range( $1, $2 ); + } else { + validate_address $ipaddr, 0; + } $addrlist .= "--to-source $addr "; $exceptionrule = do_proto( $proto, '', '' ) if $addr =~ /:/; } else { diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index b24df5fb4..b47ea667d 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -18,6 +18,8 @@ Changes in Shorewall 4.4.2 8) Don't look for an extension script for built-in actions. +9) Apply Jesse Shrieve's patch for SNAT range. + Changes in Shorewall 4.4.1 1) Deleted extra 'use ...IPAddrs.pm' from Nat.pm. diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 2f2092e05..13b9756f7 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -207,6 +207,10 @@ Shorewall 4.4.2 d) RFC1918_STRICT=Yes no loger produces a fatal error -- it is now a warning. +6) Previously, it was not possible to specify an IP address range in + ADDRESS column of /etc/shorewall/masq. Thanks go to Jessee Shrieve + for the patch. + ---------------------------------------------------------------------------- K N O W N P R O B L E M S R E M A I N I N G ----------------------------------------------------------------------------