forked from extern/shorewall_code
Fix ipsecnat tunnels
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5637 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
627a5afe57
commit
8f5d49a517
@ -7,6 +7,8 @@ Changes in 3.4.2
|
|||||||
|
|
||||||
3) Fix 'none[!]' and built-in actions.
|
3) Fix 'none[!]' and built-in actions.
|
||||||
|
|
||||||
|
4) Fix 'ipsecnat' tunnels.
|
||||||
|
|
||||||
Changes in 3.4.1
|
Changes in 3.4.1
|
||||||
|
|
||||||
1) Add rest of proxy arp fix.
|
1) Add rest of proxy arp fix.
|
||||||
|
@ -67,6 +67,7 @@ setup_tunnels() # $1 = name of tunnels file
|
|||||||
else
|
else
|
||||||
run_iptables -A $inchain -p udp $source --dport 500 $options
|
run_iptables -A $inchain -p udp $source --dport 500 $options
|
||||||
run_iptables -A $inchain -p udp $source --dport 4500 $options
|
run_iptables -A $inchain -p udp $source --dport 4500 $options
|
||||||
|
run_iptables -A $outchain -p udp $dest --dport 4500 $options
|
||||||
fi
|
fi
|
||||||
|
|
||||||
for z in $(separate_list $2); do
|
for z in $(separate_list $2); do
|
||||||
|
@ -43,6 +43,9 @@ Problems corrected in Shorewall 3.4.2
|
|||||||
Shorewall now correctly suppresses generation of log messages when
|
Shorewall now correctly suppresses generation of log messages when
|
||||||
a log level of 'none' or 'none!' is given to a built-in action.
|
a log level of 'none' or 'none!' is given to a built-in action.
|
||||||
|
|
||||||
|
4) Tunnels of type 'ipsecnat' would sometimes fail to work because of
|
||||||
|
a missing rule.
|
||||||
|
|
||||||
Migration Considerations:
|
Migration Considerations:
|
||||||
|
|
||||||
If you are migrating from a Shorewall version earlier than 3.2.0 then
|
If you are migrating from a Shorewall version earlier than 3.2.0 then
|
||||||
|
Loading…
Reference in New Issue
Block a user