Fix RETAIN_ALIASES

2009-10-13 14:36:47 -07:00 · 2009-10-13 14:36:47 -07:00 · 990a9f0fdc
commit 990a9f0fdc
parent 1b0a3e4417
4 changed files with 36 additions and 7 deletions
--- a/Shorewall/Perl/Shorewall/Nat.pm
+++ b/Shorewall/Perl/Shorewall/Nat.pm
@ -35,8 +35,8 @@ use strict;

 our @ISA = qw(Exporter);
 our @EXPORT = qw( setup_masq setup_nat setup_netmap add_addresses );
-our @EXPORT_OK = ();
-our $VERSION = '4.4_2';
+our @EXPORT_OK = qw(delete_addresses);
+our $VERSION = '4.4_3';

 our @addresses_to_add;
 our %addresses_to_add;
@ -290,7 +290,6 @@ sub process_one_masq( )
 		next if $addrs eq 'detect';
 		for my $addr ( ip_range_explicit $addrs ) {
 		    unless ( $addresses_to_add{$addr} ) {
-			emit "del_ip_addr $addr $interface" unless $config{RETAIN_ALIASES};
 			$addresses_to_add{$addr} = 1;
 			if ( defined $alias ) {
 			    push @addresses_to_add, $addr, "$interface:$alias";
@ -482,12 +481,13 @@ sub setup_netmap() {

 sub add_addresses () {
    if ( @addresses_to_add ) {
+	my @addrs = @addresses_to_add;
 	my $arg = '';
 	my $addresses = 0;

-	while ( @addresses_to_add ) {
-	    my $addr      = shift @addresses_to_add;
-	    my $interface = shift @addresses_to_add;
+	while ( @addrs ) {
+	    my $addr      = shift @addrs;
+	    my $interface = shift @addrs;
 	    $arg = "$arg $addr $interface";
 	    unless ( $config{RETAIN_ALIASES} ) {
 		emit '' unless $addresses++;
@ -500,4 +500,25 @@ sub add_addresses () {
    }
 }

+sub delete_addresses () {
+    if ( @addresses_to_add ) {
+	unless ( $config{RETAIN_ALIASES} ) {
+	    my @addrs = @addresses_to_add;
+
+	    emit '';
+
+	    while ( @addrs ) {
+		my $addr      = shift @addrs;
+		my $interface = shift @addrs;
+
+		$interface =~ s/:.*//;
+
+		emit "del_ip_addr $addr $interface";
+	    }
+
+	    emit '';
+	}
+    }
+}
+
 1;
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@ -31,6 +31,7 @@ use Shorewall::Chains qw(:DEFAULT :internal);
 use Shorewall::Actions;
 use Shorewall::Policy;
 use Shorewall::Proc;
+use Shorewall::Nat qw(delete_addresses);

 use strict;

@ -2227,6 +2228,8 @@ EOF

    emit 'delete_tc1' if $config{CLEAR_TC};

+    delete_addresses;
+
    emit( 'undo_routing',
 	  'restore_default_route'
 	  );
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@ -6,6 +6,8 @@ Changes in Shorewall 4.4.3

 3)  Rename 'object' to 'script' in compiler and config modules.

+4)  Correct RETAIN_ALIASES=No.
+
 Changes in Shorewall 4.4.2

 1)  BUGFIX: Correct detection of Persistent SNAT support
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@ -176,7 +176,10 @@ Shorewall 4.4.3
 1.  Previously, if 'routeback' was specified in /etc/shorewall/routestopped:

    a) 'shorewall check' produced an internal error
-    b) The 'routeback' option didn't work.
+    b) The 'routeback' option didn't work
+
+2)  If an alias IP address was added and RETAIN_ALIASES=No in
+    shorewall.conf, then a compiler internal error resulted.

 ----------------------------------------------------------------------------
             K N O W N   P R O B L E M S   R E M A I N I N G