holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Fix RETAIN_ALIASES

Browse Source
This commit is contained in:
Tom Eastep 2009-10-13 14:36:47 -07:00
parent 1b0a3e4417
commit 990a9f0fdc
4 changed files with 36 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
Shorewall/Perl/Shorewall/Nat.pm
View File

@ -35,8 +35,8 @@ use strict;
our @ISA = qw(Exporter); our @ISA = qw(Exporter);
our @EXPORT = qw( setup_masq setup_nat setup_netmap add_addresses ); our @EXPORT = qw( setup_masq setup_nat setup_netmap add_addresses );
our @EXPORT_OK = (); our @EXPORT_OK = qw(delete_addresses);
our $VERSION = '4.4_2'; our $VERSION = '4.4_3';
our @addresses_to_add; our @addresses_to_add;
our %addresses_to_add; our %addresses_to_add;
@ -290,7 +290,6 @@ sub process_one_masq( )
next if $addrs eq 'detect'; next if $addrs eq 'detect';
for my $addr ( ip_range_explicit $addrs ) { for my $addr ( ip_range_explicit $addrs ) {
unless ( $addresses_to_add{$addr} ) { unless ( $addresses_to_add{$addr} ) {
emit "del_ip_addr $addr $interface" unless $config{RETAIN_ALIASES};
$addresses_to_add{$addr} = 1; $addresses_to_add{$addr} = 1;
if ( defined $alias ) { if ( defined $alias ) {
push @addresses_to_add, $addr, "$interface:$alias"; push @addresses_to_add, $addr, "$interface:$alias";
@ -482,12 +481,13 @@ sub setup_netmap() {
sub add_addresses () { sub add_addresses () {
if ( @addresses_to_add ) { if ( @addresses_to_add ) {
my @addrs = @addresses_to_add;
my $arg = ''; my $arg = '';
my $addresses = 0; my $addresses = 0;
while ( @addresses_to_add ) { while ( @addrs ) {
my $addr = shift @addresses_to_add; my $addr = shift @addrs;
my $interface = shift @addresses_to_add; my $interface = shift @addrs;
$arg = "$arg $addr $interface"; $arg = "$arg $addr $interface";
unless ( $config{RETAIN_ALIASES} ) { unless ( $config{RETAIN_ALIASES} ) {
emit '' unless $addresses++; emit '' unless $addresses++;
@ -500,4 +500,25 @@ sub add_addresses () {
} }
} }
sub delete_addresses () {
if ( @addresses_to_add ) {
unless ( $config{RETAIN_ALIASES} ) {
my @addrs = @addresses_to_add;
emit '';
while ( @addrs ) {
my $addr = shift @addrs;
my $interface = shift @addrs;
$interface =~ s/:.*//;
emit "del_ip_addr $addr $interface";
}
emit '';
}
}
}
1; 1;

3
Shorewall/Perl/Shorewall/Rules.pm
View File

@ -31,6 +31,7 @@ use Shorewall::Chains qw(:DEFAULT :internal);
use Shorewall::Actions; use Shorewall::Actions;
use Shorewall::Policy; use Shorewall::Policy;
use Shorewall::Proc; use Shorewall::Proc;
use Shorewall::Nat qw(delete_addresses);
use strict; use strict;
@ -2227,6 +2228,8 @@ EOF
emit 'delete_tc1' if $config{CLEAR_TC}; emit 'delete_tc1' if $config{CLEAR_TC};
delete_addresses;
emit( 'undo_routing', emit( 'undo_routing',
'restore_default_route' 'restore_default_route'
); );

2
Shorewall/changelog.txt
View File

@ -6,6 +6,8 @@ Changes in Shorewall 4.4.3
3) Rename 'object' to 'script' in compiler and config modules. 3) Rename 'object' to 'script' in compiler and config modules.
4) Correct RETAIN_ALIASES=No.
Changes in Shorewall 4.4.2 Changes in Shorewall 4.4.2
1) BUGFIX: Correct detection of Persistent SNAT support 1) BUGFIX: Correct detection of Persistent SNAT support

5
Shorewall/releasenotes.txt
View File

@ -176,7 +176,10 @@ Shorewall 4.4.3
1. Previously, if 'routeback' was specified in /etc/shorewall/routestopped: 1. Previously, if 'routeback' was specified in /etc/shorewall/routestopped:
a) 'shorewall check' produced an internal error a) 'shorewall check' produced an internal error
b) The 'routeback' option didn't work. b) The 'routeback' option didn't work
2) If an alias IP address was added and RETAIN_ALIASES=No in
shorewall.conf, then a compiler internal error resulted.
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
K N O W N P R O B L E M S R E M A I N I N G K N O W N P R O B L E M S R E M A I N I N G