Apply 3.4.3 fix to 4.0

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6552 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-shell/lib.maclist

@@ -235,7 +235,7 @@ setup_mac_lists() # $1 = Phase Number
 		if [ -n "$MACLIST_LOG_LEVEL" -o $MACLIST_DISPOSITION != ACCEPT ]; then
 		    indent >&3 << __EOF__
 
-if interface_is_up $interface; then
+if interface_is_usable $interface; then
     ip -f inet addr show $interface 2> /dev/null | grep 'inet.*brd' | sed 's/inet //; s/brd //; s/scope.*//;' | while read address broadcast; do
         address=\${address%/*}
         if [ -n "\$broadcast" ]; then

Shorewall-shell/lib.tcrules

@@ -422,35 +422,17 @@ process_tc_rule()
 	    dests=${dests%!*}
 	    ;;
     esac
-    #
-    # This isn't as fancy as the code in the rules file processor. It only uses multiport match
-    # if the extended variety is available and then only on the destination port(s). 
-    #
-    if [ -n "$XMULTIPORT" ]; then
-	#
-	# Extended Multiport match can handle port ranges 
-	#
-	multiport="-m multiport --dports"
-	for source in $(separate_list $sources); do
-	    for dest in $(separate_list $dests); do
-		port=${ports:=-}
+
+    multiport=--dport
+    for source in $(separate_list $sources); do
+	for dest in $(separate_list $dests); do
+	    for port in $(separate_list ${ports:=-}); do
 		for sport in $(separate_list ${sports:=-}); do
 		    add_a_tc_rule
 		done
 	    done
 	done
-    else
-	multiport=--dport
-	for source in $(separate_list $sources); do
-	    for dest in $(separate_list $dests); do
-		for port in $(separate_list ${ports:=-}); do
-		    for sport in $(separate_list ${sports:=-}); do
-			add_a_tc_rule
-		    done
-		done
-	    done
-	done
-    fi
+    done
 
     progress_message "   TC Rule \"$rule\" $DONE"
     save_progress_message_short "   TC Rule \\\"$rule\\\" Added"