diff --git a/Shorewall-perl/Shorewall/Chains.pm b/Shorewall-perl/Shorewall/Chains.pm index a51b6b562..a44892b8d 100644 --- a/Shorewall-perl/Shorewall/Chains.pm +++ b/Shorewall-perl/Shorewall/Chains.pm @@ -1329,10 +1329,9 @@ sub do_connbytes( $ ) { # 1 2 3 5 6 fatal_error "Invalid CONNBYTES ($connbytes)" unless $connbytes =~ /^(!)? (\d+): (\d+)? ((:[ORB]) (:[PBA])?)?$/x; - my $invert = $1 || ''; $invert = '! ' if $invert; - my $min = $2; $min = 0 unless defined $min; - my $max = $3 || ''; fatal_error "Invalid byte range ($min:$max)" if $max ne '' and $min > $max; + my $min = $2; $min = 0 unless defined $min; + my $max = $3; $max = '' unless defined $max; fatal_error "Invalid byte range ($min:$max)" if $max ne '' and $min > $max; my $dir = $5 || 'B'; my $mode = $6 || 'B'; diff --git a/manpages/shorewall-tcrules.xml b/manpages/shorewall-tcrules.xml index 4159348dc..cee19132a 100644 --- a/manpages/shorewall-tcrules.xml +++ b/manpages/shorewall-tcrules.xml @@ -510,7 +510,8 @@ Connection Bytes; defines a byte or packet range that the - connection must fall within in order for the rule to match. + connection must fall within in order for the rule to match. Added in + Shorewall-perl 4.2.0. A packet matches if the the packet/byte count is within the range defined by min and @@ -552,10 +553,9 @@ "helper" - Added in Shorewall-perl 4.2.0 Beta 2. Names a Netfiler - protocol helper module such as - , , , - etc. + Added in Shorewall-perl 4.2.0. Names a Netfiler protocol + helper module such as , + , , etc.