Downgrade requirement from XMULTIPORT to MULTIPORT

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5703 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

New/compiler.pl

@@ -593,8 +593,8 @@ sub compile_firewall( $ ) {
 
     fatal_error join( '', 'Shorewall-pl ', $env{VERSION}, ' requires Conntrack Match Support' )
 	unless $capabilities{CONNTRACK_MATCH};
-    fatal_error join ( '', 'Shorewall-pl ', $env{VERSION}, ' requires Extended Multi-port Match Support' )
-	unless $capabilities{XMULTIPORT};
+    fatal_error join ( '', 'Shorewall-pl ', $env{VERSION}, ' requires Multi-port Match Support' )
+	unless $capabilities{MULTIPORT};
     fatal_error join( '', 'Shorewall-pl ', $env{VERSION}, ' requires Address Type Match Support' )
 	unless $capabilities{ADDRTYPE};
     fatal_error 'MACLIST_TTL requires the Recent Match capability which is not present in your Kernel and/or iptables'

New/releasenotes.txt

@@ -47,10 +47,20 @@ a) The Perl-based compiler requires the following capabilities in your
 
    - addrtype match
    - conntrack match
-   - extended multiport match
+   - multiport match
 
    These capabilities are in current distributions.
 
+   The Bourne-shell compiler goes to great pain (in some cases) to
+   break very long port lists ( > 15 where port ranges in lists count
+   as two ports) into individual rules. I'm removing the ugliness
+   required to do that (at least initially). The new compiler just
+   gives you an error. It will also give you an error if you insert a
+   port range into a port list and you don't have extended multiport
+   support. Now that Netfilter has features to deal reasonably with
+   port lists, I see no reason to duplicate those features in
+   Shorewall.
+
 b) BRIDGING=Yes is not supported. The kernel code necessary to
    support this option was removed in Linux kernel 2.6.20.