From b3d6ae78ba431ce2f3d69281904c4114d79ee75a Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Sun, 19 Sep 2010 07:57:36 -0700
Subject: [PATCH] Add redundancy warning re 'blacklst'

---
 Shorewall/Perl/Shorewall/Zones.pm | 8 +++++++-
 manpages/shorewall-zones.xml      | 4 +++-
 manpages6/shorewall6-zones.xml    | 4 +++-
 3 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/Shorewall/Perl/Shorewall/Zones.pm b/Shorewall/Perl/Shorewall/Zones.pm
index 70af32008..5859faf06 100644
--- a/Shorewall/Perl/Shorewall/Zones.pm
+++ b/Shorewall/Perl/Shorewall/Zones.pm
@@ -454,7 +454,13 @@ sub process_zone( \$ ) {
 				    hosts      => {}
 				  };
 
-    $zoneref->{options}{in}{blacklist} = $zoneref->{options}{out}{blacklist} = 1 if $zoneref->{options}{in_out}{blacklist};
+    if ( $zoneref->{options}{in_out}{blacklist} ) {
+	for ( qw/in out/ ) {
+	    warning_message( "Redundant 'blacklist' in " . uc( $_ ) . '_OPTIONS' ) if $zoneref->{options}{$_}{blacklist};
+	}
+
+	$zoneref->{options}{in}{blacklist} = $zoneref->{options}{out}{blacklist} = 1 ;
+    }
 
     return $zone;
 
diff --git a/manpages/shorewall-zones.xml b/manpages/shorewall-zones.xml
index 968a10d3e..426acb5da 100644
--- a/manpages/shorewall-zones.xml
+++ b/manpages/shorewall-zones.xml
@@ -204,7 +204,9 @@ c:a,b     ipv4</programlisting>
               <term><emphasis role="bold">blacklist</emphasis></term>
 
               <listitem>
-                <para>Added in Shorewall 4.4.13.</para>
+                <para>Added in Shorewall 4.4.13. May not be specified for
+                <emphasis role="bold">firewall</emphasis> or <emphasis
+                role="bold">vserver</emphasis> zones.</para>
 
                 <para>When specified in the IN_OPTIONS column, causes all
                 traffic from this zone to be passed against the <emphasis
diff --git a/manpages6/shorewall6-zones.xml b/manpages6/shorewall6-zones.xml
index 9d01a5078..51ce24d27 100644
--- a/manpages6/shorewall6-zones.xml
+++ b/manpages6/shorewall6-zones.xml
@@ -202,7 +202,9 @@ c:a,b     ipv6</programlisting>
               <term><emphasis role="bold">blacklist</emphasis></term>
 
               <listitem>
-                <para>Added in Shorewall 4.4.13.</para>
+                <para>Added in Shorewall 4.4.13. May not be specified for
+                <emphasis role="bold">firewall</emphasis> or <emphasis
+                role="bold">vserver</emphasis> zones.</para>
 
                 <para>When specified in the IN_OPTIONS column, causes all
                 traffic from this zone to be passed against the <emphasis