2.0.0 RC1

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1177 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-02-29 15:51:08 +00:00 · 2004-02-29 15:51:08 +00:00 · bf9e1ef4ed
commit bf9e1ef4ed
parent a96129e9fc
5 changed files with 30 additions and 28 deletions
--- a/Shorewall2/fallback.sh
+++ b/Shorewall2/fallback.sh
@ -28,7 +28,7 @@
 #       shown below. Simply run this script to revert to your prior version of
 #       Shoreline Firewall.

-VERSION=2.0.0-Beta3
+VERSION=2.0.0-RC1

 usage() # $1 = exit status
 {
--- a/Shorewall2/firewall
+++ b/Shorewall2/firewall
@ -65,7 +65,7 @@ error_message() # $* = Error Message
 fatal_error() # $* = Error Message
 {
    echo "   Error: $@" >&2
-    if [ $command = check ]; then
+    if [ $COMMAND = check ]; then
 	[ -n "$TMP_DIR" ] && rm -rf $TMP_DIR
    else
 	stop_firewall
@ -663,7 +663,7 @@ validate_policy()

    print_policy() # $1 = source zone, $2 = destination zone
    {
-	[ $command != check ] || \
+	[ $COMMAND != check ] || \
 	    [ $1 = $2 ]  || \
 	    [ $1 = all ] || \
 	    [ $2 = all ] || \
@ -982,7 +982,7 @@ stop_firewall() {
    #
    # Turn off trace unless we were tracing "stop" or "clear"
    #
-    case $command in
+    case $COMMAND in
 	stop|clear)
 	    ;;
 	check)
@ -1080,7 +1080,7 @@ stop_firewall() {

    rm -rf $TMP_DIR

-    case $command in
+    case $COMMAND in
    stop|clear)
 	;;
    *)
@ -1468,7 +1468,7 @@ setup_mac_lists() {
 	[ -z "$blob" ] && \
 	    fatal_error "Interface $interface must be up before Shorewall can start"

-	ip -f inet addr show $interface 2> /dev/null | grep inet | sed 's/inet //; s/brd //; s/scope.*//;' | while read address broadcast; do
+	ip -f inet addr show $interface 2> /dev/null | grep 'inet.*brd' | sed 's/inet //; s/brd //; s/scope.*//;' | while read address broadcast; do
 	    if [ -n "$broadcast" ]; then
 		run_iptables -A $chain -s ${address%/*} -d $broadcast -j RETURN
 	    fi
@ -2176,7 +2176,7 @@ add_an_action()
 	    ;;
    esac

-    if [ $command != check ]; then
+    if [ $COMMAND != check ]; then
       if [ -n "${serv}" ]; then
 	    for serv1 in $(separate_list $serv); do
 		for srv in $(ip_range $serv1); do
@ -2339,7 +2339,7 @@ process_action() # $1 = action
    #
    # Report Result
    #
-    if [ $command = check ]; then
+    if [ $COMMAND = check ]; then
 	echo "   Rule \"$rule\" checked."
    else
 	echo "   Rule \"$rule\" added."
@ -2367,7 +2367,7 @@ process_actions1() {
    #
    add_builtin_actions() {
 	
-	if [ "$command" != check ]; then
+	if [ "$COMMAND" != check ]; then
 	    createchain dropBcast no
 	    qt iptables -A dropBcast -m pkttype --pkt-type broadcast -j DROP
 	    if ! qt iptables -A dropBcast -m pkttype --pkt-type multicast -j DROP; then
@ -2407,7 +2407,7 @@ process_actions1() {
 			    eval ${temp}_common=$xaction
 			    if ! list_search $xaction $USEDACTIONS; then
 				USEDACTIONS="$USEDACTIONS $xaction"
-				[ $command = check ] || createactionchain $xaction
+				[ $COMMAND = check ] || createactionchain $xaction
 			    fi
 			    ;;
 			*)
@ -2513,7 +2513,7 @@ process_actions2() {
 	    for action in $required; do
 		if ! list_search $action $USEDACTIONS; then
 		    USEDACTIONS="$USEDACTIONS $action"
-		    [ $command = check ] || createactionchain $action
+		    [ $COMMAND = check ] || createactionchain $action
 		    changed=Yes
 		fi
 	    done
@ -2621,7 +2621,7 @@ add_nat_rule() {

    # Generate nat table rules

-    if [ $command != check ]; then
+    if [ $COMMAND != check ]; then
 	if [ "$source" = "$FW" ]; then
 	    if [ -n "$excludedests" ]; then
 		chain=nonat${nonat_seq}
@ -2708,14 +2708,14 @@ add_nat_rule() {

    if [ -n "$snat" ]; then
 	if [ -n "$cli" ]; then
-	    [ $command = check ] || addnatrule $(snat_chain $dest) $proto $cli $multiport \
+	    [ $COMMAND = check ] || addnatrule $(snat_chain $dest) $proto $cli $multiport \
 		$sports -d $serv $dports -j SNAT --to-source $snat
 	else
 	    for source_host in $source_hosts; do
 		[ "x${source_host#*:}" = "x0.0.0.0/0" ] && \
 		    error_message "Warning: SNAT will occur on all connections to this server and port - rule \"$rule\""

-		[ $command = check ] || addnatrule $(snat_chain $dest) \
+		[ $COMMAND = check ] || addnatrule $(snat_chain $dest) \
 		    -s ${source_host#*:} $proto $sports $multiport \
 		    -d $serv $dports -j SNAT --to-source $snat
 	    done
@ -2877,7 +2877,7 @@ add_a_rule()
    fi

    if [ -n "${serv}${servport}" ]; then
-	if [ $command != check ]; then
+	if [ $COMMAND != check ]; then

 	    # A specific server or server port given

@ -2931,7 +2931,7 @@ add_a_rule()
 	    "An ORIGINAL DESTINATION ($addr) is only allowed in" \
 	    " a DNAT or REDIRECT: \"$rule\""

-	if [ $command != check ]; then
+	if [ $COMMAND != check ]; then
 	    if [ -n "$loglevel" ]; then
 		log_rule_limit $loglevel $chain $logtarget "$ratelimit" $userandgroup \
 		    $(fix_bang $proto $multiport $dest_interface $cli $sports $dports)
@ -3145,7 +3145,7 @@ process_rule() # $1 = target

    # Create the canonical chain if it doesn't already exist
    
-    [ $command = check ] || ensurechain $chain
+    [ $COMMAND = check ] || ensurechain $chain

    # Generate Netfilter rule(s)

@ -3233,7 +3233,7 @@ process_rule() # $1 = target
    #
    # Report Result
    #
-    if [ $command = check ]; then
+    if [ $COMMAND = check ]; then
 	echo "   Rule \"$rule\" checked."
    else
 	echo "   Rule \"$rule\" added."
@ -3295,7 +3295,7 @@ process_rules()
 	    *)
 		if list_search $temp $ACTIONS; then
 		    if ! list_search $temp $USEDACTIONS; then
-			[ $command = check ] || createactionchain $temp
+			[ $COMMAND = check ] || createactionchain $temp
 			USEDACTIONS="$USEDACTIONS $temp"
 		    fi

@ -4079,7 +4079,7 @@ verify_os_version() {
 	;;
    esac

-    [ $command = start -a -n "$(lsmod 2> /dev/null | grep '^ipchains')" ] && \
+    [ $COMMAND = start -a -n "$(lsmod 2> /dev/null | grep '^ipchains')" ] && \
 	startup_error "Shorewall can't start with the ipchains kernel module loaded - see FAQ #8"
 }

@ -5645,9 +5645,9 @@ nolock=

 trap "my_mutex_off; exit 2" 1 2 3 4 5 6 9

-command="$1"
+COMMAND="$1"

-case "$command" in
+case "$COMMAND" in
    stop)
 	[ $# -ne 1 ] && usage
 	do_initialize
--- a/Shorewall2/install.sh
+++ b/Shorewall2/install.sh
@ -22,14 +22,14 @@
 #       Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #

-VERSION=2.0.0-Beta3
+VERSION=2.0.0-RC1

 usage() # $1 = exit status
 {
    ME=$(basename $0)
-    echo "usage: $ME
+    echo "usage: $ME"
    echo "       $ME -v"
-    echo "       $ME -h "
+    echo "       $ME -h"
    exit $1
 }

--- a/Shorewall2/shorewall.spec
+++ b/Shorewall2/shorewall.spec
@ -1,6 +1,6 @@
 %define name shorewall
 %define version 2.0.0
-%define release 0Beta3
+%define release 0RC1
 %define prefix /usr

 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
@ -33,7 +33,7 @@ a multi-function gateway/ router/server or on a standalone GNU/Linux system.
 export PREFIX=$RPM_BUILD_ROOT ; \
 export OWNER=`id -n -u` ; \
 export GROUP=`id -n -g` ;\
-./install.sh /etc/init.d
+./install.sh

 %clean
 rm -rf $RPM_BUILD_ROOT
@ -137,6 +137,8 @@ fi
 %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel

 %changelog
+* Fri Feb 27 2004 Tom Eastep <tom@shorewall.net>
+- Update for RC1
 * Mon Feb 16 2004 Tom Eastep <tom@shorewall.net>
 - Moved rfc1918 to /usr/share/shorewall
 - Update for Beta 3
--- a/Shorewall2/uninstall.sh
+++ b/Shorewall2/uninstall.sh
@ -26,7 +26,7 @@
 #       You may only use this script to uninstall the version
 #       shown below. Simply run this script to remove Seattle Firewall

-VERSION=2.0.0-Beta2
+VERSION=2.0.0-RC1

 usage() # $1 = exit status
 {