holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Better fix for policy parsing

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8361 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-03-26 15:36:23 +00:00
parent b2d2ee253a
commit c0dd4f3911
5 changed files with 18 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall-common/changelog.txt
View File

@ -14,6 +14,8 @@ Changes in 4.1.7
7) Fix priority mingling in tc filters.
8) Fix policy parsing.
Changes in 4.1.6
1) Deprecate IMPLICIT_CONTINUE=Yes

2
Shorewall-common/lib.cli
View File

@ -609,7 +609,7 @@ show_command() {
if [ $# -gt 0 ]; then
[ -n "$table_given" ] || for chain in $*; do
if ! qt $IPTABLES -t $table -L $chain $IPT_OPTIONS; then
echo "usage $(basename $0) show [ -x ] [ -m ] [-f] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|ip|log|macros|mangle|nat|routing|tc|zones} ] " >&2
echo "usage $(basename $0) show [ -x ] [ -m ] [-f] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|filters|ip|log|macros|mangle|nat|routing|tc|zones} ] " >&2
exit 1
fi
done

10
Shorewall-common/macro.Rfc1918 Normal file
View File

@ -0,0 +1,10 @@
#
# Shorewall version 4 - Rfc1918 Macro
#
# /usr/share/shorewall/macro.Rfc1918
#
# This macro handles traffic with SOURCE or DEST reserved by RFC 1918.
#
###############################################################################
PARAM SOURCE DEST:10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
PARAM SOURCE:10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 DEST

3
Shorewall-common/releasenotes.txt
View File

@ -89,6 +89,9 @@ Problems corrected in Shorewall-perl 4.1.7.
/sbin/shorewall: line 723: 755 Terminated
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
4) A POLICY of ":" in /etc/shorewall/policy would produce Perl
run-time errors.
New Features in 4.1.7.
1) If an interface fails when using balanced multi-ISP routing, the

6
Shorewall-perl/Shorewall/Policy.pm
View File

@ -211,7 +211,7 @@ sub validate_policy()
while ( read_a_line ) {
my ( $client, $server, $policy, $loglevel, $synparams ) = split_line 3, 5, 'policy file';
my ( $client, $server, $originalpolicy, $loglevel, $synparams ) = split_line 3, 5, 'policy file';
$loglevel = '' if $loglevel eq '-';
$synparams = '' if $synparams eq '-';
@ -224,9 +224,7 @@ sub validate_policy()
fatal_error "Undefined zone $server" unless $serverwild || defined_zone( $server );
my $originalpolicy = $policy;
( $policy , my ( $default, $remainder ) ) = split( /:/, $policy, 3 );
my ( $policy, $default, $remainder ) = split( /:/, $originalpolicy, 3 );
fatal_error "Invalid or missing POLICY ($originalpolicy)" unless $policy;