forked from extern/shorewall_code
Better fix for policy parsing
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8361 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
b2d2ee253a
commit
c0dd4f3911
@ -14,6 +14,8 @@ Changes in 4.1.7
|
||||
|
||||
7) Fix priority mingling in tc filters.
|
||||
|
||||
8) Fix policy parsing.
|
||||
|
||||
Changes in 4.1.6
|
||||
|
||||
1) Deprecate IMPLICIT_CONTINUE=Yes
|
||||
|
@ -609,7 +609,7 @@ show_command() {
|
||||
if [ $# -gt 0 ]; then
|
||||
[ -n "$table_given" ] || for chain in $*; do
|
||||
if ! qt $IPTABLES -t $table -L $chain $IPT_OPTIONS; then
|
||||
echo "usage $(basename $0) show [ -x ] [ -m ] [-f] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|ip|log|macros|mangle|nat|routing|tc|zones} ] " >&2
|
||||
echo "usage $(basename $0) show [ -x ] [ -m ] [-f] [ -t {filter|mangle|nat} ] [ {chain [<chain> [ <chain> ... ]|actions|capabilities|classifiers|config|connections|filters|ip|log|macros|mangle|nat|routing|tc|zones} ] " >&2
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
10
Shorewall-common/macro.Rfc1918
Normal file
10
Shorewall-common/macro.Rfc1918
Normal file
@ -0,0 +1,10 @@
|
||||
#
|
||||
# Shorewall version 4 - Rfc1918 Macro
|
||||
#
|
||||
# /usr/share/shorewall/macro.Rfc1918
|
||||
#
|
||||
# This macro handles traffic with SOURCE or DEST reserved by RFC 1918.
|
||||
#
|
||||
###############################################################################
|
||||
PARAM SOURCE DEST:10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
|
||||
PARAM SOURCE:10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 DEST
|
@ -89,6 +89,9 @@ Problems corrected in Shorewall-perl 4.1.7.
|
||||
/sbin/shorewall: line 723: 755 Terminated
|
||||
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
|
||||
|
||||
4) A POLICY of ":" in /etc/shorewall/policy would produce Perl
|
||||
run-time errors.
|
||||
|
||||
New Features in 4.1.7.
|
||||
|
||||
1) If an interface fails when using balanced multi-ISP routing, the
|
||||
|
@ -211,7 +211,7 @@ sub validate_policy()
|
||||
|
||||
while ( read_a_line ) {
|
||||
|
||||
my ( $client, $server, $policy, $loglevel, $synparams ) = split_line 3, 5, 'policy file';
|
||||
my ( $client, $server, $originalpolicy, $loglevel, $synparams ) = split_line 3, 5, 'policy file';
|
||||
|
||||
$loglevel = '' if $loglevel eq '-';
|
||||
$synparams = '' if $synparams eq '-';
|
||||
@ -224,9 +224,7 @@ sub validate_policy()
|
||||
|
||||
fatal_error "Undefined zone $server" unless $serverwild || defined_zone( $server );
|
||||
|
||||
my $originalpolicy = $policy;
|
||||
|
||||
( $policy , my ( $default, $remainder ) ) = split( /:/, $policy, 3 );
|
||||
my ( $policy, $default, $remainder ) = split( /:/, $originalpolicy, 3 );
|
||||
|
||||
fatal_error "Invalid or missing POLICY ($originalpolicy)" unless $policy;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user