forked from extern/shorewall_code
Detect duplicate zone names
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1691 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
10fc89855d
commit
c3d2f62460
@ -106,3 +106,5 @@ Changes since 2.0.3
|
||||
50) Add a clarification and fix a typo in the blacklist file.
|
||||
|
||||
51) Allow setting a specify MSS value.
|
||||
|
||||
52) Detect duplicate zone names.
|
||||
|
@ -765,6 +765,17 @@ find_hosts() # $1 = host zone
|
||||
done < $TMP_DIR/hosts
|
||||
}
|
||||
|
||||
#
|
||||
# Check for duplicate zone definitions
|
||||
#
|
||||
check_duplicate_zones() {
|
||||
local localzones=
|
||||
|
||||
for zone in $zones; do
|
||||
list_search $zone $localzones && startup_error "Zone $zone is defined more than once"
|
||||
localzones="$localzones $zone"
|
||||
done
|
||||
}
|
||||
#
|
||||
# Determine the interfaces on the firewall
|
||||
#
|
||||
@ -2631,6 +2642,7 @@ check_config() {
|
||||
echo "Determining Zones..."
|
||||
|
||||
determine_zones
|
||||
check_dupliate_zones
|
||||
|
||||
[ -z "$zones" ] && startup_error "ERROR: No Zones Defined"
|
||||
|
||||
@ -5387,6 +5399,7 @@ initialize_netfilter () {
|
||||
echo "Determining Zones..."
|
||||
|
||||
determine_zones
|
||||
check_duplicate_zones
|
||||
|
||||
[ -z "$zones" ] && startup_error "No Zones Defined"
|
||||
|
||||
@ -6112,7 +6125,7 @@ activate_rules()
|
||||
# Create forwarding chains for complex zones and generate jumps for IPSEC source hosts to that chain.
|
||||
#
|
||||
for zone in $zones; do
|
||||
if eval test -n \$${zone}_is_complex ; then
|
||||
if eval test -n \"\$${zone}_is_complex\" ; then
|
||||
frwd_chain=${zone}_frwd
|
||||
createchain $frwd_chain No
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
Shorewall 2.1.11
|
||||
Shorewall 2.1.12
|
||||
|
||||
----------------------------------------------------------------------
|
||||
Problems Corrected since 2.0.3
|
||||
@ -83,6 +83,12 @@ Problems corrected since 2.1.10
|
||||
4) A typo has been corrected in and a clarification added to the
|
||||
/etc/shorewall/blacklist file.
|
||||
|
||||
Problems corrected since 2.1.11
|
||||
|
||||
1) If a zone name appears more than once in /etc/shorewall/zones,
|
||||
Shorewall will now issue an error message and terminate during
|
||||
"shorewall [re]start" or "shorewall check".
|
||||
|
||||
-----------------------------------------------------------------------
|
||||
Issues when migrating from Shorewall 2.0 to Shorewall 2.1:
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user