diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm index df682dbcc..f520edd5e 100644 --- a/Shorewall/Perl/Shorewall/Compiler.pm +++ b/Shorewall/Perl/Shorewall/Compiler.pm @@ -284,7 +284,7 @@ sub generate_script_2() { emit ( 'esac' ) , } else { - emit( 'true' ); + emit( 'true' ) unless handle_optional_interfaces; } pop_indent; diff --git a/Shorewall/Perl/Shorewall/Providers.pm b/Shorewall/Perl/Shorewall/Providers.pm index fd42425e9..301831dae 100644 --- a/Shorewall/Perl/Shorewall/Providers.pm +++ b/Shorewall/Perl/Shorewall/Providers.pm @@ -143,10 +143,12 @@ sub setup_route_marking() { sub copy_table( $$$ ) { my ( $duplicate, $number, $realm ) = @_; + my $filter = $family == F_IPV6 ? q(sed 's/ via :: / /' | ) : ''; + if ( $realm ) { emit ( "\$IP -$family route show table $duplicate | sed -r 's/ realm [[:alnum:]_]+//' | while read net route; do" ) } else { - emit ( "\$IP -$family route show table $duplicate | while read net route; do" ) + emit ( "\$IP -$family route show table $duplicate | ${filter}while read net route; do" ) } emit ( ' case $net in', @@ -162,11 +164,13 @@ sub copy_table( $$$ ) { sub copy_and_edit_table( $$$$ ) { my ( $duplicate, $number, $copy, $realm) = @_; + + my $filter = $family == F_IPV6 ? q(sed 's/ via :: / /' | ) : ''; if ( $realm ) { emit ( "\$IP -$family route show table $duplicate | sed -r 's/ realm [[:alnum:]_]+//' | while read net route; do" ) } else { - emit ( "\$IP -$family route show table $duplicate | while read net route; do" ) + emit ( "\$IP -$family route show table $duplicate | ${filter}while read net route; do" ) } emit ( ' case $net in', @@ -819,6 +823,8 @@ sub handle_optional_interfaces() { " ${base}_IS_USABLE=" , 'fi' ); } + + 1; } } diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index 497be00ca..118ce2613 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -1,3 +1,7 @@ +Changes in Shorewall 4.4.2.4 + +1) Correct optional interfaces. + Changes in Shorewall 4.4.2.3 1) Fix internal error with RETAIN_ALIASES=No. diff --git a/Shorewall/known_problems.txt b/Shorewall/known_problems.txt index cf770ecc4..7c715d8db 100644 --- a/Shorewall/known_problems.txt +++ b/Shorewall/known_problems.txt @@ -33,3 +33,7 @@ Corrected in Shorewall 4.4.2.4. +6) Under certain circumstances, optional providers are not detected + as being usable. + + Corrected in Shorewall 4.4.2.5. diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index a914ef07b..a3479bfff 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -1,4 +1,4 @@ -Shorewall 4.4.2 Patch Release 4. +Shorewall 4.4.2 Patch Release 5. ---------------------------------------------------------------------------- R E L E A S E 4 . 4 H I G H L I G H T S @@ -169,6 +169,23 @@ Shorewall 4.4.2 Patch Release 4. now, if the zone has :0.0.0.0/0 (even with exclusions), then it may have no additional members in /etc/shorewall/hosts. +---------------------------------------------------------------------------- + P R O B L E M S C O R R E C T E D I N 4 . 4 . 2 . 5 +---------------------------------------------------------------------------- + +1) Under certain circumstances, optional providers were not detected + as being usable. + + Additionally, messages issued when an optional provider was not + usable were confusing; the message intended to be issued when the + provider shared an interface ("WARNING: Gateway is not + reachable -- Provider () not Added") was being + issued when the provider did not share an interface. Similarly, the + message intended to be issued when the provider did not share an + interface ("WARNING: Interface is not usable -- + Provider () not Added") was being issued when the + provider did share an interface. + ---------------------------------------------------------------------------- P R O B L E M S C O R R E C T E D I N 4 . 4 . 2 . 4 ----------------------------------------------------------------------------