diff --git a/Lrp2/etc/shorewall/interfaces b/Lrp2/etc/shorewall/interfaces index d2ea37a12..8397e28a6 100644 --- a/Lrp2/etc/shorewall/interfaces +++ b/Lrp2/etc/shorewall/interfaces @@ -29,7 +29,7 @@ # # BROADCAST The broadcast address for the subnetwork to which the # interface belongs. For P-T-P interfaces, this -# column is left black.If the interface has multiple +# column is left blank.If the interface has multiple # addresses on multiple subnets then list the broadcast # addresses as a comma-separated list. # diff --git a/Lrp2/usr/share/shorewall/firewall b/Lrp2/usr/share/shorewall/firewall index 615d4c550..96cb42329 100755 --- a/Lrp2/usr/share/shorewall/firewall +++ b/Lrp2/usr/share/shorewall/firewall @@ -1226,7 +1226,7 @@ setup_forwarding() { # Disable IPV6 # disable_ipv6() { - local foo=$(ip -f inet6 addr ls 2> /dev/null) + local foo="$(ip -f inet6 addr ls 2> /dev/null)" if [ -n "$foo" ]; then if qt which ip6tables; then @@ -1241,7 +1241,7 @@ disable_ipv6() { } disable_ipv6_1() { - local foo=$(ip -f inet6 addr ls 2> /dev/null) + local foo="$(ip -f inet6 addr ls 2> /dev/null)" if [ -n "$foo" ]; then if qt which ip6tables; then @@ -1844,8 +1844,9 @@ setup_mac_lists() { setup_syn_flood_chain () # $1 = policy chain # $2 = synparams + # $3 = loglevel { - local chain=$1 + local chain=@$1 local limit=$2 local limit_burst= @@ -1856,9 +1857,11 @@ setup_syn_flood_chain () ;; esac - run_iptables -N @$chain - run_iptables -A @$chain -m limit --limit $limit $limit_burst -j RETURN - run_iptables -A @$chain -j DROP + run_iptables -N $chain + run_iptables -A $chain -m limit --limit $limit $limit_burst -j RETURN + [ -n "$3" ] && \ + log_rule_limit $3 $chain $chain DROP "-m limit --limit 5/min --limit-burst 5" "" "" + run_iptables -A $chain -j DROP } # @@ -5248,7 +5251,7 @@ apply_policy_rules() { eval loglevel=\$${chain}_loglevel eval synparams=\$${chain}_synparams - [ -n "$synparams" ] && setup_syn_flood_chain $chain $synparams + [ -n "$synparams" ] && setup_syn_flood_chain $chain $synparams $loglevel if havechain $chain; then [ -n "$synparams" ] && \ diff --git a/Lrp2/usr/share/shorewall/version b/Lrp2/usr/share/shorewall/version index 82bd22f9c..3d45b5c65 100644 --- a/Lrp2/usr/share/shorewall/version +++ b/Lrp2/usr/share/shorewall/version @@ -1 +1 @@ -2.0.13 +2.0.14 diff --git a/STABLE2/fallback.sh b/STABLE2/fallback.sh index 121a22fd9..aab9770a0 100755 --- a/STABLE2/fallback.sh +++ b/STABLE2/fallback.sh @@ -28,7 +28,7 @@ # shown below. Simply run this script to revert to your prior version of # Shoreline Firewall. -VERSION=2.0.13 +VERSION=2.0.14 usage() # $1 = exit status { diff --git a/STABLE2/install.sh b/STABLE2/install.sh index 889865f97..841c8205b 100755 --- a/STABLE2/install.sh +++ b/STABLE2/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA # -VERSION=2.0.13 +VERSION=2.0.14 usage() # $1 = exit status { diff --git a/STABLE2/releasenotes.txt b/STABLE2/releasenotes.txt index 4171ebe9c..7828c575e 100644 --- a/STABLE2/releasenotes.txt +++ b/STABLE2/releasenotes.txt @@ -1,4 +1,4 @@ -Shorewall 2.0.13 +Shorewall 2.0.14 ---------------------------------------------------------------------- Problems Corrected in version 2.0.4 @@ -264,6 +264,3 @@ Problems corrected in 2.0.14 "shorewall clear" have been eliminated. 3) A misleading typo in /etc/shorewall/tunnels has been corrected. - - - diff --git a/STABLE2/shorewall.spec b/STABLE2/shorewall.spec index 6fd2d4175..06a6e7e61 100644 --- a/STABLE2/shorewall.spec +++ b/STABLE2/shorewall.spec @@ -1,5 +1,5 @@ %define name shorewall -%define version 2.0.13 +%define version 2.0.14 %define release 1 %define prefix /usr @@ -141,6 +141,8 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel %changelog +* Mon Jan 03 2005 Tom Eastep tom@shorewall.net +- Updated to 2.0.14-1 * Thu Dec 02 2004 Tom Eastep tom@shorewall.net - Updated to 2.0.13-1 * Wed Dec 01 2004 Tom Eastep tom@shorewall.net diff --git a/STABLE2/uninstall.sh b/STABLE2/uninstall.sh index 9a125e4a6..80954b16e 100755 --- a/STABLE2/uninstall.sh +++ b/STABLE2/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Seattle Firewall -VERSION=2.0.13 +VERSION=2.0.14 usage() # $1 = exit status {