Fix bogus code in process_tc_rule()

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1411 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-06-28 17:35:03 +00:00 · 2004-06-28 17:35:03 +00:00 · d1fc2daf9d
commit d1fc2daf9d
parent 2305f44a76
3 changed files with 8 additions and 5 deletions
--- a/STABLE2/changelog.txt
+++ b/STABLE2/changelog.txt
@ -34,3 +34,5 @@ Changes since 2.0.2
    comments in the rules file WRT "all" in SOURCE or DEST.

 16) Pass INVALID icmp packets through the blacklisting chains.
+
+17) Fix bogus code in process_tc_rule()
--- a/STABLE2/firewall
+++ b/STABLE2/firewall
@ -2052,11 +2052,7 @@ process_tc_rule()
 	    esac
 	fi

-	if [ "x$dest" != "x-"  ]; then
-	    verify_interface $dest || fatal_error "Unknown interface $dest in rule \"$rule\""
-	    r="${r}$(match_dest_dev $dest) "
-	fi
-
+	[ "x$dest"   = "x-"  ] || r="${r}-d $dest "
 	[ "$proto"   = "all" ] || r="${r}-p $proto "
 	[ "x$port"   = "x-"  ] || r="${r}--dport $port "
 	[ "x$sport"  = "x-"  ] || r="${r}--sport $sport "
--- a/STABLE2/releasenotes.txt
+++ b/STABLE2/releasenotes.txt
@ -44,6 +44,11 @@ Problems Corrected since 2.0.2
    not possible to blacklist hosts that are mounting certain types of
    ICMP-based DOS attacks.

+Problems corrected since 2.0.3:
+
+1)  Non-empty entries in the /etc/shorewall/tcrules DEST column 
+    generated an error message and Shorewall failed to start.
+
 -----------------------------------------------------------------------
 Issues when migrating from Shorewall 2.0.2 to Shorewall 2.0.3: