Shorewall 1.4.6c plus Fix for IPV6 addresses and the 'ip' utility

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@736 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

STABLE/changelog.txt

@@ -60,3 +60,7 @@ Changes since 1.4.5
 25. Disabled 'stop' command when startup is disabled.
 
 26. Fixed adding addresses to ppp interfaces.
+
+27. Corrected IP range in masq entry WRT ADD_SNAT_ALIASES
+
+28. Fix IPV6 address confusion.

STABLE/fallback.sh

@@ -28,7 +28,7 @@
 #       shown below. Simply run this script to revert to your prior version of
 #       Shoreline Firewall.
 
-VERSION=1.4.6b
+VERSION=1.4.6c
 
 usage() # $1 = exit status
 {

STABLE/firewall

@@ -828,7 +828,7 @@ find_interface_address() # $1 = interface
     #
     # get the line of output containing the first IP address
     #
-    addr=`ip addr show $1 2> /dev/null | grep inet | head -n1`
+    addr=`ip -f inet addr show $1 2> /dev/null | grep inet | head -n1`
     #
     # If there wasn't one, bail out now
     #
@@ -846,7 +846,7 @@ find_interface_address() # $1 = interface
 #
 find_interface_addresses() # $1 = interface
 {
-    ip addr show $1 | grep inet | sed 's/inet //;s/\/.*//;s/ peer.*//'
+    ip -f inet addr show $1 | grep inet | sed 's/inet //;s/\/.*//;s/ peer.*//'
 }
 
 #
@@ -1360,7 +1360,7 @@ setup_mac_lists() {
     #
     for interface in $maclist_interfaces; do
 	chain=`mac_chain $interface`
-	blob=`ip addr show $interface 2> /dev/null | grep inet | sed 's/inet //; s/brd //; s/scope.*//;'`
+	blob=`ip -f inet addr show $interface 2> /dev/null | grep inet | sed 's/inet //; s/brd //; s/scope.*//;'`
 
 	[ -z "$blob" ] && \
 	    fatal_error "Interface $interface must be up before Shorewall can start"

STABLE/install.sh

@@ -54,7 +54,7 @@
 #        /etc/rc.d/rc.local file is modified to start the firewall.
 #
 
-VERSION=1.4.6b
+VERSION=1.4.6c
 
 usage() # $1 = exit status
 {

STABLE/releasenotes.txt

@@ -40,6 +40,16 @@ Problems Corrected:
    The firewall script has been modified to eliminate the error
    messages.
 
+10) When ADD_SNAT_ALIASES=Yes in shorewall.conf, the following entry in
+    /etc/shorewall/masq resulted in a startup error:
+
+    eth0	eth1	 206.124.146.20-206.124.146.24
+
+11) Shorewall previously choked over IPV6 addresses configured on
+    interfaces in contexts where Shorewall needed to detect something
+    about the interface (such as when "detect" appears in the BROADCAST
+    column of the /etc/shorewall/interfaces file).
+
 Migration Issues:
 
 1) In earlier versions, an undocumented feature allowed entries in

STABLE/shorewall.spec

@@ -1,5 +1,5 @@
 %define name shorewall
-%define version 1.4.6b
+%define version 1.4.6c
 %define release 1
 %define prefix /usr
 
@@ -105,6 +105,8 @@ fi
 %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
 
 %changelog
+* Wed Aug 27 2003 Tom Eastep <tom@shorewall.net>
+- Changed version to 1.4.6c-1
 * Fri Aug 01 2003 Tom Eastep <tom@shorewall.net>
 - Changed version to 1.4.6b-1
 * Tue Jul 22 2003 Tom Eastep <tom@shorewall.net>

STABLE/uninstall.sh

@@ -26,7 +26,7 @@
 #       You may only use this script to uninstall the version
 #       shown below. Simply run this script to remove Seattle Firewall
 
-VERSION=1.4.6b
+VERSION=1.4.6c
 
 usage() # $1 = exit status
 {