Use <> rather than [] to delineate addresses

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@9036 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2008-12-13 20:45:23 +00:00 · 2008-12-13 20:45:23 +00:00 · dc2e7a9922
commit dc2e7a9922
parent bc15c4dffe
4 changed files with 25 additions and 11 deletions
--- a/Shorewall-common/releasenotes.txt
+++ b/Shorewall-common/releasenotes.txt
@ -1,5 +1,19 @@
 Shorewall 4.3.3

+Notice:
+
+There are two incompatible changes in this release.
+
+1)  Rather than square brackets ([]), addresses following an interface
+    name are now enclosed in angle brackets (<>). This change is made
+    to avoid confusion in the documentation with the meta characters
+    '[' and ']'.
+
+2)  Only those macros that have different contents in IPv6 are now
+    included in /usr/share/shorewall6/. As a consequence,
+    /usr/share/shorewall must be added to your CONFIG_PATH in
+    /etc/shorewall6/shorewall6.conf.
+
 ----------------------------------------------------------------------------
               R E L E A S E  4 . 3  H I G H L I G H T S
 ----------------------------------------------------------------------------
@ -98,10 +112,10 @@ New Features in Shorewall 4.3

   f)  When both an interface and an address or address list need to
       be specified in a rule, the address or list must be enclosed in
-       square brackets. Example:
+       angle brackets. Example:

        #ACTION      SOURCE		                        DEST
-	ACCEPT	     net:eth0:[2001:19f0:feee::dead:beef:cafe]	dmz
+	ACCEPT	     net:eth0:<2001:19f0:feee::dead:beef:cafe>	dmz

       Note that this includes MAC addresses as well as IPv6 addresses.

@ -109,13 +123,13 @@ New Features in Shorewall 4.3
       convention:

           #ZONE      HOSTS					OPTIONS
-           chat6      eth0:[2001:19f0:feee::dead:beef:cafe]
+           chat6      eth0:<2001:19f0:feee::dead:beef:cafe>

       Even when an interface is not specified, it is permitted to
-       enclose addresses in [] to improve readability. Example:
+       enclose addresses in <> to improve readability. Example:

           #ACTION      SOURCE		DEST
-	   ACCEPT	net:[2001:1::1]	$FW
+	   ACCEPT	net:<2001:1::1>	$FW

   g)  There are currently no Shorewall6 or Shorewall6-lite manpages.

--- a/Shorewall-perl/Shorewall/Chains.pm
+++ b/Shorewall-perl/Shorewall/Chains.pm
@ -2008,11 +2008,11 @@ sub expand_rule( $$$$$$$$$$$ )
 	    } else {
 		$iiface = $source;
 	    }
-	} elsif  ( $source =~ /^(.+?):\[(.+)\]\s*$/ ) {
+	} elsif  ( $source =~ /^(.+?):<(.+)>\s*$/ ) {
 	    $iiface = $1;
 	    $inets  = $2;
 	} elsif ( $source =~ /:/ ) {
-	    if ( $source =~ /^\[(.+)\]$/ ) {
+	    if ( $source =~ /^<(.+)>$/ ) {
 		$inets = $1;
 	    } else {
 		$inets = $source;
@ -2095,11 +2095,11 @@ sub expand_rule( $$$$$$$$$$$ )
 	    } else {
 		$diface = $dest;
 	    }
-	} elsif ( $dest =~ /^(.+?):\[(.+)\]\s*$/ ) {
+	} elsif ( $dest =~ /^(.+?):<(.+)>\s*$/ ) {
 	    $diface = $1;
 	    $dnets  = $2;
 	} elsif ( $dest =~ /:/ ) {
-	    if ( $dest =~ /^\[(.+)\]$/ ) {
+	    if ( $dest =~ /^<(.+)>$/ ) {
 		$dnets = $1;
 	    } else {
 		$dnets = $dest;
--- a/Shorewall-perl/Shorewall/Rules.pm
+++ b/Shorewall-perl/Shorewall/Rules.pm
@ -128,7 +128,7 @@ sub process_tos() {
 	    if ( $family == F_IPV4 ) {
 		( $srczone , $source , $remainder ) = split( /:/, $src, 3 );
 		fatal_error 'Invalid SOURCE' if defined $remainder;
-	    } elsif ( $src =~ /^(.+?):\[(.*)]\s*$/ ) {
+	    } elsif ( $src =~ /^(.+?):<(.*)>\s*$/ ) {
 		$srczone = $1;
 		$source  = $2;
 	    } else {
--- a/Shorewall-perl/Shorewall/Zones.pm
+++ b/Shorewall-perl/Shorewall/Zones.pm
@ -1022,7 +1022,7 @@ sub validate_hosts_file()
 		fatal_error "Invalid HOST(S) column contents: $hosts";
 	    }
 	} else {
-	    if ( $hosts =~ /^([\w.@%-]+\+?):\[(.*)\]\s*$/ ) {
+	    if ( $hosts =~ /^([\w.@%-]+\+?):<(.*)>\s*$/ ) {
 		$interface = $1;
 		$hosts = $2;
 		$zoneref->{options}{complex} = 1 if $hosts =~ /^\+/;