Update for Shorewall 2.2.0 RC3

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1871 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2004-12-30 18:21:39 +00:00 · 2004-12-30 18:21:39 +00:00 · f25a9669eb
commit f25a9669eb
parent 63eed97f51
5 changed files with 10 additions and 13 deletions
--- a/LrpN/etc/shorewall/rules
+++ b/LrpN/etc/shorewall/rules
@ -295,9 +295,9 @@
 #		 to local system 192.168.1.3 with a limit of 3 per second and
 #		 a maximum burst of 10
 #
-#	#ACTION 	SOURCE	DEST            PROTO	DEST    SOURCE	ORIGINAL
-#	#                                       	PORT    PORT(S) DEST
-#	DNAT<3/sec:10>	net	loc:192.168.1.3 tcp	http
+#	#ACTION 	SOURCE	DEST            PROTO	DEST    SOURCE	ORIGINAL	RATE
+#	#                                       	PORT    PORT(S) DEST		LIMIT
+#	DNAT		net	loc:192.168.1.3 tcp	http	-	-		3/sec:10
 #
 #	Example: Redirect all locally-originating www connection requests to
 #		 port 3128 on the firewall (Squid running on the firewall
--- a/LrpN/etc/shorewall/tunnels
+++ b/LrpN/etc/shorewall/tunnels
@ -9,7 +9,7 @@
 #
 #	The columns are:
 #
-#	TYPE	    --	must start in column 1 and be "ipsec", "ipsecnat","ip"
+#	TYPE	    --	must start in column 1 and be "ipsec", "ipsecnat","ipip"
 #			"gre", "6to4", "pptpclient", "pptpserver", "openvpn" or 
 #			"generic"
 #
--- a/LrpN/usr/share/shorewall/firewall
+++ b/LrpN/usr/share/shorewall/firewall
@ -1364,7 +1364,7 @@ disable_ipv6() {
 }

 disable_ipv6_1() {
-    local foo=$(ip -f inet6 addr ls 2> /dev/null)
+    local foo="$(ip -f inet6 addr ls 2> /dev/null)"

    if [ -n "$foo" ]; then
 	if qt which ip6tables; then
@ -4905,7 +4905,7 @@ setup_masq()
    }

    setup_one() {
-	local add_snat_aliases=$ADD_SNAT_ALIASES, pre_nat= policy=
+	local add_snat_aliases=$ADD_SNAT_ALIASES, pre_nat= policy= destnets=

 	[ "x$ipsec" = x- ] && ipsec=

@ -4946,7 +4946,6 @@ setup_masq()
 	    *:)
 		add_snat_aliases=
 	        fullinterface=${fullinterface%:}
-		destnets="0.0.0.0/0"
 		;;
 	    *:*)
 		# Alias name OR networks
@ -4958,12 +4957,10 @@ setup_masq()
 			;;
 		    *)
 			#it's an alias name
-			destnets="0.0.0.0/0"
 			;;
 		esac
 		;;
 	    *)
-		destnets="0.0.0.0/0"
 		;;
 	esac

@ -5003,7 +5000,7 @@ setup_masq()
 			if ! list_search $addr $aliases_to_add; then
 			    [ -n "$RETAIN_ALIASES" ] || save_command qt ip addr del $addr dev $interface 
 			    aliases_to_add="$aliases_to_add $addr $fullinterface"
-			    case $fullinterface in 
+			    case $fullinterface in
 				*:*)
 				    fullinterface=${fullinterface%:*}:$((${fullinterface#*:} + 1 ))
 				    ;;
@ -5058,7 +5055,7 @@ setup_masq()
 	    [ -n "$ports" ] && fatal_error "Ports only allowed with UDP or TCP ($ports)"
 	fi	

-	destination=$destnets
+	destination=${destnets:=0.0.0.0/0}

 	[ -z "$pre_nat" ] && chain=$(masq_chain $interface) || chain=$(snat_chain $interface)

--- a/LrpN/usr/share/shorewall/help
+++ b/LrpN/usr/share/shorewall/help
@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# Shorewall help subsystem - V2.1
+# Shorewall help subsystem - V2.2
 #
 #
 #     This program is under GPL [http://www.gnu.org/copyleft/gpl.htm]
--- a/LrpN/usr/share/shorewall/version
+++ b/LrpN/usr/share/shorewall/version
@ -1 +1 @@
-2.2.0-RC2
+2.2.0-RC3