holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

More 'loose'+'balance'+'USE_DEFAULT_RT'

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8694 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2008-09-06 17:00:49 +00:00
parent 4ea348205a
commit fab1a296b8
2 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
Shorewall-common/releasenotes.txt
View File

@ -82,11 +82,12 @@ Problems corrected in Shorewall 4.2.0 RC 2.
1) Shorewall-perl was incorrectly ignoring the 'balance' option in 1) Shorewall-perl was incorrectly ignoring the 'balance' option in
/etc/shorewall/providers when 'loose' was specified after 'balance' /etc/shorewall/providers when 'loose' was specified after 'balance'
and USE_DEFAULT_RT=Yes in shorewall.conf. and USE_DEFAULT_RT=Yes in shorewall.conf. 'balance' is still the
default if 'loose' is not specified.
Other Changes in Shoreall 4.2.0 RC 2 Other Changes in Shoreall 4.2.0 RC 2
None. 1) USE_DEFAULT_RT is no longer marked 'experimental'.
New Features in Shorewall 4.2. New Features in Shorewall 4.2.
@ -896,11 +897,6 @@ New Features in Shorewall 4.2.
the main routing table. Such changes can occur for a number of the main routing table. Such changes can occur for a number of
reasons, VPNs going up and down being an example. reasons, VPNs going up and down being an example.
The USE_DEFAULT_RT option is currently classified as
EXPERIMENTAL. As a consequence, if you have a problem with it, the
Shorewall support team may not be able to supply you with a
solution.
The idea is to send packets through the main table prior to The idea is to send packets through the main table prior to
applying any of the Shorewall-generated routing rules. So changes applying any of the Shorewall-generated routing rules. So changes
to the main table will affect the routing of packets by default. to the main table will affect the routing of packets by default.
@ -910,12 +906,11 @@ New Features in Shorewall 4.2.
a) Both the DUPLICATE and the COPY columns in the providers file a) Both the DUPLICATE and the COPY columns in the providers file
must remain empty (or contain "-"). must remain empty (or contain "-").
b) The 'balance' option is assumed for all interfaces except those b) The default route is added to the the 'default' table rather
specified as 'loose'.
c) The default route is added to the the 'default' table rather
than to the main table. than to the main table.
c) 'balance' is assumed unless 'loose' is specified.
d) Packets are sent through the main routing table by a rule with d) Packets are sent through the main routing table by a rule with
priority 999. In /etc/shorewall/routing_rules, the range 1-998 priority 999. In /etc/shorewall/routing_rules, the range 1-998
may be used for inserting rules that bypass the main table. may be used for inserting rules that bypass the main table.

5
Shorewall-perl/Shorewall/Providers.pm
View File

@ -267,7 +267,7 @@ sub add_a_provider( $$$$$$$$ ) {
); );
} }
my ( $loose, $track, $balance , $optional, $mtu ) = (0,0,$config{USE_DEFAULT_RT} ? 1 : 0,interface_is_optional( $interface ), '' ); my ( $loose, $track, $balance , $default_balance, $optional, $mtu ) = (0,0,0,$config{USE_DEFAULT_RT} ? 1 : 0,interface_is_optional( $interface ), '' );
unless ( $options eq '-' ) { unless ( $options eq '-' ) {
for my $option ( split_list $options, 'option' ) { for my $option ( split_list $options, 'option' ) {
@ -279,6 +279,7 @@ sub add_a_provider( $$$$$$$$ ) {
$balance = 1; $balance = 1;
} elsif ( $option eq 'loose' ) { } elsif ( $option eq 'loose' ) {
$loose = 1; $loose = 1;
$default_balance = 0;
} elsif ( $option eq 'optional' ) { } elsif ( $option eq 'optional' ) {
set_interface_option $interface, 'optional', 1; set_interface_option $interface, 'optional', 1;
$optional = 1; $optional = 1;
@ -293,6 +294,8 @@ sub add_a_provider( $$$$$$$$ ) {
} }
} }
$balance = $default_balance unless $balance;
$providers{$table} = { provider => $table, $providers{$table} = { provider => $table,
number => $number , number => $number ,
mark => $val , mark => $val ,