Insure that VERBOSITY=0 when interrogating compiled script version

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Shorewall-init/install.sh

@@ -23,7 +23,7 @@
 #       Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 
-VERSION=4.4.13-RC1
+VERSION=4.4.13.3
 
 usage() # $1 = exit status
 {

Shorewall-init/shorewall-init.spec

@@ -1,6 +1,6 @@
 %define name shorewall-init
 %define version 4.4.13
-%define release 0RC1
+%define release 3
 
 Summary: Shorewall-init adds functionality to Shoreline Firewall (Shorewall).
 Name: %{name}
@@ -99,6 +99,14 @@ fi
 %doc COPYING changelog.txt releasenotes.txt
 
 %changelog
+* Sat Oct 02 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-3
+* Fri Oct 01 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-2
+* Wed Sep 22 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-1
+* Mon Sep 20 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-0base
 * Fri Sep 17 2010 Tom Eastep tom@shorewall.net
 - Updated to 4.4.13-0RC1
 * Fri Sep 17 2010 Tom Eastep tom@shorewall.net

Shorewall-init/uninstall.sh

@@ -26,7 +26,7 @@
 #       You may only use this script to uninstall the version
 #       shown below. Simply run this script to remove Shorewall Firewall
 
-VERSION=4.4.13-RC1
+VERSION=4.4.13.3
 
 usage() # $1 = exit status
 {

Shorewall-lite/init.debian.sh

@@ -17,10 +17,9 @@ SRWL=/sbin/shorewall-lite
 SRWL_OPTS="-tvv"
 test -n ${INITLOG:=/var/log/shorewall-lite-init.log}
 
-[ "$INITLOG" eq "/dev/null" && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0
+[ "$INITLOG" = "/dev/null" ] && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0
 
 export SHOREWALL_INIT_SCRIPT
-
 test -x $SRWL || exit 0
 test -x $WAIT_FOR_IFUP || exit 0
 test -n "$INITLOG" || {

Shorewall-lite/install.sh

@@ -22,7 +22,7 @@
 #       Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 
-VERSION=4.4.13-RC1
+VERSION=4.4.13.3
 
 usage() # $1 = exit status
 {

Shorewall-lite/shorewall-lite

@@ -94,9 +94,9 @@ get_config() {
     [ -z "$LOGFILE" ] && LOGFILE=/var/log/messages
 
     if ( ps ax 2> /dev/null | grep -v grep |  qt grep 'syslogd.*-C' ) ; then
-	LOGREAD="logread | tac"
+	g_logread="logread | tac"
     elif [ -r $LOGFILE ]; then
-	LOGREAD="tac $LOGFILE"
+	g_logread="tac $LOGFILE"
     else
 	echo "LOGFILE ($LOGFILE) does not exist!" >&2
 	exit 2
@@ -145,6 +145,12 @@ get_config() {
 
     [ -n "$g_use_verbosity" ] && VERBOSITY=$g_use_verbosity || VERBOSITY=$(($g_verbose_offset + $VERBOSITY))
 
+    if [ $VERBOSITY -lt -1 ]; then
+	VERBOSITY=-1
+    elif [ $VERBOSITY -gt 2 ]; then
+	VERBOSITY=2
+    fi
+
     g_hostname=$(hostname 2> /dev/null)
 
     IP=$(mywhich ip 2> /dev/null)
@@ -463,6 +469,7 @@ g_use_verbosity=
 g_noroutes=
 g_timestamp=
 g_recovering=
+g_logread=
 
 finished=0
 

Shorewall-lite/shorewall-lite.spec

@@ -1,6 +1,6 @@
 %define name shorewall-lite
 %define version 4.4.13
-%define release 0RC1
+%define release 3
 
 Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems.
 Name: %{name}
@@ -102,6 +102,14 @@ fi
 %doc COPYING changelog.txt releasenotes.txt
 
 %changelog
+* Sat Oct 02 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-3
+* Fri Oct 01 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-2
+* Wed Sep 22 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-1
+* Mon Sep 20 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-0base
 * Fri Sep 17 2010 Tom Eastep tom@shorewall.net
 - Updated to 4.4.13-0RC1
 * Fri Sep 17 2010 Tom Eastep tom@shorewall.net

Shorewall-lite/uninstall.sh

@@ -26,7 +26,7 @@
 #       You may only use this script to uninstall the version
 #       shown below. Simply run this script to remove Shorewall Firewall
 
-VERSION=4.4.13-RC1
+VERSION=4.4.13.3
 
 usage() # $1 = exit status
 {

Shorewall/Perl/Shorewall/Chains.pm

@@ -68,7 +68,7 @@ our %EXPORT_TAGS = (
 				       SET
 				       NO_RESTRICT
 				       PREROUTE_RESTRICT
-				       DESTIFAC_DISALLOW
+				       DESTIFACE_DISALLOW
 				       INPUT_RESTRICT
 				       OUTPUT_RESTRICT
 				       POSTROUTE_RESTRICT
@@ -267,7 +267,7 @@ use constant { NO_RESTRICT        => 0,   # FORWARD chain rule     - Both -i and
 	       OUTPUT_RESTRICT     => 8,   # OUTPUT chain rule      - -i not allowed
 	       POSTROUTE_RESTRICT  => 16,  # POSTROUTING chain rule - -i converted to -s <address list> using main routing table
 	       ALL_RESTRICT        => 12,  # fw->fw rule            - neither -i nor -o allowed
-	       DESTIFAC_DISALLOW  => 32,  # Don't allow dest interface
+	       DESTIFACE_DISALLOW  => 32,  # Don't allow dest interface
 	       };
 
 our $iprangematch;
@@ -3408,14 +3408,14 @@ sub expand_rule( $$$$$$$$$$;$ )
 	    #
 	    # Dest interface -- must use routing table
 	    #
-	    fatal_error "A DEST interface is not permitted in the PREROUTING chain" if $restriction & DESTIFAC_DISALLOW;
+	    fatal_error "A DEST interface is not permitted in the PREROUTING chain" if $restriction & DESTIFACE_DISALLOW;
 	    fatal_error "Bridge port ($diface) not allowed" if port_to_bridge( $diface );
 	    push_command( $chainref , 'for dest in ' . get_interface_nets( $diface) . '; do', 'done' );
 	    $rule .= '-d $dest ';
 	} else {
 	    fatal_error "Bridge Port ($diface) not allowed in OUTPUT or POSTROUTING rules" if ( $restriction & ( POSTROUTE_RESTRICT + OUTPUT_RESTRICT ) ) && port_to_bridge( $diface );
 	    fatal_error "Destination Interface ($diface) not allowed when the destination zone is the firewall zone" if $restriction & INPUT_RESTRICT;
-	    fatal_error "Destination Interface ($diface) not allowed in the mangle OUTPUT chain" if $restriction & DESTIFAC_DISALLOW;
+	    fatal_error "Destination Interface ($diface) not allowed in the mangle OUTPUT chain" if $restriction & DESTIFACE_DISALLOW;
 
 	    if ( $iiface ) {
 		my $bridge = port_to_bridge( $diface );
@@ -3746,7 +3746,7 @@ sub promote_blacklist_rules() {
 		    #
 		    unless ( $chain2ref->{blacklist} ) {
 			unshift @{$chain2ref->{rules}}, $rule;
-			$chainbref->{references}{$chain2ref->{name}}++;
+			add_reference $chain2ref, $chainbref;
 			$chain2ref->{blacklist} = 1;
 		    }
 		}

Shorewall/Perl/Shorewall/Config.pm

@@ -347,7 +347,7 @@ sub initialize( $ ) {
 		    EXPORT => 0,
 		    STATEMATCH => '-m state --state',
 		    UNTRACKED => 0,
-		    VERSION => "4.4.13-RC1",
+		    VERSION => "4.4.13.3",
 		    CAPVERSION => 40413 ,
 		  );
 
@@ -1093,7 +1093,7 @@ sub progress_message2 {
 
 	@localtime = localtime unless $havelocaltime;
 
-	printf $log '%s %2d %02d:%02d:%02d ', $abbr[$localtime[4]], @localtime[3,2,1,0];
+	printf $log '%s %2d %2d:%02d:%02d ', $abbr[$localtime[4]], @localtime[3,2,1,0];
 	print $log "@_\n";
     }
 }
@@ -1114,7 +1114,7 @@ sub progress_message3 {
 
 	@localtime = localtime unless $havelocaltime;
 
-	printf $log '%s %2d %02d:%02d:%02d ', $abbr[$localtime[4]], @localtime[3,2,1,0];
+	printf $log '%s %2d %2d:%02d:%02d ', $abbr[$localtime[4]], @localtime[3,2,1,0];
 	print $log "@_\n";
     }
 }
@@ -1475,11 +1475,12 @@ sub split_list1( $$ ) {
 
 	if ( ( $count = tr/(/(/ ) > 0 ) {
 	    fatal_error "Invalid $type list ($list)" if $element || $count > 1;
+	    s/\(//;
 	    if ( ( $count = tr/)/)/ ) > 0 ) {
 		fatal_error "Invalid $type list ($list)" if $count > 1;
+		s/\)//;
 		push @list2 , $_;
 	    } else {
-		s/\(//;
 		$element = $_;
 	    }
 	} elsif ( ( $count =  tr/)/)/ ) > 0 ) {
@@ -1576,7 +1577,12 @@ sub open_file( $ ) {
 
     assert( ! defined $currentfile );
 
-    -f $fname && -s _ ? do_open_file $fname : '';
+    if ( -f $fname && -s _ ) {
+	$first_entry = 0;
+	do_open_file $fname;;
+    } else {
+	'';
+    }
 }
 
 #

Shorewall/Perl/Shorewall/Rules.pm

@@ -1861,20 +1861,13 @@ sub generate_matrix() {
 
     progress_message2 'Generating Rule Matrix...';
     #
-    # Special processing for complex configurations
+    # Special processing for complex and blacklisting configurations
     #
     for my $zone ( @zones ) {
 	my $zoneref = find_zone( $zone );
 
-	next if @zones <= 2 && ! $zoneref->{options}{complex};
-	#
-	# Complex zone and we have more than one non-firewall zone -- create a zone forwarding chain
-	#
-	my $frwd_ref = new_standard_chain zone_forward_chain( $zone );
-
 	if ( $zoneref->{options}{in}{blacklist} ) {
 	    my $blackref = $filter_table->{blacklst};
-	    add_jump $frwd_ref , $blackref, 0, $state, 0, -1;
 	    add_jump ensure_filter_chain( rules_chain( $zone, $_ ), 1 ) , $blackref , 0, $state, 0, -1 for firewall_zone, @vservers;
 	}
 
@@ -1892,6 +1885,15 @@ sub generate_matrix() {
 	    }
 	}
 
+	next if @zones <= 2 && ! $zoneref->{options}{complex};
+	
+	#
+	# Complex zone or we have more than one non-firewall zone -- create a zone forwarding chain
+	#
+	my $frwd_ref = new_standard_chain zone_forward_chain( $zone );
+
+	add_jump $frwd_ref , $filter_table->{blacklst}, 0, $state, 0, -1 if $zoneref->{options}{in}{blacklist};
+
 	if ( have_ipsec ) {
 	    #
 	    # Because policy match only matches an 'in' or an 'out' policy (but not both), we have to place the

Shorewall/Perl/Shorewall/Tc.pm

@@ -296,7 +296,7 @@ sub process_tc_rule( ) {
 			    fatal_error "SAME rules are only allowed in the PREROUTING and OUTPUT chains" if $chain ne 'tcpre';
 			}
 
-			$restriction = DESTIFAC_DISALLOW;
+			$restriction = DESTIFACE_DISALLOW;
 			
 			ensure_mangle_chain($target);
 

Shorewall/Perl/Shorewall/Tunnels.pm

@@ -34,7 +34,7 @@ use strict;
 our @ISA = qw(Exporter);
 our @EXPORT = qw( setup_tunnels );
 our @EXPORT_OK = ( );
-our $VERSION = '4.4_9';
+our $VERSION = '4.4_13';
 
 #
 # Here starts the tunnel stuff -- we really should get rid of this crap...

Shorewall/Perl/Shorewall/Zones.pm

@@ -903,6 +903,8 @@ sub process_interface( $$ ) {
 	$root = $interface;
     }
 
+    fatal_error "Invalid interface name ($interface)" if $interface =~ /\*/;
+
     my $physical = $interface;
     my $broadcasts;
 
@@ -1183,6 +1185,8 @@ sub known_interface($;$)
 
     return $interfaceref if $interfaceref;
 
+    fatal_error "Invalid interface ($interface)" if $interface =~ /\*/;
+
     for my $i ( @interfaces ) {
 	$interfaceref = $interfaces{$i};
 	my $root = $interfaceref->{root};
@@ -1807,7 +1811,7 @@ sub find_hosts_by_option( $ ) {
 }
 
 #
-# Retruns a reference to a list of zones with the passed in/out option
+# Returns a reference to a list of zones with the passed in/out option
 #
 
 sub find_zones_by_option( $$ ) {

Shorewall/changelog.txt

@@ -1,3 +1,19 @@
+Changes in Shorewall 4.4.13.3
+
+1)  Fix log reading in the -lite packages.
+
+Changes in Shorewall 4.4.13.2
+
+1) Fix Debian -lite init scripts.
+
+2) Clamp VERBOSITY to valid range.
+
+Changes in Shorewall 4.4.13.1
+
+1)  Make log messages uniform.
+
+2)  Fix blacklisting in simple configurations.
+
 Changes in Shorewall 4.4.13
 
 1)  Allow zone lists in rules SOURCE and DEST.
@@ -35,6 +51,8 @@ Changes in Shorewall 4.4.13
 
 16) Correct port-range check in tcfilters.
 
+17) Disallow '*' in interface names.
+
 Changes in Shorewall 4.4.12
 
 1)  Fix IPv6 shorecap program.

Shorewall/install.sh

@@ -22,7 +22,7 @@
 #       Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 
-VERSION=4.4.13-RC1
+VERSION=4.4.13.3
 
 usage() # $1 = exit status
 {

Shorewall/known_problems.txt

@@ -1 +1,58 @@
-There are no known problems in Shorewall 4.4.13-RC1
+1)  On systems running Upstart, shorewall-init cannot reliably start the
+    firewall before interfaces are brought up.
+
+2)  The date/time formatting in the STARTUP_LOG is not uniform.
+
+    Fixed in 4.4.13.1
+
+3)  The blacklisting change in 4.4.13 broke blacklisting in some simple
+    configurations with the effect that blacklisting was not enabled.
+
+    Fixed in 4.4.13.1
+
+    The issue may also be worked around is follows.
+
+    If you currently have an entry similar to this in
+    /etc/shorewall/interfaces:
+
+       #ZONE         INTERFACE BROADCAST        OPTIONS
+       net 	     eth0      detect		blacklist,...
+
+    then remove the 'blacklist' option from that entry and change the
+    'net' entry in /etc/shorewall/zones as follows:
+
+       #ZONE       TYPE       OPTIONS       IN_OPTIONS
+       net         ipv4       -             blacklist
+
+4)  The Debian init scripts for Shorewall-lite and Shorewall6-lite
+    contain a syntax error.
+
+    Fixed in 4.4.13.2.
+
+5)  If the -v or -q option is passed to /sbin/shorewall-lite or
+    /sbin/shorewall6-lite on a command that involves the compiled
+    script, then the command will fail if the effective verbosity is
+    > 2 or < -1.
+
+    Fixed in 4.4.13.2.
+
+6)  When running one of the -lite packages, the log reading commands
+    (show log, logwatch and dump) show no log record.
+
+    Fixed in 4.4.13.3.
+
+7)  In /etc/shorewall/interfaces, if nets=(a.b.c.d/e) is entered then a
+    fatal error is erroneously raised.
+
+    Workaround: Remove the parentheses (e.g., nets=a.b.c.d/e). 
+
+8)  If 10 or more interfaces are configured in Complex Traffic Shaping
+    (/etc/shorewall/tcdevices), the following compilation diagnostic
+    is issued:
+
+        Argument "a" isn't numeric in sprintf at
+	/usr/share/shorewall/Shorewall/Config.pm line 893.
+ 
+    and an invalid TC configuration is generated.
+
+    Fixed in 4.4.14.

Shorewall/lib.common

@@ -34,6 +34,10 @@ get_script_version() { # $1 = script
     local version
     local ifs
     local digits
+    local verbosity
+
+    verbosity="$VERBOSITY"
+    VERBOSITY=0
 
     temp=$( $SHOREWALL_SHELL $1 version | sed 's/-.*//' )
 
@@ -54,6 +58,8 @@ get_script_version() { # $1 = script
     fi
 
     echo $version
+
+    VERBOSITY="$verbosity"
 }
 
 #

Shorewall/releasenotes.txt

@@ -1,6 +1,5 @@
 ----------------------------------------------------------------------------
-                      S H O R E W A L L  4 . 4 . 1 3
+                      S H O R E W A L L  4 . 4 . 1 3 . 3
-                                 R C  1
 ----------------------------------------------------------------------------
 
 I.    PROBLEMS CORRECTED IN THIS RELEASE
@@ -14,6 +13,30 @@ VI.   PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
   I.  P R O B L E M S   C O R R E C T E D   I N   T H I S  R E L E A S E
 ----------------------------------------------------------------------------
 
+4.4.13.3
+
+1)  The log-reading commands (show log, logwatch and dump) always
+    showed an empty log when using one of the -lite packages.
+
+4.4.13.2
+
+1)  The Debian init scripts for Shorewall-lite and Shorewall6-lite
+    contained a syntax error.
+
+2)  If the -v or -q option was passed to /sbin/shorewall-lite or
+    /sbin/shorewall6-lite on a command that involved the compiled
+    script, then the command would fail if the effective verbosity was
+    > 2 or < -1.
+
+4.4.13.1
+
+1)  Previously, messages to the STARTUP_LOG had inconsistent date formats.
+
+2)  The blacklisting change in 4.4.13 was broken in some simple
+    configurations with the effect that blacklisting was not enabled.
+
+4.4.13
+ 
 1)  Under rare circumstances where COMMENT is used to attach comments
     to rules, OPTIMIZE 8 through 15 could result in invalid
     iptables-restore (ip6tables-restore) input.
@@ -116,6 +139,8 @@ VI.   PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
 13) An error message was incorrectly generated if a port range of the
     form :<port> (e.g., :22) appeared.
 
+14) An error is now generated if '*' appears in an interface name.
+
 ----------------------------------------------------------------------------
            I I.  K N O W N   P R O B L E M S   R E M A I N I N G
 ----------------------------------------------------------------------------

Shorewall/shorewall.spec

@@ -1,6 +1,6 @@
 %define name shorewall
 %define version 4.4.13
-%define release 0RC1
+%define release 3
 
 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
 Name: %{name}
@@ -108,6 +108,14 @@ fi
 %doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples
 
 %changelog
+* Sat Oct 02 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-3
+* Fri Oct 01 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-2
+* Wed Sep 22 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-1
+* Mon Sep 20 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-0base
 * Fri Sep 17 2010 Tom Eastep tom@shorewall.net
 - Updated to 4.4.13-0RC1
 * Fri Sep 17 2010 Tom Eastep tom@shorewall.net

Shorewall/uninstall.sh

@@ -26,7 +26,7 @@
 #       You may only use this script to uninstall the version
 #       shown below. Simply run this script to remove Shorewall Firewall
 
-VERSION=4.4.13-RC1
+VERSION=4.4.13.3
 
 usage() # $1 = exit status
 {

Shorewall6-lite/init.debian.sh

@@ -17,7 +17,7 @@ SRWL=/sbin/shorewall6-lite
 SRWL_OPTS="-tvv"
 test -n ${INITLOG:=/var/log/shorewall6-lite-init.log}
 
-[ "$INITLOG" eq "/dev/null" && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0
+[ "$INITLOG" = "/dev/null" ] && SHOREWALL_INIT_SCRIPT=1 || SHOREWALL_INIT_SCRIPT=0
 
 export SHOREWALL_INIT_SCRIPT
 

Shorewall6-lite/install.sh

@@ -22,7 +22,7 @@
 #       Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 
-VERSION=4.4.13-RC1
+VERSION=4.4.13.3
 
 usage() # $1 = exit status
 {

Shorewall6-lite/shorewall6-lite

@@ -94,9 +94,9 @@ get_config() {
     [ -z "$LOGFILE" ] && LOGFILE=/var/log/messages
 
     if ( ps ax 2> /dev/null | grep -v grep |  qt grep 'syslogd.*-C' ) ; then
-	LOGREAD="logread | tac"
+	g_logread="logread | tac"
     elif [ -r $LOGFILE ]; then
-	LOGREAD="tac $LOGFILE"
+	g_logread="tac $LOGFILE"
     else
 	echo "LOGFILE ($LOGFILE) does not exist!" >&2
 	exit 2
@@ -145,6 +145,12 @@ get_config() {
 
     [ -n "$g_use_verbosity" ] && VERBOSITY=$g_use_verbosity || VERBOSITY=$(($g_verbose_offset + $VERBOSITY))
 
+    if [ $VERBOSITY -lt -1 ]; then
+	VERBOSITY=-1
+    elif [ $VERBOSITY -gt 2 ]; then
+	VERBOSITY=2
+    fi
+
     g_hostname=$(hostname 2> /dev/null)
 
     IP=$(mywhich ip 2> /dev/null)
@@ -447,6 +453,7 @@ g_noroutes=
 g_timestamp=
 g_recovering=
 g_purge=
+g_logread=
 
 finished=0
 

Shorewall6-lite/shorewall6-lite.spec

@@ -1,6 +1,6 @@
 %define name shorewall6-lite
 %define version 4.4.13
-%define release 0RC1
+%define release 3
 
 Summary: Shoreline Firewall 6 Lite is an ip6tables-based firewall for Linux systems.
 Name: %{name}
@@ -93,6 +93,14 @@ fi
 %doc COPYING changelog.txt releasenotes.txt
 
 %changelog
+* Sat Oct 02 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-3
+* Fri Oct 01 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-2
+* Wed Sep 22 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-1
+* Mon Sep 20 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-0base
 * Fri Sep 17 2010 Tom Eastep tom@shorewall.net
 - Updated to 4.4.13-0RC1
 * Fri Sep 17 2010 Tom Eastep tom@shorewall.net

Shorewall6-lite/uninstall.sh

@@ -26,7 +26,7 @@
 #       You may only use this script to uninstall the version
 #       shown below. Simply run this script to remove Shorewall Firewall
 
-VERSION=4.4.13-RC1
+VERSION=4.4.13.3
 
 usage() # $1 = exit status
 {

Shorewall6/install.sh

@@ -22,7 +22,7 @@
 #       Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 
-VERSION=4.4.13-RC1
+VERSION=4.4.13.3
 
 usage() # $1 = exit status
 {

Shorewall6/lib.common

@@ -32,6 +32,10 @@ get_script_version() { # $1 = script
     local version
     local ifs
     local digits
+    local verbosity
+
+    verbosity="$VERBOSITY"
+    VERBOSITY=0
 
     temp=$( $SHOREWALL_SHELL $1 version | sed 's/-.*//' )
 
@@ -52,6 +56,8 @@ get_script_version() { # $1 = script
     fi
     
     echo $version
+
+    VERBOSITY="$verbosity"
 }
   
 #

Shorewall6/shorewall6.spec

@@ -1,6 +1,6 @@
 %define name shorewall6
 %define version 4.4.13
-%define release 0RC1
+%define release 3
 
 Summary: Shoreline Firewall 6 is an ip6tables-based firewall for Linux systems.
 Name: %{name}
@@ -98,6 +98,14 @@ fi
 %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn ipv6 Samples6
 
 %changelog
+* Sat Oct 02 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-3
+* Fri Oct 01 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-2
+* Wed Sep 22 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-1
+* Mon Sep 20 2010 Tom Eastep tom@shorewall.net
+- Updated to 4.4.13-0base
 * Fri Sep 17 2010 Tom Eastep tom@shorewall.net
 - Updated to 4.4.13-0RC1
 * Fri Sep 17 2010 Tom Eastep tom@shorewall.net

Shorewall6/uninstall.sh

@@ -26,7 +26,7 @@
 #       You may only use this script to uninstall the version
 #       shown below. Simply run this script to remove Shorewall Firewall
 
-VERSION=4.4.13-RC1
+VERSION=4.4.13.3
 
 usage() # $1 = exit status
 {