mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-22 19:44:21 +01:00
network/shorewall: Updated for version 4.4.13.1.
Signed-off-by: Robby Workman <rworkman@slackbuilds.org>
This commit is contained in:
parent
786bc54895
commit
96fa4df9ae
4 changed files with 8 additions and 470 deletions
|
@ -1,245 +0,0 @@
|
|||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12/Perl/Shorewall/Chains.pm shorewall-4.4.12.1/Perl/Shorewall/Chains.pm
|
||||
--- shorewall-4.4.12/Perl/Shorewall/Chains.pm 2010-08-17 07:34:21.000000000 -0700
|
||||
+++ shorewall-4.4.12.1/Perl/Shorewall/Chains.pm 2010-08-24 13:15:35.000000000 -0700
|
||||
@@ -687,7 +687,7 @@
|
||||
# deleting elements from the array over which we are iterating.
|
||||
#
|
||||
for ( my $rule = 0; $rule <= $#{$rules}; $rule++ ) {
|
||||
- if ( $rules->[$rule] =~ / -[gj] ${to}\s*$/ ) {
|
||||
+ if ( $rules->[$rule] =~ / -[gj] ${to}( -m comment .*)?\s*$/ ) {
|
||||
trace( $fromref, 'D', $rule + 1, $rules->[$rule] ) if $debug;
|
||||
splice( @$rules, $rule, 1 );
|
||||
last unless --$refs > 0;
|
||||
@@ -3118,17 +3118,6 @@
|
||||
fatal_error "LOG requires a level";
|
||||
}
|
||||
#
|
||||
- # Mark Target as referenced, if it's a chain
|
||||
- #
|
||||
- if ( $target =~ /-[jg]\s+([^\s]+)/ ) {
|
||||
- my $targetref = $chain_table{$chainref->{table}}{$1};
|
||||
- if ( $targetref ) {
|
||||
- $targetref->{referenced} = 1;
|
||||
- add_reference $chainref, $targetref;
|
||||
- }
|
||||
- }
|
||||
-
|
||||
- #
|
||||
# Isolate Source Interface, if any
|
||||
#
|
||||
if ( $source ) {
|
||||
@@ -3397,6 +3386,8 @@
|
||||
fatal_error "SOURCE interface may not be specified with a source IP address in the POSTROUTING chain" if $restriction == POSTROUTE_RESTRICT && $iiface && ( $inets ne ALLIP || $iexcl || $trivialiexcl);
|
||||
fatal_error "DEST interface may not be specified with a destination IP address in the PREROUTING chain" if $restriction == PREROUTE_RESTRICT && $diface && ( $dnets ne ALLIP || $dexcl || $trivialdexcl);
|
||||
|
||||
+ my $fromref;
|
||||
+
|
||||
if ( $iexcl || $dexcl || $oexcl ) {
|
||||
#
|
||||
# We have non-trivial exclusion -- need to create an exclusion chain
|
||||
@@ -3438,7 +3429,7 @@
|
||||
#
|
||||
# Generate Final Rule
|
||||
#
|
||||
- add_rule( $echainref, $exceptionrule . $target, 1 ) unless $disposition eq 'LOG';
|
||||
+ add_rule( $fromref = $echainref, $exceptionrule . $target, 1 ) unless $disposition eq 'LOG';
|
||||
} else {
|
||||
#
|
||||
# No exclusions
|
||||
@@ -3478,7 +3469,7 @@
|
||||
'add',
|
||||
$matches );
|
||||
|
||||
- add_rule( $chainref, $matches . $target, 1 );
|
||||
+ add_rule( $fromref = $chainref, $matches . $target, 1 );
|
||||
}
|
||||
} else {
|
||||
#
|
||||
@@ -3499,12 +3490,22 @@
|
||||
#
|
||||
# No logging -- add the target rule with matches to the rule chain
|
||||
#
|
||||
- add_rule( $chainref, $matches . $target , 1 );
|
||||
+ add_rule( $fromref = $chainref, $matches . $target , 1 );
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
+ #
|
||||
+ # Mark Target as referenced, if it's a chain
|
||||
+ #
|
||||
+ if ( $fromref && $target =~ /-[jg]\s+([^\s]+)/ ) {
|
||||
+ my $targetref = $chain_table{$chainref->{table}}{$1};
|
||||
+ if ( $targetref ) {
|
||||
+ $targetref->{referenced} = 1;
|
||||
+ add_reference $fromref, $targetref;
|
||||
+ }
|
||||
+ }
|
||||
|
||||
while ( @ends ) {
|
||||
decr_cmd_level $chainref;
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12/Perl/Shorewall/Config.pm shorewall-4.4.12.1/Perl/Shorewall/Config.pm
|
||||
--- shorewall-4.4.12/Perl/Shorewall/Config.pm 2010-08-17 07:34:21.000000000 -0700
|
||||
+++ shorewall-4.4.12.1/Perl/Shorewall/Config.pm 2010-08-24 13:15:35.000000000 -0700
|
||||
@@ -345,7 +345,7 @@
|
||||
EXPORT => 0,
|
||||
STATEMATCH => '-m state --state',
|
||||
UNTRACKED => 0,
|
||||
- VERSION => "4.4.12",
|
||||
+ VERSION => "4.4.12.1",
|
||||
CAPVERSION => 40411 ,
|
||||
);
|
||||
|
||||
@@ -2411,7 +2411,7 @@
|
||||
qt1( "$iptables -D $sillyname -m set --match-set $sillyname src -j ACCEPT" );
|
||||
$result = ! ( $capabilities{OLD_IPSET_MATCH} = 0 );
|
||||
} else {
|
||||
- have_capability 'OLD_IPSET_MATCH';
|
||||
+ $result = have_capability 'OLD_IPSET_MATCH';
|
||||
}
|
||||
|
||||
qt( "$ipset -X $sillyname" );
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12/Perl/Shorewall/Providers.pm shorewall-4.4.12.1/Perl/Shorewall/Providers.pm
|
||||
--- shorewall-4.4.12/Perl/Shorewall/Providers.pm 2010-08-17 07:34:21.000000000 -0700
|
||||
+++ shorewall-4.4.12.1/Perl/Shorewall/Providers.pm 2010-08-24 13:15:35.000000000 -0700
|
||||
@@ -853,6 +853,11 @@
|
||||
#
|
||||
my $interfaces = find_interfaces_by_option1 'optional';
|
||||
|
||||
+ if ( $config{REQUIRE_INTERFACE} ) {
|
||||
+ emit( 'HAVE_INTERFACE=' );
|
||||
+ emit( '' );
|
||||
+ }
|
||||
+
|
||||
if ( @$interfaces ) {
|
||||
for my $interface ( @$interfaces ) {
|
||||
my $provider = $provider_interfaces{$interface};
|
||||
@@ -861,11 +866,6 @@
|
||||
|
||||
emit( '' );
|
||||
|
||||
- if ( $config{REQUIRE_INTERFACE} ) {
|
||||
- emit( 'HAVE_INTERFACE=' );
|
||||
- emit( '' );
|
||||
- }
|
||||
-
|
||||
if ( $provider ) {
|
||||
#
|
||||
# This interface is associated with a non-shared provider -- get the provider table entry
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12/changelog.txt shorewall-4.4.12.1/changelog.txt
|
||||
--- shorewall-4.4.12/changelog.txt 2010-08-17 07:34:21.000000000 -0700
|
||||
+++ shorewall-4.4.12.1/changelog.txt 2010-08-24 13:15:35.000000000 -0700
|
||||
@@ -1,3 +1,9 @@
|
||||
+Changes in Shorewall 4.4.12.1
|
||||
+
|
||||
+1) Fix optimization bugs.
|
||||
+
|
||||
+2) Fix detection of old ipset match capability
|
||||
+
|
||||
Changes in Shorewall 4.4.12
|
||||
|
||||
1) Fix IPv6 shorecap program.
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12/install.sh shorewall-4.4.12.1/install.sh
|
||||
--- shorewall-4.4.12/install.sh 2010-08-17 07:34:21.000000000 -0700
|
||||
+++ shorewall-4.4.12.1/install.sh 2010-08-24 13:15:35.000000000 -0700
|
||||
@@ -22,7 +22,7 @@
|
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
#
|
||||
|
||||
-VERSION=4.4.12
|
||||
+VERSION=4.4.12.1
|
||||
|
||||
usage() # $1 = exit status
|
||||
{
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12/known_problems.txt shorewall-4.4.12.1/known_problems.txt
|
||||
--- shorewall-4.4.12/known_problems.txt 2010-08-17 07:34:21.000000000 -0700
|
||||
+++ shorewall-4.4.12.1/known_problems.txt 2010-08-24 13:15:35.000000000 -0700
|
||||
@@ -1,2 +1,13 @@
|
||||
1) On systems running Upstart, Shorewall-init cannot reliably close
|
||||
the firewall before interfaces come up.
|
||||
+
|
||||
+2) Under rare circumstances where COMMENT is used to attach comments
|
||||
+ to rules, OPTIMIZE 8 through 15 can result in invalid
|
||||
+ iptables-restore (ip6tables-restore) input.
|
||||
+
|
||||
+ Workaround: Don't use optimizaiton levels greater than 7.
|
||||
+
|
||||
+3) Under rare circumstances unvolving exclusion, OPTIMIZE 8 through 15
|
||||
+ canresult in invalid iptables-restore (ip6tables-restore) input.
|
||||
+
|
||||
+ Workaround: Don't use optimizaiton levels greater than 7.
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12/releasenotes.txt shorewall-4.4.12.1/releasenotes.txt
|
||||
--- shorewall-4.4.12/releasenotes.txt 2010-08-17 07:34:21.000000000 -0700
|
||||
+++ shorewall-4.4.12.1/releasenotes.txt 2010-08-24 13:15:35.000000000 -0700
|
||||
@@ -1,5 +1,5 @@
|
||||
----------------------------------------------------------------------------
|
||||
- S H O R E W A L L 4 . 4 . 1 2
|
||||
+ S H O R E W A L L 4 . 4 . 1 2 . 1
|
||||
----------------------------------------------------------------------------
|
||||
|
||||
I. RELEASE 4.4 HIGHLIGHTS
|
||||
@@ -10,7 +10,7 @@
|
||||
VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
|
||||
|
||||
----------------------------------------------------------------------------
|
||||
- I. R E L E A S E 4 . 4 H I G H L I G H T S
|
||||
+ I. R E L E A S E 4 . 4 H I G H L I G H T S
|
||||
----------------------------------------------------------------------------
|
||||
|
||||
1) Support for Shorewall-shell has been discontinued. Shorewall-perl
|
||||
@@ -224,6 +224,22 @@
|
||||
I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
|
||||
----------------------------------------------------------------------------
|
||||
|
||||
+4.4.12.1
|
||||
+
|
||||
+1) Under rare circumstances where COMMENT is used to attach comments
|
||||
+ to rules, OPTIMIZE 8 through 15 could result in invalid
|
||||
+ iptables-restore (ip6tables-restore) input.
|
||||
+
|
||||
+2) Under rare circumstances unvolving exclusion, OPTIMIZE 8 through 15
|
||||
+ could result in invalid iptables-restore (ip6tables-restore) input.
|
||||
+
|
||||
+3) The change in 4.4.12 to detect and use the new ipset match syntax
|
||||
+ broke the ability to detect the old ipset match capability. Now,
|
||||
+ both versions of the capability can be correctly detected.
|
||||
+
|
||||
+4.4.12
|
||||
+
|
||||
+
|
||||
1) Previously, the Shorewall6-lite version of shorecap was using
|
||||
iptables rather than ip6tables, with the result that many capabilities
|
||||
that are only available in IPv4 were being reported as available.
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12/shorewall.spec shorewall-4.4.12.1/shorewall.spec
|
||||
--- shorewall-4.4.12/shorewall.spec 2010-08-17 07:34:21.000000000 -0700
|
||||
+++ shorewall-4.4.12.1/shorewall.spec 2010-08-24 13:15:35.000000000 -0700
|
||||
@@ -1,6 +1,6 @@
|
||||
%define name shorewall
|
||||
%define version 4.4.12
|
||||
-%define release 0base
|
||||
+%define release 1
|
||||
|
||||
Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
|
||||
Name: %{name}
|
||||
@@ -108,6 +108,8 @@
|
||||
%doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples
|
||||
|
||||
%changelog
|
||||
+* Mon Aug 23 2010 Tom Eastep tom@shorewall.net
|
||||
+- Updated to 4.4.12-1
|
||||
* Sun Aug 15 2010 Tom Eastep tom@shorewall.net
|
||||
- Updated to 4.4.12-0base
|
||||
* Fri Aug 06 2010 Tom Eastep tom@shorewall.net
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12/uninstall.sh shorewall-4.4.12.1/uninstall.sh
|
||||
--- shorewall-4.4.12/uninstall.sh 2010-08-17 07:34:21.000000000 -0700
|
||||
+++ shorewall-4.4.12.1/uninstall.sh 2010-08-24 13:15:35.000000000 -0700
|
||||
@@ -26,7 +26,7 @@
|
||||
# You may only use this script to uninstall the version
|
||||
# shown below. Simply run this script to remove Shorewall Firewall
|
||||
|
||||
-VERSION=4.4.12
|
||||
+VERSION=4.4.12.1
|
||||
|
||||
usage() # $1 = exit status
|
||||
{
|
|
@ -1,215 +0,0 @@
|
|||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12.1/Perl/Shorewall/Chains.pm shorewall-4.4.12.2/Perl/Shorewall/Chains.pm
|
||||
--- shorewall-4.4.12.1/Perl/Shorewall/Chains.pm 2010-08-24 13:15:35.000000000 -0700
|
||||
+++ shorewall-4.4.12.2/Perl/Shorewall/Chains.pm 2010-09-04 07:30:24.000000000 -0700
|
||||
@@ -687,7 +687,7 @@
|
||||
# deleting elements from the array over which we are iterating.
|
||||
#
|
||||
for ( my $rule = 0; $rule <= $#{$rules}; $rule++ ) {
|
||||
- if ( $rules->[$rule] =~ / -[gj] ${to}( -m comment .*)?\s*$/ ) {
|
||||
+ if ( $rules->[$rule] =~ / -[gj] ${to}(\s+-m comment .*)?\s*$/ ) {
|
||||
trace( $fromref, 'D', $rule + 1, $rules->[$rule] ) if $debug;
|
||||
splice( @$rules, $rule, 1 );
|
||||
last unless --$refs > 0;
|
||||
@@ -3392,7 +3392,7 @@
|
||||
#
|
||||
# We have non-trivial exclusion -- need to create an exclusion chain
|
||||
#
|
||||
- fatal_error "Exclusion is not possible in ACCEPT+/CONTINUE/NONAT rules" if $disposition eq 'RETURN';
|
||||
+ fatal_error "Exclusion is not possible in ACCEPT+/CONTINUE/NONAT rules" if $disposition eq 'RETURN' || $disposition eq 'CONTINUE';
|
||||
|
||||
#
|
||||
# Create the Exclusion Chain
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12.1/Perl/Shorewall/Config.pm shorewall-4.4.12.2/Perl/Shorewall/Config.pm
|
||||
--- shorewall-4.4.12.1/Perl/Shorewall/Config.pm 2010-08-24 13:15:35.000000000 -0700
|
||||
+++ shorewall-4.4.12.2/Perl/Shorewall/Config.pm 2010-09-04 07:30:24.000000000 -0700
|
||||
@@ -345,7 +345,7 @@
|
||||
EXPORT => 0,
|
||||
STATEMATCH => '-m state --state',
|
||||
UNTRACKED => 0,
|
||||
- VERSION => "4.4.12.1",
|
||||
+ VERSION => "4.4.12.2",
|
||||
CAPVERSION => 40411 ,
|
||||
);
|
||||
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12.1/Perl/Shorewall/Rules.pm shorewall-4.4.12.2/Perl/Shorewall/Rules.pm
|
||||
--- shorewall-4.4.12.1/Perl/Shorewall/Rules.pm 2010-08-24 13:15:35.000000000 -0700
|
||||
+++ shorewall-4.4.12.2/Perl/Shorewall/Rules.pm 2010-09-04 07:30:24.000000000 -0700
|
||||
@@ -303,7 +303,7 @@
|
||||
my $target = source_exclusion( $hostref->[3], $chainref );
|
||||
|
||||
for my $chain ( first_chains $interface ) {
|
||||
- add_jump $filter_table->{$chain} , $chainref, 0, "${source}${state}${policy}";
|
||||
+ add_jump $filter_table->{$chain} , $target, 0, "${source}${state}${policy}";
|
||||
}
|
||||
|
||||
set_interface_option $interface, 'use_input_chain', 1;
|
||||
@@ -675,12 +675,12 @@
|
||||
|
||||
for $interface ( @$list ) {
|
||||
my $chainref = $filter_table->{input_chain $interface};
|
||||
- my $base = uc chain_base $interface;
|
||||
+ my $base = uc chain_base get_physical $interface;
|
||||
my $variable = get_interface_gateway $interface;
|
||||
|
||||
if ( interface_is_optional $interface ) {
|
||||
add_commands( $chainref,
|
||||
- qq(if [ -n "\$${base}_IS_USABLE" -a -n "$variable" ]; then) ,
|
||||
+ qq(if [ -n "\$SW_${base}_IS_USABLE" -a -n "$variable" ]; then) ,
|
||||
' echo "-A ' . match_source_dev( $interface ) . qq(-s $variable -p udp -j ACCEPT" >&3) ,
|
||||
qq(fi) );
|
||||
} else {
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12.1/changelog.txt shorewall-4.4.12.2/changelog.txt
|
||||
--- shorewall-4.4.12.1/changelog.txt 2010-08-24 13:15:35.000000000 -0700
|
||||
+++ shorewall-4.4.12.2/changelog.txt 2010-09-04 07:30:24.000000000 -0700
|
||||
@@ -1,9 +1,17 @@
|
||||
+Changes in Shorewall 4.4.12.2
|
||||
+
|
||||
+1) Add tweak to 4.4.12.1 optimization fix.
|
||||
+
|
||||
+2) Fix exclusion in the blacklist file.
|
||||
+
|
||||
Changes in Shorewall 4.4.12.1
|
||||
|
||||
1) Fix optimization bugs.
|
||||
|
||||
2) Fix detection of old ipset match capability
|
||||
|
||||
+3) Fix REQUIRE_INTERFACE=Yes
|
||||
+
|
||||
Changes in Shorewall 4.4.12
|
||||
|
||||
1) Fix IPv6 shorecap program.
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12.1/install.sh shorewall-4.4.12.2/install.sh
|
||||
--- shorewall-4.4.12.1/install.sh 2010-08-24 13:15:35.000000000 -0700
|
||||
+++ shorewall-4.4.12.2/install.sh 2010-09-04 07:30:24.000000000 -0700
|
||||
@@ -22,7 +22,7 @@
|
||||
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||
#
|
||||
|
||||
-VERSION=4.4.12.1
|
||||
+VERSION=4.4.12.2
|
||||
|
||||
usage() # $1 = exit status
|
||||
{
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12.1/known_problems.txt shorewall-4.4.12.2/known_problems.txt
|
||||
--- shorewall-4.4.12.1/known_problems.txt 2010-08-24 13:15:35.000000000 -0700
|
||||
+++ shorewall-4.4.12.2/known_problems.txt 2010-09-04 07:30:24.000000000 -0700
|
||||
@@ -5,9 +5,33 @@
|
||||
to rules, OPTIMIZE 8 through 15 can result in invalid
|
||||
iptables-restore (ip6tables-restore) input.
|
||||
|
||||
- Workaround: Don't use optimizaiton levels greater than 7.
|
||||
+ Corrected in Shorewall 4.4.12.1.
|
||||
|
||||
3) Under rare circumstances unvolving exclusion, OPTIMIZE 8 through 15
|
||||
canresult in invalid iptables-restore (ip6tables-restore) input.
|
||||
|
||||
- Workaround: Don't use optimizaiton levels greater than 7.
|
||||
+ Corrected in Shorewall 4.4.12.1.
|
||||
+
|
||||
+4) The change in 4.4.12 to detect and use the new ipset match syntax
|
||||
+ broke the ability to detect the old ipset match capability.
|
||||
+
|
||||
+ Corrected in Shorewall 4.4.12.1.
|
||||
+
|
||||
+5) If REQUIRE_INTERFACE=Yes then start/restart will fail
|
||||
+ if the last optional interface tested is not available.
|
||||
+
|
||||
+ Corrected in Shorewall 4.4.12.1.
|
||||
+
|
||||
+6) The fix for COMMENT and optimization in 4.4.12.1 is incomplete.
|
||||
+
|
||||
+ Corrected in Shorewall 4.4.12.2
|
||||
+
|
||||
+7) Exclusion in the blacklist file is correctly validated but is then
|
||||
+ ignored when generating iptables (ip6tables) rules.
|
||||
+
|
||||
+ Corrected in Shorewall 4.4.12.2.
|
||||
+
|
||||
+8) Shorewall allows CONTINUE rules with exclusion. These rules
|
||||
+ generate valid but incorrect iptables (ip6tables) input.
|
||||
+
|
||||
+ Corrected in Shorewall 4.4.12.2 -- these rules are now disallowed.
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12.1/releasenotes.txt shorewall-4.4.12.2/releasenotes.txt
|
||||
--- shorewall-4.4.12.1/releasenotes.txt 2010-08-24 13:15:35.000000000 -0700
|
||||
+++ shorewall-4.4.12.2/releasenotes.txt 2010-09-04 07:30:24.000000000 -0700
|
||||
@@ -1,5 +1,5 @@
|
||||
----------------------------------------------------------------------------
|
||||
- S H O R E W A L L 4 . 4 . 1 2 . 1
|
||||
+ S H O R E W A L L 4 . 4 . 1 2 . 2
|
||||
----------------------------------------------------------------------------
|
||||
|
||||
I. RELEASE 4.4 HIGHLIGHTS
|
||||
@@ -224,21 +224,38 @@
|
||||
I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
|
||||
----------------------------------------------------------------------------
|
||||
|
||||
+4.4.12.2
|
||||
+
|
||||
+1) Earlier releases allowed CONTINUE rules with exclusion. These rules
|
||||
+ generated valid but incorrect iptables (ip6tables) input. Such
|
||||
+ rules are now disallowed.
|
||||
+
|
||||
+2) The fix for COMMENT and OPTIMIZE 8-15 in 4.4.12.1 missed one case
|
||||
+ which has now been corrected.
|
||||
+
|
||||
+3) Previously, exclusion in the blacklist file was correctly validated
|
||||
+ but was then ignored when generating iptables (ip6tables) rules.
|
||||
+
|
||||
+4) Previously, the interface option combination of 'optional' and
|
||||
+ 'upnpclient' did not work correctly.
|
||||
+
|
||||
4.4.12.1
|
||||
|
||||
1) Under rare circumstances where COMMENT is used to attach comments
|
||||
to rules, OPTIMIZE 8 through 15 could result in invalid
|
||||
iptables-restore (ip6tables-restore) input.
|
||||
|
||||
-2) Under rare circumstances unvolving exclusion, OPTIMIZE 8 through 15
|
||||
+2) Under rare circumstances involving exclusion, OPTIMIZE 8 through 15
|
||||
could result in invalid iptables-restore (ip6tables-restore) input.
|
||||
|
||||
3) The change in 4.4.12 to detect and use the new ipset match syntax
|
||||
broke the ability to detect the old ipset match capability. Now,
|
||||
both versions of the capability can be correctly detected.
|
||||
|
||||
-4.4.12
|
||||
+4) Previously, if REQUIRE_INTERFACE=Yes then start/restart would fail
|
||||
+ if the last optional interface tested was not available.
|
||||
|
||||
+4.4.12
|
||||
|
||||
1) Previously, the Shorewall6-lite version of shorecap was using
|
||||
iptables rather than ip6tables, with the result that many capabilities
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12.1/shorewall.spec shorewall-4.4.12.2/shorewall.spec
|
||||
--- shorewall-4.4.12.1/shorewall.spec 2010-08-24 13:15:35.000000000 -0700
|
||||
+++ shorewall-4.4.12.2/shorewall.spec 2010-09-04 07:30:24.000000000 -0700
|
||||
@@ -1,6 +1,6 @@
|
||||
%define name shorewall
|
||||
%define version 4.4.12
|
||||
-%define release 1
|
||||
+%define release 2
|
||||
|
||||
Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
|
||||
Name: %{name}
|
||||
@@ -108,6 +108,8 @@
|
||||
%doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples
|
||||
|
||||
%changelog
|
||||
+* Sat Sep 04 2010 Tom Eastep tom@shorewall.net
|
||||
+- Updated to 4.4.12-2
|
||||
* Mon Aug 23 2010 Tom Eastep tom@shorewall.net
|
||||
- Updated to 4.4.12-1
|
||||
* Sun Aug 15 2010 Tom Eastep tom@shorewall.net
|
||||
diff -Naur -X /Users/teastep/bin/exclude.txt shorewall-4.4.12.1/uninstall.sh shorewall-4.4.12.2/uninstall.sh
|
||||
--- shorewall-4.4.12.1/uninstall.sh 2010-08-24 13:15:35.000000000 -0700
|
||||
+++ shorewall-4.4.12.2/uninstall.sh 2010-09-04 07:30:24.000000000 -0700
|
||||
@@ -26,7 +26,7 @@
|
||||
# You may only use this script to uninstall the version
|
||||
# shown below. Simply run this script to remove Shorewall Firewall
|
||||
|
||||
-VERSION=4.4.12.1
|
||||
+VERSION=4.4.12.2
|
||||
|
||||
usage() # $1 = exit status
|
||||
{
|
|
@ -24,12 +24,12 @@
|
|||
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
|
||||
PRGNAM=shorewall
|
||||
VERSION=${VERSION:-4.4.12.2}
|
||||
VERSION=${VERSION:-4.4.13.1}
|
||||
ARCH=noarch
|
||||
BUILD=${BUILD:-1}
|
||||
TAG=${TAG:-_SBo}
|
||||
|
||||
BASEVERS=4.4.12
|
||||
BASEVERS=4.4.13
|
||||
|
||||
CWD=$(pwd)
|
||||
TMP=${TMP:-/tmp/SBo}
|
||||
|
|
|
@ -1,14 +1,12 @@
|
|||
PRGNAM="shorewall"
|
||||
VERSION="4.4.12.2"
|
||||
VERSION="4.4.13.1"
|
||||
HOMEPAGE="http://www.shorewall.net"
|
||||
DOWNLOAD="http://www.shorewall.net/pub/shorewall/4.4/shorewall-4.4.12/base/shorewall-4.4.12.tar.bz2 \
|
||||
http://www.shorewall.net/pub/shorewall/4.4/shorewall-4.4.12/patch-4.4.12.1 \
|
||||
http://www.shorewall.net/pub/shorewall/4.4/shorewall-4.4.12/patch-4.4.12.2"
|
||||
MD5SUM="245617f3db1312c64eff6e595eed8d18 \
|
||||
e32cc02eaaa71f85f346623db9a3ec6b \
|
||||
ac5d09f6965bbc8f1ec5d6596dcb32f4"
|
||||
DOWNLOAD="http://www.shorewall.net/pub/shorewall/4.4/shorewall-4.4.13/base/shorewall-4.4.13.tar.bz2 \
|
||||
http://www.shorewall.net/pub/shorewall/4.4/shorewall-4.4.13/patch-4.4.13.1"
|
||||
MD5SUM="70b6e8033f93a7985a8a614645218305 \
|
||||
753e1afe6de17ed2e4aa98072c664764"
|
||||
DOWNLOAD_x86_64=""
|
||||
MD5SUM_x86_64=""
|
||||
MAINTAINER="ArTourter"
|
||||
EMAIL="artourter@gmail.com"
|
||||
APPROVED="dsomero"
|
||||
APPROVED="rworkman"
|
||||
|
|
Loading…
Reference in a new issue