Package: ferm
Version: 2.1-3
Severity: important
Tags: fixed-upstream
Hi,
ferm 2.1 and onwards rejects the following stanza as invalid syntax
(missing brace):
@def &SERVICE($proto, $port) = {
domain (ip ip6) chain INPUT {
proto $proto dport $port ACCEPT;
}
}
&SERVICE(tcp, smtp);
The syntax above is perfectly fine according to the DSL specification
and was accepted by ferm 2.0.7. I know of multiple large installations
that use squeeze, ferm and that feature heavily and the wheezy upgrade
is going to break the firewall set for them (hence the severity).
I've found and fixed the bug and my patch has been merged into
upstream's git as commit 392e58, to be included in 2.1.2.
The patch basically a one-liner that can be cleanly applied to 2.1. I
think it warrants an upload and freeze exception, according to the
current freeze rules.
Thanks,
Faidon
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
