On Sun, 27 Dec 2009 07:58:39 -0800 Tom Eastep <[email protected]> wrote:
> Shorewall 4.5.0 is now ready for testing. > > ---------------------------------------------------------------------------- > K N O W N P R O B L E M S > ---------------------------------------------------------------------------- > > 1) There is a syntax error in /sbin/shorewall. Patch is attached. > > 2) Specifying icmp or icmpv6 in /etc/shorewall/tcpri results in an > error. I'll provide a fix later today. > This is GIT commit 6fa5af81645312bcb2aef842f99167687adb2341. Patch is also attached. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Tc.pm b/Shorewall/Perl/Shorewall/Tc.pm
index 02f5e7f..f70ceef 100644
--- a/Shorewall/Perl/Shorewall/Tc.pm
+++ b/Shorewall/Perl/Shorewall/Tc.pm
@@ -1100,10 +1100,15 @@ sub process_tc_priority() {
add_rule( $postref ,
join( '', do_proto( $proto, $ports, '-' , 0 ) , $rule ) ,
1 );
-
- add_rule( $postref ,
- join( '' , do_proto( $proto, '-', $ports, 0 ) , $rule ) ,
- 1 );
+
+ if ( $proto ne '-' ) {
+ my $protocol = resolve_proto $proto;
+
+ add_rule( $postref ,
+ join( '' , do_proto( $proto, '-', $ports, 0 ) , $rule ) ,
+ 1 )
+ unless $protocol == ICMP || $protocol == IPv6_ICMP;
+ }
}
}
}
signature.asc
Description: PGP signature
------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
