Tom Eastep wrote: > Beta 2 is now ready for testing. I am particularly interested in having > the new Shorewall and Shorewall6 tested with earlier versions of > Shorewall Lite and Shorewall6 Lite.
I have just found a potentially serious bug in 4.4.8 Beta2. The '-p' option to 'shorewall restart' and 'shorewall-lite restart' does not work. Rather than purging the conntrack table, it bypasses updating of the routing configuration. I've attached a patch and have also placed a copy at: http://www1.shorewall.net/pub/shorewall/development/4.4/shorewall-4.4.8-Beta2/Patches/Patch-4.4.8-Beta2-1.diff ftp://ftp1.shorewall.net/pub/shorewall/development/4.4/shorewall-4.4.8-Beta2/Patches/Patch-4.4.8-Beta2-1.diff To apply the patch: patch /usr/share/shorewall/prog.footer < Patch-4.4.8-Beta2-1.diff -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/prog.footer b/Shorewall/Perl/prog.footer
index 1da15d3..90fc8f1 100644
--- a/Shorewall/Perl/prog.footer
+++ b/Shorewall/Perl/prog.footer
@@ -78,7 +78,7 @@ while [ $finished -eq 0 -a $# -gt 0 ]; do
option=${option#t}
;;
p*)
- g_noroutes=Yes
+ g_purge=Yes
option=${option#p}
;;
r*)
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
