On Mon, 2011-06-13 at 06:01 +0000, Dick Gevers wrote: > Hello, > > I am a Mageia (fork of Mandriva) tester and we have currently in our Cauldron > release, being the working version of Mageia 2, the latest version of perl > being > perl-5.14. > > But now we see a warning when starting shorewall installed from > shorewall-4.4.20.2-1.mga2.noarch.rpm: ... > The words seems to indicate this is harmless from the security point of view, > and probably a warning to shorewall developers that with future versions of > perl > the scripting in sw needs adapting to such perl. > > Can you please confirm our view?
Yes -- it is a harmless(but annoying) warning from the Perl compiler.
>
> Shouuld we raise a ticket on shorewall's trac?
>
Not necessary.
Attached is a patch that should correct the problem.
cd /usr/share/shorewall/Shorewall
patch < .../QW.patch
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm
index e1893b9..32433a3 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -1596,24 +1596,24 @@ sub initialize_chain_table($) {
'DEL' => STANDARD + SET,
);
- for my $chain qw(OUTPUT PREROUTING) {
+ for my $chain ( qw(OUTPUT PREROUTING) ) {
new_builtin_chain 'raw', $chain, 'ACCEPT';
}
- for my $chain qw(INPUT OUTPUT FORWARD) {
+ for my $chain ( qw(INPUT OUTPUT FORWARD) ) {
new_builtin_chain 'filter', $chain, 'DROP';
}
- for my $chain qw(PREROUTING POSTROUTING OUTPUT) {
+ for my $chain ( qw(PREROUTING POSTROUTING OUTPUT) ) {
new_builtin_chain 'nat', $chain, 'ACCEPT';
}
- for my $chain qw(PREROUTING INPUT OUTPUT ) {
+ for my $chain ( qw(PREROUTING INPUT OUTPUT ) ) {
new_builtin_chain 'mangle', $chain, 'ACCEPT';
}
if ( have_capability( 'MANGLE_FORWARD' ) ) {
- for my $chain qw( FORWARD POSTROUTING ) {
+ for my $chain ( qw( FORWARD POSTROUTING ) ) {
new_builtin_chain 'mangle', $chain, 'ACCEPT';
}
}
@@ -1639,19 +1639,19 @@ sub initialize_chain_table($) {
'DEL' => STANDARD + SET,
);
- for my $chain qw(OUTPUT PREROUTING) {
+ for my $chain ( qw(OUTPUT PREROUTING) ) {
new_builtin_chain 'raw', $chain, 'ACCEPT';
}
- for my $chain qw(INPUT OUTPUT FORWARD) {
+ for my $chain ( qw(INPUT OUTPUT FORWARD) ) {
new_builtin_chain 'filter', $chain, 'DROP';
}
- for my $chain qw(PREROUTING POSTROUTING OUTPUT) {
+ for my $chain ( qw(PREROUTING POSTROUTING OUTPUT) ) {
new_builtin_chain 'nat', $chain, 'ACCEPT';
}
- for my $chain qw(PREROUTING INPUT OUTPUT FORWARD POSTROUTING ) {
+ for my $chain ( qw(PREROUTING INPUT OUTPUT FORWARD POSTROUTING ) ) {
new_builtin_chain 'mangle', $chain, 'ACCEPT';
}
}
@@ -4834,7 +4834,7 @@ sub create_chainlist_reload($) {
enter_cat_mode;
- for $table qw(raw nat mangle filter) {
+ for $table ( qw(raw nat mangle filter) ) {
my $tableref=$chains{$table};
next unless $tableref;
diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm
index a1ccc81..499870a 100644
--- a/Shorewall/Perl/Shorewall/Compiler.pm
+++ b/Shorewall/Perl/Shorewall/Compiler.pm
@@ -108,7 +108,7 @@ sub generate_script_1( $ ) {
################################################################################
EOF
- for my $exit qw/init start tcclear started stop stopped clear refresh refreshed restored/ {
+ for my $exit ( qw/init start tcclear started stop stopped clear refresh refreshed restored/ ) {
emit "\nrun_${exit}_exit() {";
push_indent;
append_file $exit or emit 'true';
@@ -116,7 +116,7 @@ EOF
emit '}';
}
- for my $exit qw/isusable findgw/ {
+ for my $exit ( qw/isusable findgw/ ) {
emit "\nrun_${exit}_exit() {";
push_indent;
append_file($exit, 1) or emit 'true';
diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index b3df855..3b68ff6 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -3474,7 +3474,7 @@ sub get_configuration( $ ) {
fatal_error 'IPSECFILE=ipsec is not supported by Shorewall ' . $globals{VERSION} if $config{IPSECFILE} eq 'ipsec';
fatal_error "Invalid IPSECFILE value ($config{IPSECFILE}" unless $config{IPSECFILE} eq 'zones';
- for my $default qw/DROP_DEFAULT REJECT_DEFAULT QUEUE_DEFAULT NFQUEUE_DEFAULT ACCEPT_DEFAULT/ {
+ for my $default ( qw/DROP_DEFAULT REJECT_DEFAULT QUEUE_DEFAULT NFQUEUE_DEFAULT ACCEPT_DEFAULT/ ) {
$config{$default} = 'none' if "\L$config{$default}" eq 'none';
}
@@ -3679,7 +3679,7 @@ sub generate_aux_config() {
emit "#\n# Shorewall auxiliary configuration file created by Shorewall version $globals{VERSION} - $date\n#";
- for my $option qw(VERBOSITY LOGFILE LOGFORMAT IPTABLES IP6TABLES IP TC IPSET PATH SHOREWALL_SHELL SUBSYSLOCK LOCKFILE RESTOREFILE) {
+ for my $option ( qw(VERBOSITY LOGFILE LOGFORMAT IPTABLES IP6TABLES IP TC IPSET PATH SHOREWALL_SHELL SUBSYSLOCK LOCKFILE RESTOREFILE) ) {
conditionally_add_option $option;
}
diff --git a/Shorewall/Perl/Shorewall/Misc.pm b/Shorewall/Perl/Shorewall/Misc.pm
index 2f1fe36..ff1de96 100644
--- a/Shorewall/Perl/Shorewall/Misc.pm
+++ b/Shorewall/Perl/Shorewall/Misc.pm
@@ -1826,7 +1826,7 @@ sub generate_matrix() {
}
if ( $config{LOGALLNEW} ) {
- for my $table qw/mangle nat filter/ {
+ for my $table ( qw/mangle nat filter/ ) {
for my $chain ( @{$builtins{$table}} ) {
log_rule_limit
$config{LOGALLNEW} ,
diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm
index 0b8d805..726bdd3 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -460,7 +460,7 @@ sub process_policies()
my $firewall = firewall_zone;
our @zonelist = $config{EXPAND_POLICIES} ? all_zones : ( all_zones, 'all' );
- for my $option qw( DROP_DEFAULT REJECT_DEFAULT ACCEPT_DEFAULT QUEUE_DEFAULT NFQUEUE_DEFAULT) {
+ for my $option ( qw( DROP_DEFAULT REJECT_DEFAULT ACCEPT_DEFAULT QUEUE_DEFAULT NFQUEUE_DEFAULT) ) {
my $action = $config{$option};
next if $action eq 'none';
my $actiontype = $targets{$action};
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ EditLive Enterprise is the world's most technically advanced content authoring tool. Experience the power of Track Changes, Inline Image Editing and ensure content is compliant with Accessibility Checking. http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
