On 02/27/2013 12:38 PM, Steven Jan Springl wrote: > All patches applied. > MASQUERADE3.patch hunk 2 refers to VERSION 4.5.13-Beta3 instead of > 4.5.14-Beta3. I made the change manually. > > I can confirm the patch fixes the original problem for both shorewall and > shorewall6.
Thanks Steven. > > --------------------------------------------------------------------------------------------- > > Shorewall6 masq entry: > > eth0 2001:2::/56 :random:persistent > > Generates the following ip6tables entry: > > -A eth0_masq -s 2001:2::/56 -j MASQUERADE --random --persistent > > Which produces the following error message: > > ip6tables-restore v1.4.17: unknown option "--persistent" > > The error also occurs in shorewall. > A patch is attached. Thank you Steven, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
diff --git a/Shorewall/Perl/Shorewall/Nat.pm b/Shorewall/Perl/Shorewall/Nat.pm
index 05c4cfb..7fd4c5a 100644
--- a/Shorewall/Perl/Shorewall/Nat.pm
+++ b/Shorewall/Perl/Shorewall/Nat.pm
@@ -308,7 +308,8 @@ sub process_one_masq1( $$$$$$$$$$ )
$target .= $addrlist;
} else {
- require_capability( 'MASQUERADE_TGT', 'Masquerade rules', '' ) if $family == F_IPV6;
+ fatal_error( "':persistent' is not allowed in a MASQUERADE rule" ) if $persistent;
+ require_capability( 'MASQUERADE_TGT', 'Masquerade rules', '' ) if $family == F_IPV6;
}
}
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_feb
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
