-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 11/02/2016 12:05 PM, Steven Jan Springl wrote:
>
> I have installed your copy of Rules.pm, but not the additional
> patch.
>
> The problem still occurs.
>
> Further investigation shows the problem only occurs with
> ADD_SNAT_ALIASES=Yes set in shorewall.conf.
>
> Changing it to ADD_SNAT_ALIASES=No fixes the problem. Is this
> expected?
>
No, that is not expected. Patch attached.
Thanks Steven,
- -Tom
- --
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJYGj4EAAoJEJbms/JCOk0QSR4P/3keUtl8nFctdLD1/Vbo2eJT
0pcWYjrbvi5Z0CwevRcN/IY1wJ0235Y3b8zE1K0cG2MgB10tmnreropJypVIp0Sj
55JK0/bovuJ2a8soACPh90dPYNyFYiCr6pgnZu/Eyo+TAH3C/sXla9Hz3F5Eq5f3
B6d/EqOj8RB9XlhNk047/BfiG1C1/L04sX5yp+7J6Os47ckoScGe5XYpqVhT75dj
r6DsCiOCQlJB7VVhbU6QM/FwFk2wJDPDTuycTUkDT96BXDGBF6r+GrgxBTacKtqE
50ksAxsHXKa+k++tzgRlL7BnumcuCl1AmeDIecWUujCEF5L+mzqBgQTV8gsAW2Wf
ksBhX60SurPvaqY6T1OmakP7F43ILkAerAge6ik7vCswDi3tTFB63dlLmqkbNRhO
W3JsKJoE6V4270hcYC/VAUt5YR6+bVLGUt7W8F/DpT8LFd+jI8nEwjkI7B0WGPxr
4KiZfZJT3UnXdSF9S7GL8h2dXA2k8SE+N+5S7pXDXDzYXGq0qfMJ1m7IPYG3xwpd
J1kkt/OMkAgo7L3hRg4+EJ1amS+HwcWz9GWidJA3MA6JubMcofNNdJsKB9jhh953
65M9q6UpnX62Z0EeEBQ+s6uyuRVFSPsqa2MpQMKAwWPFDWqJt3Y98fHWoJsOCcsX
3Al3fthUWDHm4JWzJSVT
=In80
-----END PGP SIGNATURE-----
diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm
index 4971779..be91e1d 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -5363,6 +5363,7 @@ sub process_snat1( $$$$$$$$$$$$ ) {
$pre_nat = $1;
$addresses = ( $2 || '' );
$options = 'random' if $addresses =~ s/:?random$//;
+ $add_snat_aliases = '';
} elsif ( $action =~ /^SNAT(\+)?\((.+)\)$/ ) {
$pre_nat = $1;
$addresses = $2;
@@ -5377,6 +5378,7 @@ sub process_snat1( $$$$$$$$$$$$ ) {
$pre_nat = $1;
} elsif ( $action eq 'MASQUERADE' ) {
$actiontype = $builtin_target{$target = 'MASQUERADE'};
+ $add_snat_aliases = '';
} else {
( $target , $params ) = get_target_param1( $action );
@@ -5510,7 +5512,7 @@ sub process_snat1( $$$$$$$$$$$$ ) {
my $addrlist = '';
my @addrs = split_list $addresses, 'address';
- fatal_error "Only one ADDRESS may be specified" if @addrs > 1;
+ fatal_error "Only one SNAT address may be specified" if @addrs > 1;
for my $addr ( @addrs ) {
if ( $addr =~ /^([&%])(.+)$/ ) {
------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel
