On 08/10/2015 04:37 PM, jone...@teksavvy.com wrote: > On Sat, 08 Aug 2015 10:22:23 -0700 > Tom Eastep <teas...@shorewall.net> wrote: > >> On 08/07/2015 12:27 PM, jonetsu wrote: > >>> Would this be a bug ? It looks like the parsing for the presence of >>> the routeback option does not take into account the value. > >> Looks like a bug. > > Would there be any chance that a solution to this could be applied also > to version 4.6.4.3 (eg. a patch) ? >
The attached patch applies with an offset. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
commit 4c4c5a436adcd0ff140ea77ef0406ddab1bd9f67
Author: Tom Eastep <teas...@shorewall.net>
Date: Fri Aug 7 14:09:08 2015 -0700
Allow zero-valued options on multi-zoned interfaces
Signed-off-by: Tom Eastep <teas...@shorewall.net>
diff --git a/Shorewall/Perl/Shorewall/Zones.pm b/Shorewall/Perl/Shorewall/Zones.pm
index 64f7e07..fe2de22 100644
--- a/Shorewall/Perl/Shorewall/Zones.pm
+++ b/Shorewall/Perl/Shorewall/Zones.pm
@@ -1208,18 +1208,20 @@ sub process_interface( $$ ) {
fatal_error "Invalid Interface option ($option)" unless my $type = $validinterfaceoptions{$option};
- if ( $zone ) {
- fatal_error qq(The "$option" option may not be specified for a Vserver zone") if $zoneref->{type} & VSERVER && ! ( $type & IF_OPTION_VSERVER );
- } else {
- fatal_error "The \"$option\" option may not be specified on a multi-zone interface" if $type & IF_OPTION_ZONEONLY;
- }
-
my $hostopt = $type & IF_OPTION_HOST;
- fatal_error "The \"$option\" option is not allowed on a bridge port" if $port && ! $hostopt;
-
$type &= MASK_IF_OPTION;
+ unless ( $type == BINARY_IF_OPTION && defined $value && $value eq '0' ) {
+ if ( $zone ) {
+ fatal_error qq(The "$option" option may not be specified for a Vserver zone") if $zoneref->{type} & VSERVER && ! ( $type & IF_OPTION_VSERVER );
+ } else {
+ fatal_error "The \"$option\" option may not be specified on a multi-zone interface" if $type & IF_OPTION_ZONEONLY;
+ }
+ }
+
+ fatal_error "The \"$option\" option is not allowed on a bridge port" if $port && ! $hostopt;
+
if ( $type == SIMPLE_IF_OPTION ) {
fatal_error "Option $option does not take a value" if defined $value;
if ( $option eq 'blacklist' ) {
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
