On 04/06/2018 09:42 AM, Tom Eastep wrote: > On 04/05/2018 07:50 PM, Igor Sverkos wrote: > > It is a bug that was corrected in Shorewall 5.1.7. >
Attached is the patch.
patch /usr/share/shorewall/Shorewall/Rules.pm < commit-3b373f3
-Tom
--
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.org \ understand
\_______________________________________________
From 3b373f3f215208b41f70783f8969f48cfc1766d1 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teas...@shorewall.net>
Date: Tue, 5 Sep 2017 10:45:17 -0700
Subject: Correct handling of ipsets in the DEST column of the snat file
- Also corrected handling of exclusion
Signed-off-by: Tom Eastep <teas...@shorewall.net>
diff --git a/Shorewall/Perl/Shorewall/Rules.pm
b/Shorewall/Perl/Shorewall/Rules.pm
index 379be8923..649c4f018 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -5286,7 +5286,7 @@ sub process_snat1( $$$$$$$$$$$$ ) {
$interfaces = $1;
} elsif ( $dest =~ /^([^:]+):([^:]*)$/ ) {
my ( $one, $two ) = ( $1, $2 );
- if ( $2 =~ /\./ || $2 =~ /^%/ ) {
+ if ( $2 =~ /\./ || $2 =~ /^[+%!]/ ) {
$interfaces = $one;
$destnets = $two;
} else {
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
