From 9923e8cdca0c9a817cb20f3f1ba79de2d7d4428b Mon Sep 17 00:00:00 2001 From: ArTourter Date: Wed, 14 Apr 2010 20:57:09 -0400 Subject: network/shorewall: Updated for version 4.4.8.1. --- network/shorewall/patch-4.4.8.1 | 224 +++++++++++++++++++++++++++++++++ network/shorewall/shorewall.SlackBuild | 2 +- network/shorewall/shorewall.info | 10 +- 3 files changed, 231 insertions(+), 5 deletions(-) create mode 100644 network/shorewall/patch-4.4.8.1 (limited to 'network') diff --git a/network/shorewall/patch-4.4.8.1 b/network/shorewall/patch-4.4.8.1 new file mode 100644 index 0000000000..13dfe90cc3 --- /dev/null +++ b/network/shorewall/patch-4.4.8.1 @@ -0,0 +1,224 @@ +diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/changelog.txt shorewall-4.4.8.1/changelog.txt +--- shorewall-4.4.8/changelog.txt 2010-03-23 08:47:56.000000000 -0700 ++++ shorewall-4.4.8.1/changelog.txt 2010-04-07 14:49:33.000000000 -0700 +@@ -1,3 +1,12 @@ ++Changes in Shorewall 4.4.8.1 ++ ++1) Correct handling of a logical interface name in the EXTERNAL column ++ of proxyarp. ++ ++2) Fix find_first_interface_address() error reporting. ++ ++3) Fix propagation of zero-valued config variables. ++ + Changes in Shorewall 4.4.8 + + 1) Correct handling of RATE LIMIT on NAT rules. +diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/configfiles/shorewall.conf shorewall-4.4.8.1/configfiles/shorewall.conf +--- shorewall-4.4.8/configfiles/shorewall.conf 2010-03-23 08:47:56.000000000 -0700 ++++ shorewall-4.4.8.1/configfiles/shorewall.conf 2010-04-07 14:49:33.000000000 -0700 +@@ -1,19 +1,10 @@ + ############################################################################### +-# /etc/shorewall/shorewall.conf Version 4 - Change the following variables to +-# match your setup + # +-# This program is under GPL +-# [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt] +-# +-# This file should be placed in /etc/shorewall +-# +-# (c) 1999,2000,2001,2002,2003,2004,2005, +-# 2006,2007,2008 - Tom Eastep (teastep@shorewall.net) ++# Shorewall Version 4 -- /etc/shorewall/shorewall.conf + # + # For information about the settings in this file, type "man shorewall.conf" + # +-# Additional information is available at +-# http://www.shorewall.net/Documentation.htm#Conf ++# Manpage also online at http://www.shorewall.net/manpages/shorewall.conf.html + ############################################################################### + # S T A R T U P E N A B L E D + ############################################################################### +diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/install.sh shorewall-4.4.8.1/install.sh +--- shorewall-4.4.8/install.sh 2010-03-23 08:47:56.000000000 -0700 ++++ shorewall-4.4.8.1/install.sh 2010-04-07 14:49:33.000000000 -0700 +@@ -22,7 +22,7 @@ + # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + # + +-VERSION=4.4.8 ++VERSION=4.4.8.1 + + usage() # $1 = exit status + { +diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/known_problems.txt shorewall-4.4.8.1/known_problems.txt +--- shorewall-4.4.8/known_problems.txt 2010-03-23 08:47:56.000000000 -0700 ++++ shorewall-4.4.8.1/known_problems.txt 2010-04-07 14:49:33.000000000 -0700 +@@ -1 +1,23 @@ +-There are no known problems in Shorewall 4.4.8 ++1) Logical interface names in the EXTERNAL column of ++ /etc/shorewall/proxyarp were previously not mapped to their ++ corresponding physical interface names. This could cause 'start' or ++ 'restart' to fail. ++ ++ Corrected in Shorewall 4.4.8.1 ++ ++2) If find_first_interface_address() cannot determine the address of ++ the passed interface, the following message is issued and the ++ process continues: ++ ++ /usr/share/shorewall/lib.common: line 438: ++ startup_error: command not found ++ ++ Corrected in Shorewall 4.4.8.1 ++ ++3) If LOG_VERBOSITY=0 in shorewall.conf, then when the compiled script ++ is executed, messages such as the following will be issued: ++ ++ /var/lib/shorewall6/.restart: line 65: [: -gt: unary operator ++ expected ++ ++ Corrected in Shorewall 4.4.8.1 +diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/Perl/Shorewall/Config.pm shorewall-4.4.8.1/Perl/Shorewall/Config.pm +--- shorewall-4.4.8/Perl/Shorewall/Config.pm 2010-03-23 08:47:56.000000000 -0700 ++++ shorewall-4.4.8.1/Perl/Shorewall/Config.pm 2010-04-07 14:49:33.000000000 -0700 +@@ -338,7 +338,7 @@ + TC_SCRIPT => '', + EXPORT => 0, + UNTRACKED => 0, +- VERSION => "4.4.8", ++ VERSION => "4.4.8.1", + CAPVERSION => 40408 , + ); + +@@ -3050,7 +3050,8 @@ + # + sub propagateconfig() { + for my $option ( @propagateconfig ) { +- my $value = $config{$option} || ''; ++ my $value = $config{$option}; ++ $value = '' unless defined $value; + emit "$option=\"$value\""; + } + } +diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/Perl/Shorewall/Proxyarp.pm shorewall-4.4.8.1/Perl/Shorewall/Proxyarp.pm +--- shorewall-4.4.8/Perl/Shorewall/Proxyarp.pm 2010-03-23 08:47:56.000000000 -0700 ++++ shorewall-4.4.8.1/Perl/Shorewall/Proxyarp.pm 2010-04-07 14:49:33.000000000 -0700 +@@ -118,6 +118,7 @@ + } + + $interface = get_physical $interface; ++ $external = get_physical $external; + + $set{$interface} = 1; + $reset{$external} = 1 unless $set{$external}; +diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/releasenotes.txt shorewall-4.4.8.1/releasenotes.txt +--- shorewall-4.4.8/releasenotes.txt 2010-03-23 08:47:56.000000000 -0700 ++++ shorewall-4.4.8.1/releasenotes.txt 2010-04-07 14:49:33.000000000 -0700 +@@ -1,5 +1,5 @@ + ---------------------------------------------------------------------------- +- S H O R E W A L L 4 . 4 . 8 ++ S H O R E W A L L 4 . 4 . 8 . 1 + ---------------------------------------------------------------------------- + + I. RELEASE 4.4 HIGHLIGHTS +@@ -218,6 +218,27 @@ + I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E + ---------------------------------------------------------------------------- + ++4.4.8.1 ++ ++1) Logical interface names in the EXTERNAL column of ++ /etc/shorewall/proxyarp were previously not mapped to their ++ corresponding physical interface names. This could cause 'start' or ++ 'restart' to fail. ++ ++2) If find_first_interface_address() cannot determine the address of ++ the passed interface, the following message is issued and the ++ process continues: ++ ++ /usr/share/shorewall/lib.common: line 438: ++ startup_error: command not found ++ ++3) If LOG_VERBOSITY=0 in shorewall.conf, then when the compiled script ++ was executed, messages such as the following would be issued: ++ ++ /var/lib/shorewall6/.restart: line 65: [: -gt: unary operator ++ expected ++4.4.8 ++ + 1) A CONTINUE rule specifying a log level would cause the compiler to + generate an incorrect rule sequence. The packet would be logged + but the CONTINUE action would not occur. +@@ -286,6 +307,11 @@ + 'shorewall refresh' executed, those new changes would not be included + in the active ruleset. + ++12) In 4.4.7, it was documented that setting the 'bridge' option in an ++ interfaces file entry also set 'routeback'. That feature was ++ incomplete with the result that 'routeback' still needed to be ++ specified. ++ + ---------------------------------------------------------------------------- + I V. K N O W N P R O B L E M S R E M A I N I N G + ---------------------------------------------------------------------------- +diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/shorewall shorewall-4.4.8.1/shorewall +--- shorewall-4.4.8/shorewall 2010-03-23 08:47:56.000000000 -0700 ++++ shorewall-4.4.8.1/shorewall 2010-04-07 14:49:33.000000000 -0700 +@@ -301,14 +301,19 @@ + } + + # ++# Fatal error ++# ++startup_error() { ++ echo " ERROR: $@" >&2 ++ kill $$ ++ exit 1 ++} ++ ++# + # Run the compiler + # + compiler() { +- startup_error() { +- echo " ERROR: $@" >&2 +- exit 1 +- } +- ++ + if [ $(id -u) -ne 0 ]; then + if [ -z "$SHOREWALL_DIR" -o "$SHOREWALL_DIR" = /etc/shorewall ]; then + startup_error "Ordinary users may not compile the /etc/shorewall configuration" +diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/shorewall.spec shorewall-4.4.8.1/shorewall.spec +--- shorewall-4.4.8/shorewall.spec 2010-03-23 08:47:56.000000000 -0700 ++++ shorewall-4.4.8.1/shorewall.spec 2010-04-07 14:49:33.000000000 -0700 +@@ -1,6 +1,6 @@ + %define name shorewall + %define version 4.4.8 +-%define release 0base ++%define release 1 + + Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. + Name: %{name} +@@ -108,6 +108,8 @@ + %doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples + + %changelog ++* Thu Mar 25 2010 Tom Eastep tom@shorewall.net ++- Updated to 4.4.8-1 + * Fri Mar 19 2010 Tom Eastep tom@shorewall.net + - Updated to 4.4.8-0base + * Tue Mar 16 2010 Tom Eastep tom@shorewall.net +diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/uninstall.sh shorewall-4.4.8.1/uninstall.sh +--- shorewall-4.4.8/uninstall.sh 2010-03-23 08:47:56.000000000 -0700 ++++ shorewall-4.4.8.1/uninstall.sh 2010-04-07 14:49:33.000000000 -0700 +@@ -26,7 +26,7 @@ + # You may only use this script to uninstall the version + # shown below. Simply run this script to remove Shorewall Firewall + +-VERSION=4.4.8 ++VERSION=4.4.8.1 + + usage() # $1 = exit status + { diff --git a/network/shorewall/shorewall.SlackBuild b/network/shorewall/shorewall.SlackBuild index 23d0bf73f6..3485ec6fc8 100644 --- a/network/shorewall/shorewall.SlackBuild +++ b/network/shorewall/shorewall.SlackBuild @@ -24,7 +24,7 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PRGNAM=shorewall -VERSION=${VERSION:-4.4.8} +VERSION=${VERSION:-4.4.8.1} ARCH=noarch BUILD=${BUILD:-1} TAG=${TAG:-_SBo} diff --git a/network/shorewall/shorewall.info b/network/shorewall/shorewall.info index 36a6e68ce5..7c52beecb1 100644 --- a/network/shorewall/shorewall.info +++ b/network/shorewall/shorewall.info @@ -1,10 +1,12 @@ PRGNAM="shorewall" -VERSION="4.4.8" +VERSION="4.4.8.1" HOMEPAGE="http://www.shorewall.net" -DOWNLOAD="http://www.shorewall.net/pub/shorewall/4.4/shorewall-4.4.8/base/shorewall-4.4.8.tar.bz2" -MD5SUM="900a1017bd5696403d1d840fd01d67c0" +DOWNLOAD="http://www.shorewall.net/pub/shorewall/4.4/shorewall-4.4.8/base/shorewall-4.4.8.tar.bz2 \ + http://www.shorewall.net/pub/shorewall/4.4/shorewall-4.4.8/patch-4.4.8.1" +MD5SUM="900a1017bd5696403d1d840fd01d67c0 \ + b153bd9fc22ddcf10311ec39586ea13f" DOWNLOAD_x86_64="" MD5SUM_x86_64="" MAINTAINER="ArTourter" EMAIL="artourter@gmail.com" -APPROVED="rworkman" +APPROVED="dsomero" -- cgit v1.2.3