aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--network/shorewall/patch-4.4.8.1224
-rw-r--r--network/shorewall/shorewall.SlackBuild2
-rw-r--r--network/shorewall/shorewall.info10
3 files changed, 231 insertions, 5 deletions
diff --git a/network/shorewall/patch-4.4.8.1 b/network/shorewall/patch-4.4.8.1
new file mode 100644
index 0000000000000..13dfe90cc3998
--- /dev/null
+++ b/network/shorewall/patch-4.4.8.1
@@ -0,0 +1,224 @@
+diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/changelog.txt shorewall-4.4.8.1/changelog.txt
+--- shorewall-4.4.8/changelog.txt 2010-03-23 08:47:56.000000000 -0700
++++ shorewall-4.4.8.1/changelog.txt 2010-04-07 14:49:33.000000000 -0700
+@@ -1,3 +1,12 @@
++Changes in Shorewall 4.4.8.1
++
++1) Correct handling of a logical interface name in the EXTERNAL column
++ of proxyarp.
++
++2) Fix find_first_interface_address() error reporting.
++
++3) Fix propagation of zero-valued config variables.
++
+ Changes in Shorewall 4.4.8
+
+ 1) Correct handling of RATE LIMIT on NAT rules.
+diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/configfiles/shorewall.conf shorewall-4.4.8.1/configfiles/shorewall.conf
+--- shorewall-4.4.8/configfiles/shorewall.conf 2010-03-23 08:47:56.000000000 -0700
++++ shorewall-4.4.8.1/configfiles/shorewall.conf 2010-04-07 14:49:33.000000000 -0700
+@@ -1,19 +1,10 @@
+ ###############################################################################
+-# /etc/shorewall/shorewall.conf Version 4 - Change the following variables to
+-# match your setup
+ #
+-# This program is under GPL
+-# [http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt]
+-#
+-# This file should be placed in /etc/shorewall
+-#
+-# (c) 1999,2000,2001,2002,2003,2004,2005,
+-# 2006,2007,2008 - Tom Eastep (teastep@shorewall.net)
++# Shorewall Version 4 -- /etc/shorewall/shorewall.conf
+ #
+ # For information about the settings in this file, type "man shorewall.conf"
+ #
+-# Additional information is available at
+-# http://www.shorewall.net/Documentation.htm#Conf
++# Manpage also online at http://www.shorewall.net/manpages/shorewall.conf.html
+ ###############################################################################
+ # S T A R T U P E N A B L E D
+ ###############################################################################
+diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/install.sh shorewall-4.4.8.1/install.sh
+--- shorewall-4.4.8/install.sh 2010-03-23 08:47:56.000000000 -0700
++++ shorewall-4.4.8.1/install.sh 2010-04-07 14:49:33.000000000 -0700
+@@ -22,7 +22,7 @@
+ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ #
+
+-VERSION=4.4.8
++VERSION=4.4.8.1
+
+ usage() # $1 = exit status
+ {
+diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/known_problems.txt shorewall-4.4.8.1/known_problems.txt
+--- shorewall-4.4.8/known_problems.txt 2010-03-23 08:47:56.000000000 -0700
++++ shorewall-4.4.8.1/known_problems.txt 2010-04-07 14:49:33.000000000 -0700
+@@ -1 +1,23 @@
+-There are no known problems in Shorewall 4.4.8
++1) Logical interface names in the EXTERNAL column of
++ /etc/shorewall/proxyarp were previously not mapped to their
++ corresponding physical interface names. This could cause 'start' or
++ 'restart' to fail.
++
++ Corrected in Shorewall 4.4.8.1
++
++2) If find_first_interface_address() cannot determine the address of
++ the passed interface, the following message is issued and the
++ process continues:
++
++ /usr/share/shorewall/lib.common: line 438:
++ startup_error: command not found
++
++ Corrected in Shorewall 4.4.8.1
++
++3) If LOG_VERBOSITY=0 in shorewall.conf, then when the compiled script
++ is executed, messages such as the following will be issued:
++
++ /var/lib/shorewall6/.restart: line 65: [: -gt: unary operator
++ expected
++
++ Corrected in Shorewall 4.4.8.1
+diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/Perl/Shorewall/Config.pm shorewall-4.4.8.1/Perl/Shorewall/Config.pm
+--- shorewall-4.4.8/Perl/Shorewall/Config.pm 2010-03-23 08:47:56.000000000 -0700
++++ shorewall-4.4.8.1/Perl/Shorewall/Config.pm 2010-04-07 14:49:33.000000000 -0700
+@@ -338,7 +338,7 @@
+ TC_SCRIPT => '',
+ EXPORT => 0,
+ UNTRACKED => 0,
+- VERSION => "4.4.8",
++ VERSION => "4.4.8.1",
+ CAPVERSION => 40408 ,
+ );
+
+@@ -3050,7 +3050,8 @@
+ #
+ sub propagateconfig() {
+ for my $option ( @propagateconfig ) {
+- my $value = $config{$option} || '';
++ my $value = $config{$option};
++ $value = '' unless defined $value;
+ emit "$option=\"$value\"";
+ }
+ }
+diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/Perl/Shorewall/Proxyarp.pm shorewall-4.4.8.1/Perl/Shorewall/Proxyarp.pm
+--- shorewall-4.4.8/Perl/Shorewall/Proxyarp.pm 2010-03-23 08:47:56.000000000 -0700
++++ shorewall-4.4.8.1/Perl/Shorewall/Proxyarp.pm 2010-04-07 14:49:33.000000000 -0700
+@@ -118,6 +118,7 @@
+ }
+
+ $interface = get_physical $interface;
++ $external = get_physical $external;
+
+ $set{$interface} = 1;
+ $reset{$external} = 1 unless $set{$external};
+diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/releasenotes.txt shorewall-4.4.8.1/releasenotes.txt
+--- shorewall-4.4.8/releasenotes.txt 2010-03-23 08:47:56.000000000 -0700
++++ shorewall-4.4.8.1/releasenotes.txt 2010-04-07 14:49:33.000000000 -0700
+@@ -1,5 +1,5 @@
+ ----------------------------------------------------------------------------
+- S H O R E W A L L 4 . 4 . 8
++ S H O R E W A L L 4 . 4 . 8 . 1
+ ----------------------------------------------------------------------------
+
+ I. RELEASE 4.4 HIGHLIGHTS
+@@ -218,6 +218,27 @@
+ I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
+ ----------------------------------------------------------------------------
+
++4.4.8.1
++
++1) Logical interface names in the EXTERNAL column of
++ /etc/shorewall/proxyarp were previously not mapped to their
++ corresponding physical interface names. This could cause 'start' or
++ 'restart' to fail.
++
++2) If find_first_interface_address() cannot determine the address of
++ the passed interface, the following message is issued and the
++ process continues:
++
++ /usr/share/shorewall/lib.common: line 438:
++ startup_error: command not found
++
++3) If LOG_VERBOSITY=0 in shorewall.conf, then when the compiled script
++ was executed, messages such as the following would be issued:
++
++ /var/lib/shorewall6/.restart: line 65: [: -gt: unary operator
++ expected
++4.4.8
++
+ 1) A CONTINUE rule specifying a log level would cause the compiler to
+ generate an incorrect rule sequence. The packet would be logged
+ but the CONTINUE action would not occur.
+@@ -286,6 +307,11 @@
+ 'shorewall refresh' executed, those new changes would not be included
+ in the active ruleset.
+
++12) In 4.4.7, it was documented that setting the 'bridge' option in an
++ interfaces file entry also set 'routeback'. That feature was
++ incomplete with the result that 'routeback' still needed to be
++ specified.
++
+ ----------------------------------------------------------------------------
+ I V. K N O W N P R O B L E M S R E M A I N I N G
+ ----------------------------------------------------------------------------
+diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/shorewall shorewall-4.4.8.1/shorewall
+--- shorewall-4.4.8/shorewall 2010-03-23 08:47:56.000000000 -0700
++++ shorewall-4.4.8.1/shorewall 2010-04-07 14:49:33.000000000 -0700
+@@ -301,14 +301,19 @@
+ }
+
+ #
++# Fatal error
++#
++startup_error() {
++ echo " ERROR: $@" >&2
++ kill $$
++ exit 1
++}
++
++#
+ # Run the compiler
+ #
+ compiler() {
+- startup_error() {
+- echo " ERROR: $@" >&2
+- exit 1
+- }
+-
++
+ if [ $(id -u) -ne 0 ]; then
+ if [ -z "$SHOREWALL_DIR" -o "$SHOREWALL_DIR" = /etc/shorewall ]; then
+ startup_error "Ordinary users may not compile the /etc/shorewall configuration"
+diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/shorewall.spec shorewall-4.4.8.1/shorewall.spec
+--- shorewall-4.4.8/shorewall.spec 2010-03-23 08:47:56.000000000 -0700
++++ shorewall-4.4.8.1/shorewall.spec 2010-04-07 14:49:33.000000000 -0700
+@@ -1,6 +1,6 @@
+ %define name shorewall
+ %define version 4.4.8
+-%define release 0base
++%define release 1
+
+ Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
+ Name: %{name}
+@@ -108,6 +108,8 @@
+ %doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples
+
+ %changelog
++* Thu Mar 25 2010 Tom Eastep tom@shorewall.net
++- Updated to 4.4.8-1
+ * Fri Mar 19 2010 Tom Eastep tom@shorewall.net
+ - Updated to 4.4.8-0base
+ * Tue Mar 16 2010 Tom Eastep tom@shorewall.net
+diff -Naur -X /home/teastep/bin/exclude.txt shorewall-4.4.8/uninstall.sh shorewall-4.4.8.1/uninstall.sh
+--- shorewall-4.4.8/uninstall.sh 2010-03-23 08:47:56.000000000 -0700
++++ shorewall-4.4.8.1/uninstall.sh 2010-04-07 14:49:33.000000000 -0700
+@@ -26,7 +26,7 @@
+ # You may only use this script to uninstall the version
+ # shown below. Simply run this script to remove Shorewall Firewall
+
+-VERSION=4.4.8
++VERSION=4.4.8.1
+
+ usage() # $1 = exit status
+ {
diff --git a/network/shorewall/shorewall.SlackBuild b/network/shorewall/shorewall.SlackBuild
index 23d0bf73f6d5f..3485ec6fc8383 100644
--- a/network/shorewall/shorewall.SlackBuild
+++ b/network/shorewall/shorewall.SlackBuild
@@ -24,7 +24,7 @@
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
PRGNAM=shorewall
-VERSION=${VERSION:-4.4.8}
+VERSION=${VERSION:-4.4.8.1}
ARCH=noarch
BUILD=${BUILD:-1}
TAG=${TAG:-_SBo}
diff --git a/network/shorewall/shorewall.info b/network/shorewall/shorewall.info
index 36a6e68ce5f65..7c52beecb13d0 100644
--- a/network/shorewall/shorewall.info
+++ b/network/shorewall/shorewall.info
@@ -1,10 +1,12 @@
PRGNAM="shorewall"
-VERSION="4.4.8"
+VERSION="4.4.8.1"
HOMEPAGE="http://www.shorewall.net"
-DOWNLOAD="http://www.shorewall.net/pub/shorewall/4.4/shorewall-4.4.8/base/shorewall-4.4.8.tar.bz2"
-MD5SUM="900a1017bd5696403d1d840fd01d67c0"
+DOWNLOAD="http://www.shorewall.net/pub/shorewall/4.4/shorewall-4.4.8/base/shorewall-4.4.8.tar.bz2 \
+ http://www.shorewall.net/pub/shorewall/4.4/shorewall-4.4.8/patch-4.4.8.1"
+MD5SUM="900a1017bd5696403d1d840fd01d67c0 \
+ b153bd9fc22ddcf10311ec39586ea13f"
DOWNLOAD_x86_64=""
MD5SUM_x86_64=""
MAINTAINER="ArTourter"
EMAIL="artourter@gmail.com"
-APPROVED="rworkman"
+APPROVED="dsomero"