Update of /cvsroot/leaf/src/bering-uclibc/contrib/shorewall
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4651
Modified Files:
buildtool.cfg buildtool.mk shorewall-config.diff
shorewall-lrp.diff
Log Message:
new upstream version 3.0.5
Index: shorewall-config.diff
===================================================================
RCS file:
/cvsroot/leaf/src/bering-uclibc/contrib/shorewall/shorewall-config.diff,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** shorewall-config.diff 26 Feb 2006 19:24:45 -0000 1.6
--- shorewall-config.diff 28 Feb 2006 18:28:30 -0000 1.7
***************
*** 1,81 ****
! diff -urN shorewall-2.4.8.orig/interfaces shorewall-2.4.8/interfaces
! --- shorewall-2.4.8.orig/interfaces 2005-11-13 22:02:42.000000000 +0100
! +++ shorewall-2.4.8/interfaces 2006-02-26 13:25:39.000000000 +0100
! @@ -209,4 +209,6 @@
#
###############################################################################
#ZONE INTERFACE BROADCAST OPTIONS
! +net eth0 detect dhcp,routefilter,norfc1918
! +loc eth1 detect dhcp
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
! diff -urN shorewall-2.4.8.orig/masq shorewall-2.4.8/masq
! --- shorewall-2.4.8.orig/masq 2005-08-02 15:58:34.000000000 +0200
! +++ shorewall-2.4.8/masq 2006-02-26 13:25:39.000000000 +0100
! @@ -217,4 +217,5 @@
#
###############################################################################
#INTERFACE SUBNET ADDRESS PROTO PORT(S) IPSEC
! +eth0 eth1
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
! diff -urN shorewall-2.4.8.orig/policy shorewall-2.4.8/policy
! --- shorewall-2.4.8.orig/policy 2005-08-02 15:58:34.000000000 +0200
! +++ shorewall-2.4.8/policy 2006-02-26 13:25:39.000000000 +0100
! @@ -93,4 +93,14 @@
###############################################################################
#SOURCE DEST POLICY LOG
LIMIT:BURST
# LEVEL
! +loc net ACCEPT
! +net all DROP ULOG
! +# If you want to open access to the Internet from your Firewall
+# remove the comment from the following line.
! +#fw net ACCEPT
+
+#
+# THE FOLLOWING POLICY MUST BE LAST
+#
! +all all REJECT ULOG
#LAST LINE -- DO NOT REMOVE
! diff -urN shorewall-2.4.8.orig/rules shorewall-2.4.8/rules
! --- shorewall-2.4.8.orig/rules 2005-08-02 15:58:34.000000000 +0200
! +++ shorewall-2.4.8/rules 2006-02-26 13:25:39.000000000 +0100
! @@ -369,4 +369,27 @@
!
#############################################################################################################
! #ACTION SOURCE DEST PROTO DEST SOURCE
ORIGINAL RATE USER/
! # PORT PORT(S) DEST
LIMIT GROUP
! +
! +# Accept DNS connections from the firewall to the network
! +# and from the local network to the firewall (in case dnsmasq is running)
! +AllowDNS fw net
! +AllowDNS loc fw
+
! +# Accept SSH connections from the local network for administration
+#
! +AllowSSH loc fw
+
! +# Allow Ping to firewall
+#
! +AllowPing net fw
! +AllowPing loc fw
! +
! +# Allow all ICMP types (including ping) from firewall
! +ACCEPT fw loc icmp
! +ACCEPT fw net icmp
+
- +# Allow local network to access weblet/webconf
+#
! +AllowWeb loc fw
! +
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
! diff -urN shorewall-2.4.8.orig/zones shorewall-2.4.8/zones
! --- shorewall-2.4.8.orig/zones 2005-08-02 15:58:34.000000000 +0200
! +++ shorewall-2.4.8/zones 2006-02-26 13:25:39.000000000 +0100
! @@ -31,4 +31,9 @@
! #
!
###############################################################################
! #ZONE DISPLAY COMMENTS
! +
! +net Net Internet
! +loc Local Local networks
! +#dmz DMZ Demilitarized zone
! +
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
--- 1,77 ----
! diff -urN shorewall-3.0.5.orig/interfaces shorewall-3.0.5/interfaces
! --- shorewall-3.0.5.orig/interfaces 2005-10-21 19:25:17.000000000 +0200
! +++ shorewall-3.0.5/interfaces 2006-02-25 17:11:13.000000000 +0100
! @@ -219,4 +219,6 @@
#
###############################################################################
#ZONE INTERFACE BROADCAST OPTIONS
! +net eth0 detect dhcp,routefilter,norfc1918
! +loc eth1 detect dhcp
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
! diff -urN shorewall-3.0.5.orig/masq shorewall-3.0.5/masq
! --- shorewall-3.0.5.orig/masq 2005-11-16 18:07:49.000000000 +0100
! +++ shorewall-3.0.5/masq 2006-02-25 17:11:40.000000000 +0100
! @@ -222,4 +222,5 @@
#
###############################################################################
#INTERFACE SUBNET ADDRESS PROTO PORT(S) IPSEC
! +eth0 eth1
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
! diff -urN shorewall-3.0.5.orig/policy shorewall-3.0.5/policy
! --- shorewall-3.0.5.orig/policy 2005-08-31 17:27:22.000000000 +0200
! +++ shorewall-3.0.5/policy 2006-02-25 17:12:29.000000000 +0100
! @@ -101,4 +101,14 @@
###############################################################################
#SOURCE DEST POLICY LOG
LIMIT:BURST
# LEVEL
! +loc net ACCEPT
! +net all DROP ULOG
! +# If you want open access to the Internet from your Firewall
+# remove the comment from the following line.
! +#fw net ACCEPT
+
+#
+# THE FOLLOWING POLICY MUST BE LAST
+#
! +all all REJECT ULOG
#LAST LINE -- DO NOT REMOVE
! diff -urN shorewall-3.0.5.orig/rules shorewall-3.0.5/rules
! --- shorewall-3.0.5.orig/rules 2005-10-31 22:21:55.000000000 +0100
! +++ shorewall-3.0.5/rules 2006-02-25 17:13:31.000000000 +0100
! @@ -431,4 +431,25 @@
! #SECTION ESTABLISHED
! #SECTION RELATED
! SECTION NEW
! +# Accept DNS connections from the firewall to the network
! +# and from the local network to the firewall (in case dnsmasq is
running)
! +DNS/ACCEPT fw net
! +DNS/ACCEPT loc fw
+
! +# Accept SSH connections from the local network for administration
+#
! +SSH/ACCEPT loc fw
+
! +# Allow Ping to Firewall
+#
! +Ping/ACCEPT net fw
! +Ping/ACCEPT loc fw
+
+#
! +# Allow all ICMP types (including ping) from firewall
! +ACCEPT fw loc icmp
! +ACCEPT fw net icmp
! +# Allow local network to access weblet/webconf
! +#
! +Web/ACCEPT loc fw
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
! diff -urN shorewall-3.0.5.orig/zones shorewall-3.0.5/zones
! --- shorewall-3.0.5.orig/zones 2005-12-11 17:13:15.000000000 +0100
! +++ shorewall-3.0.5/zones 2006-02-25 17:20:21.000000000 +0100
! @@ -111,4 +111,7 @@
! #ZONE TYPE OPTIONS IN OUT
! # OPTIONS OPTIONS
! fw firewall
! +net ipv4
! +loc ipv4
! +#dmz ipv4
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
Index: buildtool.cfg
===================================================================
RCS file: /cvsroot/leaf/src/bering-uclibc/contrib/shorewall/buildtool.cfg,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** buildtool.cfg 25 Feb 2006 14:30:46 -0000 1.7
--- buildtool.cfg 28 Feb 2006 18:28:30 -0000 1.8
***************
*** 5,11 ****
</Server>
! <File shorewall-2.4.8.tgz>
Server = shorewall-net
! Directory = 2.4/shorewall-2.4.8
Envname = SHOREWALL_SOURCE
</File>
--- 5,11 ----
</Server>
! <File shorewall-3.0.5.tgz>
Server = shorewall-net
! Directory = 3.0/shorewall-3.0.5
Envname = SHOREWALL_SOURCE
</File>
***************
*** 45,49 ****
<Package>
<shorwall>
! Version 2.4.8
Revision = 1
--- 45,50 ----
<Package>
<shorwall>
! packagename=shorwall
! Version 3.0.5
Revision = 1
***************
*** 110,122 ****
</File>
<File>
- Filename = var/state/shorewall/
- Type = directory
- Type = list
- </File>
- <File>
- Filename = var/state/shorewall/*
- Type = exclude
- </File>
- <File>
Filename = etc/default/shorewall
Source = etc/default/shorewall
--- 111,114 ----
***************
*** 249,252 ****
--- 241,261 ----
</File>
<File>
+ Filename = etc/shorewall/tcdevices
+ Source = etc/shorewall/tcdevices
+ Permissions = 600
+ Description = TCDevices
+ Type = binary
+ Type = conf
+ </File>
+ <File>
+ Filename = etc/shorewall/tcclasses
+ Source = etc/shorewall/tcclasses
+ Permissions = 600
+ Description = TCClasses
+ Type = binary
+ Type = conf
+ </File>
+
+ <File>
Filename = etc/shorewall/tcrules
Source = etc/shorewall/tcrules
***************
*** 368,372 ****
Type = conf
</File>
-
</Contents>
</shorwall>
--- 377,380 ----
Index: buildtool.mk
===================================================================
RCS file: /cvsroot/leaf/src/bering-uclibc/contrib/shorewall/buildtool.mk,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** buildtool.mk 25 Feb 2006 14:30:46 -0000 1.5
--- buildtool.mk 28 Feb 2006 18:28:30 -0000 1.6
***************
*** 9,13 ****
TARGET_DIR=$(BT_BUILD_DIR)/shorewall
! SHOREWALL_DIR:=shorewall-2.4.8
$(SHOREWALL_DIR)/.source:
--- 9,13 ----
TARGET_DIR=$(BT_BUILD_DIR)/shorewall
! SHOREWALL_DIR:=shorewall-3.0.5
$(SHOREWALL_DIR)/.source:
Index: shorewall-lrp.diff
===================================================================
RCS file: /cvsroot/leaf/src/bering-uclibc/contrib/shorewall/shorewall-lrp.diff,v
retrieving revision 1.6
retrieving revision 1.7
diff -C2 -d -r1.6 -r1.7
*** shorewall-lrp.diff 26 Feb 2006 19:24:45 -0000 1.6
--- shorewall-lrp.diff 28 Feb 2006 18:28:30 -0000 1.7
***************
*** 1,25 ****
! diff -urN shorewall-2.4.8.orig/init.sh shorewall-2.4.8/init.sh
! --- shorewall-2.4.8.orig/init.sh 2005-07-13 22:59:06.000000000 +0200
! +++ shorewall-2.4.8/init.sh 2006-02-26 13:27:50.000000000 +0100
! @@ -72,12 +72,12 @@
case "$command" in
-
- start)
+ start|restart)
!
! - exec /sbin/shorewall $OPTIONS start
! + exec /sbin/shorewall $OPTIONS $@
;;
-
- stop|restart|status)
+ stop|status)
-
exec /sbin/shorewall $@
;;
! diff -urN shorewall-2.4.8.orig/shorewall.conf shorewall-2.4.8/shorewall.conf
! --- shorewall-2.4.8.orig/shorewall.conf 2005-10-11 18:49:02.000000000
+0200
! +++ shorewall-2.4.8/shorewall.conf 2006-02-26 13:27:50.000000000 +0100
! @@ -15,7 +15,7 @@
# this variable to 'Yes'
#
--- 1,22 ----
! diff -urN shorewall-3.0.5.orig/init.sh shorewall-3.0.5/init.sh
! --- shorewall-3.0.5.orig/init.sh 2005-12-07 23:03:44.000000000 +0100
! +++ shorewall-3.0.5/init.sh 2006-02-25 17:21:45.000000000 +0100
! @@ -72,10 +72,10 @@
! command="$1"
case "$command" in
- start)
+ start|restart)
! exec /sbin/shorewall $OPTIONS $@
;;
- stop|restart|status)
+ stop|status)
exec /sbin/shorewall $@
;;
! reload)
! diff -urN shorewall-3.0.5.orig/shorewall.conf shorewall-3.0.5/shorewall.conf
! --- shorewall-3.0.5.orig/shorewall.conf 2006-02-02 00:08:34.000000000
+0100
! +++ shorewall-3.0.5/shorewall.conf 2006-02-25 17:24:42.000000000 +0100
! @@ -53,7 +53,7 @@
# this variable to 'Yes'
#
***************
*** 30,34 ****
###############################################################################
# L O G G I N G
! @@ -70,7 +70,7 @@
# http://www.shorewall.net/shorewall_logging.html
#
--- 27,31 ----
###############################################################################
# L O G G I N G
! @@ -108,7 +108,7 @@
# http://www.shorewall.net/shorewall_logging.html
#
***************
*** 39,52 ****
#
# LOG FORMAT
! @@ -180,7 +180,7 @@
! # Example: LOGNEWNOTSYN=debug
! #
!
! -LOGNEWNOTSYN=info
! +LOGNEWNOTSYN=ULOG
!
! #
! # MAC List Log Level
! @@ -192,7 +192,7 @@
# See the comment at the top of this section for a description of log levels
#
--- 36,40 ----
#
# LOG FORMAT
! @@ -213,7 +213,7 @@
# See the comment at the top of this section for a description of log levels
#
***************
*** 57,61 ****
#
# TCP FLAGS Log Level
! @@ -204,7 +204,7 @@
# See the comment at the top of this section for a description of log levels
#
--- 45,49 ----
#
# TCP FLAGS Log Level
! @@ -225,7 +225,7 @@
# See the comment at the top of this section for a description of log levels
#
***************
*** 66,70 ****
#
# RFC1918 Log Level
! @@ -216,7 +216,7 @@
# See the comment at the top of this section for a description of log levels
#
--- 54,58 ----
#
# RFC1918 Log Level
! @@ -237,7 +237,7 @@
# See the comment at the top of this section for a description of log levels
#
***************
*** 75,79 ****
#
# SMURF Log Level
! @@ -229,7 +229,7 @@
# See the comment at the top of this section for a description of log levels
#
--- 63,67 ----
#
# SMURF Log Level
! @@ -250,7 +250,7 @@
# See the comment at the top of this section for a description of log levels
#
***************
*** 83,97 ****
#
- # BOGON Log Level
- @@ -243,7 +243,7 @@
- # See the comment at the top of this section for a description of log levels
- #
-
- -BOGON_LOG_LEVEL=info
- +BOGON_LOG_LEVEL=ULOG
-
- #
# MARTIAN LOGGING
! @@ -292,7 +292,7 @@
# use lock files, set this to "".
#
--- 71,76 ----
#
# MARTIAN LOGGING
! @@ -299,7 +299,7 @@
# use lock files, set this to "".
#
***************
*** 101,115 ****
#
- # SHOREWALL TEMPORARY STATE DIRECTORY
- @@ -301,7 +301,7 @@
- # it is running
- #
-
- -STATEDIR=/var/lib/shorewall
- +STATEDIR=/var/state/shorewall
-
- #
# KERNEL MODULE DIRECTORY
! @@ -710,7 +710,7 @@
# Shorewall to disable IPV6 traffic to/from and through your
# firewall system. This requires that you have ip6tables installed.
--- 80,85 ----
#
# KERNEL MODULE DIRECTORY
! @@ -683,7 +683,7 @@
# Shorewall to disable IPV6 traffic to/from and through your
# firewall system. This requires that you have ip6tables installed.
***************
*** 120,126 ****
#
# BRIDGING
! diff -urN shorewall-2.4.8.orig/start shorewall-2.4.8/start
! --- shorewall-2.4.8.orig/start 2005-08-02 15:58:34.000000000 +0200
! +++ shorewall-2.4.8/start 2006-02-26 13:27:50.000000000 +0100
@@ -10,4 +10,7 @@
# information.
--- 90,96 ----
#
# BRIDGING
! diff -urN shorewall-3.0.5.orig/start shorewall-3.0.5/start
! --- shorewall-3.0.5.orig/start 2005-08-31 17:27:22.000000000 +0200
! +++ shorewall-3.0.5/start 2006-02-25 17:25:01.000000000 +0100
@@ -10,4 +10,7 @@
# information.
***************
*** 131,137 ****
+done
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
! diff -urN shorewall-2.4.8.orig/stop shorewall-2.4.8/stop
! --- shorewall-2.4.8.orig/stop 2005-08-02 15:58:34.000000000 +0200
! +++ shorewall-2.4.8/stop 2006-02-26 13:27:50.000000000 +0100
@@ -10,4 +10,7 @@
# information.
--- 101,107 ----
+done
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
! diff -urN shorewall-3.0.5.orig/stop shorewall-3.0.5/stop
! --- shorewall-3.0.5.orig/stop 2005-08-31 17:27:22.000000000 +0200
! +++ shorewall-3.0.5/stop 2006-02-25 17:25:20.000000000 +0100
@@ -10,4 +10,7 @@
# information.
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
leaf-cvs-commits mailing list
leaf-cvs-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-cvs-commits
