Tom Eastep wrote: > On Mon, 2007-06-18 at 18:55 -0700, Tom Eastep wrote: >> Steven Jan Springl wrote: > >>> The directory is attached. >>> >> When I compile the configuration in that directory, I get no instance of >> br0:192.168.21.21 in the generated script. Please send your compiled script. > > Never mind -- this problem is independent of which compiler is used.
Up to now, when the full version of Shorewall is used (as opposed to Shorewall Lite), the 'stop' and 'clear' commands continue to be handled by /usr/share/shorewall/firewall. That script parses and executes the commands in one pass. So for stop/clear, it really doesn't make any sense to carefully edit the /etc/shorewall/routestopped file for correctness; the code just makes a best-faith effort to do what the user asked. Given that the same code parses the routestopped file for the Shorewall-shell compiler, that compiler currently doesn't edit the file carefully either. I've modified /sbin/shorewall in the 4.0 path to use /var/lib/shorewall/.restore for executing these commands (if it exists) and I've modified Shorewall-perl to validate the contents of the INTERFACE column. I'll ask Roberto to take a look at Shorewall-shell when he returns from vacation. Fix is in r6597. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
