Re: [Shorewall-devel] Shorewall 4.4.22 Beta 1

Mon, 18 Jul 2011 15:44:10 -0700 

On Mon, 2011-07-18 at 22:36 +0100, Steven Jan Springl wrote:

> In the attached minimal config. the entry in the masq file generates the 
> following iptables rule in the nat table:
> 
> -A POSTROUTING -s 192.168.0.4 -o eth0 -j SNAT --to-source 
> 192.168.0.4--persistent
> 
> This produces the following error message:
> 
> iptables-restore v1.4.11.1: Bad IP address "-persistent"

Steven

This has apparently been broken for some time -- the attached patch
applies cleanly to 4.4.21, 4.4.22-Beta1 and 4.4.22-Beta2 (which has now
been uploaded).

Thanks,
-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________


commit 58de3dd3c15716154b4e31c902c82b1779200763
Author: Tom Eastep <[email protected]>
Date:   Mon Jul 18 15:35:07 2011 -0700

    Fix :persistent and :random in /etc/shorewall/masq
    
    Signed-off-by: Tom Eastep <[email protected]>

diff --git a/Shorewall/Perl/Shorewall/Nat.pm b/Shorewall/Perl/Shorewall/Nat.pm
index 6e67c02..2a4dd9c 100644
--- a/Shorewall/Perl/Shorewall/Nat.pm
+++ b/Shorewall/Perl/Shorewall/Nat.pm
@@ -163,8 +163,8 @@ sub process_one_masq( )
 	    if ( $addresses eq 'random' ) {
 		$randomize = '--random ';
 	    } else {
-		$addresses =~ s/:persistent$// and $persistent = '--persistent ';
-		$addresses =~ s/:random$//     and $randomize  = '--random ';
+		$addresses =~ s/:persistent$// and $persistent = ' --persistent ';
+		$addresses =~ s/:random$//     and $randomize  = ' --random ';
 
 		require_capability 'PERSISTENT_SNAT', ':persistent', 's' if $persistent;

Attachment: signature.asc
Description: This is a digitally signed message part

------------------------------------------------------------------------------
Storage Efficiency Calculator
This modeling tool is based on patent-pending intellectual property that
has been used successfully in hundreds of IBM storage optimization engage-
ments, worldwide.  Store less, Store more with what you own, Move data to 
the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel

Reply via email to