Tom Eastep wrote:
Tom Eastep wrote:Running /usr/sbin/iptables-restore... Setting up dynamic rules... IP Forwarding Enabled Processing /home/teastep/Configs/gateway/start ... Processing /home/teastep/Configs/gateway/started ... done. System gateway reloaded [EMAIL PROTECTED]:~/Configs/gateway>Here's the patch to Shorewall-perl. Shorewall-shell patch forthcoming...
Here are both patches (forgot to attach Perl patch the last time). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Index: Shorewall/Compiler.pm
===================================================================
--- Shorewall/Compiler.pm (revision 8380)
+++ Shorewall/Compiler.pm (working copy)
@@ -661,12 +661,18 @@
else
if [ $COMMAND = refresh ]; then
chainlist_reload
+EOF
+ setup_forwarding;
+ emit<<'EOF';
run_refreshed_exit
do_iptables -N shorewall
set_state "Started"
else
setup_netfilter
restore_dynamic_rules
+EOF
+ setup_forwarding;
+ emit<<'EOF';
run_start_exit
do_iptables -N shorewall
set_state "Started"
@@ -799,7 +805,6 @@
setup_route_filtering;
setup_martian_logging;
setup_source_routing;
- setup_forwarding;
#
# Proxy Arp
#
Index: Shorewall/Proc.pm
===================================================================
--- Shorewall/Proc.pm (revision 8380)
+++ Shorewall/Proc.pm (working copy)
@@ -199,11 +199,11 @@
sub setup_forwarding() {
if ( $config{IP_FORWARDING} eq 'on' ) {
- emit 'echo 1 > /proc/sys/net/ipv4/ip_forward';
- emit 'progress_message2 IP Forwarding Enabled';
+ emit ' echo 1 > /proc/sys/net/ipv4/ip_forward';
+ emit ' progress_message2 IP Forwarding Enabled';
} elsif ( $config{IP_FORWARDING} eq 'off' ) {
- emit 'echo 0 > /proc/sys/net/ipv4/ip_forward';
- emit 'progress_message2 IP Forwarding Disabled!';
+ emit ' echo 0 > /proc/sys/net/ipv4/ip_forward';
+ emit ' progress_message2 IP Forwarding Disabled!';
}
emit '';
Index: compiler
===================================================================
--- compiler (revision 8380)
+++ compiler (working copy)
@@ -683,10 +683,12 @@
On|on|ON|Yes|yes|YES)
save_progress_message "IP Forwarding Enabled"
save_command "echo 1 > /proc/sys/net/ipv4/ip_forward"
+ save_command ""
;;
Off|off|OFF|No|no|NO)
save_progress_message "IP Forwarding Disabled!"
save_command "echo 0 > /proc/sys/net/ipv4/ip_forward"
+ save_command ""
;;
esac
}
@@ -3937,8 +3939,6 @@
run_iptables -t nat -A PREROUTING -i $interface -j UPnP
done
fi
-
- setup_forwarding
}
#
@@ -5632,6 +5632,7 @@
fi
__EOF__
+ setup_forwarding
save_command "date > \${VARDIR}/restarted"
append_file start
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
