On 04/10/2011 00:33, Tom Eastep wrote:
> On Oct 3, 2011, at 3:26 PM, Richard B. Pyne wrote:
>
>> I have been using shorewall, including iprange, for many years and never
>> had a problem until recently. It would really be nice if new
>> dependencies were noted.
>
> That dependency has existed since Shorewall 4.2.something.
>
I presume bc is only used here because some shells are not correctly
handling 32bit unsigned correctly? Or is it an ipv6 thing?
Could something like the following be used to avoid needing bc in the
case that the shell works somewhat as expected?
addr_comp() {
if [ 1 -lt 2147483648 -a 1 -lt 4294697295 ]; then
[ $1 -gt $2 ]
else
test $(bc <<EOF
$1 > $2
EOF
) -eq 1
fi
}
I tested this under recent busybox and it seems ok. Not sure what
failure modes I should be testing for though? Not sure if this even
fails sanely for users without supported shells..?
Perhaps you could consider this modification in next shorewall if it
eliminates the requirement for bc for a large lump of users? (I don't
think I have bc installed on any of my systems?)
Cheers
Ed W
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure contains a
definitive record of customers, application performance, security
threats, fraudulent activity and more. Splunk takes this data and makes
sense of it. Business sense. IT sense. Common sense.
http://p.sf.net/sfu/splunk-d2dcopy1
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
