--==========1809029384=========Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline This corrects a more serious problem -- the ''find_hosts_by_option'' routine was broken which means that ''routestopped'' and ''maclist'' were also broken. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net --==========1809029384=========Content-Type: text/plain; charset=us-ascii; name=patch-12202002-1 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=patch-12202002-1; size=859 Index: firewall ==================================================================RCS file: /usr/local/cvs/Shorewall/firewall,v retrieving revision 1.148 diff -a -u -r1.148 firewall --- firewall 20 Dec 2002 01:13:41 -0000 1.148 +++ firewall 20 Dec 2002 21:05:59 -0000 @@ -1159,7 +1159,7 @@ for interface in $all_interfaces; do eval options=\$`chain_base ${interface}`_options - list_search $options && \ + list_search $1 $options && \ echo ${interface}:0.0.0.0/0 done } @@ -1679,8 +1679,7 @@ qt ip addr del $external dev $interface fi - if [ -z "$allints" -o "$allints" = "Yes" \ - -o "$allints" = "yes" ] + if [ -z "$allints" -o "$allints" = "Yes" -o "$allints" = "yes" ] then addnatrule nat_in -d $external -j DNAT --to-destination $internal addnatrule nat_out -s $internal -j SNAT --to-source $external --==========1809029384==========--