Tim Clymo
2002-Sep-01 09:25 UTC
[Shorewall-users] patch against /etc/init.d/shorewall (CVS rev 1.9)
Fixes probable typo with rules processing --- shorewall.orig 2002-09-01 10:08:42.000000000 +0100 +++ shorewall 2002-08-31 11:47:01.000000000 +0100 @@ -1536,7 +1537,7 @@ # Generate nat table rules if [ "$source" = "$FW" ]; then - run_iptables -t nat -A OUTPUT $proto $sports -d addr + run_iptables -t nat -A OUTPUT $proto $sports -d $addr \ $multiport $dports -j $target1 else chain=`dnat_chain $source`
Tom Eastep
2002-Sep-01 17:19 UTC
[Shorewall-users] patch against /etc/init.d/shorewall (CVS rev 1.9)
On Sunday 01 September 2002 02:25 am, Tim Clymo wrote:> Fixes probable typo with rules processing > > --- shorewall.orig 2002-09-01 10:08:42.000000000 +0100 > +++ shorewall 2002-08-31 11:47:01.000000000 +0100 > @@ -1536,7 +1537,7 @@ > # Generate nat table rules > > if [ "$source" = "$FW" ]; then > - run_iptables -t nat -A OUTPUT $proto $sports -d addr > + run_iptables -t nat -A OUTPUT $proto $sports -d $addr \ > $multiport $dports -j $target1 > else > chain=`dnat_chain $source`Thanks! -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net
Tim Clymo
2002-Sep-02 17:35 UTC
[Shorewall-users] patch against /etc/init.d/shorewall (CVS rev 1.9)
Sorry, there are two differences on the patched line - firstly the "\" line continuation, and secondly the -d argument changed from a string to a variable. On the assumption that this has been applied to the 1.3.7b errata, the string/variable thing is still broken ;) On Sun, 2002-09-01 at 18:19, Tom Eastep wrote:> On Sunday 01 September 2002 02:25 am, Tim Clymo wrote: > > Fixes probable typo with rules processing > > > > --- shorewall.orig 2002-09-01 10:08:42.000000000 +0100 > > +++ shorewall 2002-08-31 11:47:01.000000000 +0100 > > @@ -1536,7 +1537,7 @@ > > # Generate nat table rules > > > > if [ "$source" = "$FW" ]; then > > - run_iptables -t nat -A OUTPUT $proto $sports -d addr > > + run_iptables -t nat -A OUTPUT $proto $sports -d $addr \ > > $multiport $dports -j $target1 > > else > > chain=`dnat_chain $source` > > Thanks! > > -Tom > -- > Tom Eastep \ Shorewall - iptables made easy > AIM: tmeastep \ http://www.shorewall.net > ICQ: #60745924 \ teastep@shorewall.net