summaryrefslogtreecommitdiff
path: root/network/shorewall6/patch-6-4.4.12.2
diff options
context:
space:
mode:
Diffstat (limited to 'network/shorewall6/patch-6-4.4.12.2')
-rw-r--r--network/shorewall6/patch-6-4.4.12.2116
1 files changed, 116 insertions, 0 deletions
diff --git a/network/shorewall6/patch-6-4.4.12.2 b/network/shorewall6/patch-6-4.4.12.2
new file mode 100644
index 0000000000..917d4656c4
--- /dev/null
+++ b/network/shorewall6/patch-6-4.4.12.2
@@ -0,0 +1,116 @@
+diff -Naur -X /Users/teastep/bin/exclude.txt shorewall6-4.4.12.1/changelog.txt shorewall6-4.4.12.2/changelog.txt
+--- shorewall6-4.4.12.1/changelog.txt 2010-08-24 13:17:59.000000000 -0700
++++ shorewall6-4.4.12.2/changelog.txt 2010-09-04 07:30:23.000000000 -0700
+@@ -1,9 +1,17 @@
++Changes in Shorewall 4.4.12.2
++
++1) Add tweak to 4.4.12.1 optimization fix.
++
++2) Fix exclusion in the blacklist file.
++
+ Changes in Shorewall 4.4.12.1
+
+ 1) Fix optimization bugs.
+
+ 2) Fix detection of old ipset match capability
+
++3) Fix REQUIRE_INTERFACE=Yes
++
+ Changes in Shorewall 4.4.12
+
+ 1) Fix IPv6 shorecap program.
+diff -Naur -X /Users/teastep/bin/exclude.txt shorewall6-4.4.12.1/install.sh shorewall6-4.4.12.2/install.sh
+--- shorewall6-4.4.12.1/install.sh 2010-08-24 13:15:35.000000000 -0700
++++ shorewall6-4.4.12.2/install.sh 2010-09-04 07:30:24.000000000 -0700
+@@ -22,7 +22,7 @@
+ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ #
+
+-VERSION=4.4.12.1
++VERSION=4.4.12.2
+
+ usage() # $1 = exit status
+ {
+diff -Naur -X /Users/teastep/bin/exclude.txt shorewall6-4.4.12.1/releasenotes.txt shorewall6-4.4.12.2/releasenotes.txt
+--- shorewall6-4.4.12.1/releasenotes.txt 2010-08-24 13:17:59.000000000 -0700
++++ shorewall6-4.4.12.2/releasenotes.txt 2010-09-04 07:30:23.000000000 -0700
+@@ -1,5 +1,5 @@
+ ----------------------------------------------------------------------------
+- S H O R E W A L L 4 . 4 . 1 2 . 1
++ S H O R E W A L L 4 . 4 . 1 2 . 2
+ ----------------------------------------------------------------------------
+
+ I. RELEASE 4.4 HIGHLIGHTS
+@@ -224,21 +224,38 @@
+ I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
+ ----------------------------------------------------------------------------
+
++4.4.12.2
++
++1) Earlier releases allowed CONTINUE rules with exclusion. These rules
++ generated valid but incorrect iptables (ip6tables) input. Such
++ rules are now disallowed.
++
++2) The fix for COMMENT and OPTIMIZE 8-15 in 4.4.12.1 missed one case
++ which has now been corrected.
++
++3) Previously, exclusion in the blacklist file was correctly validated
++ but was then ignored when generating iptables (ip6tables) rules.
++
++4) Previously, the interface option combination of 'optional' and
++ 'upnpclient' did not work correctly.
++
+ 4.4.12.1
+
+ 1) Under rare circumstances where COMMENT is used to attach comments
+ to rules, OPTIMIZE 8 through 15 could result in invalid
+ iptables-restore (ip6tables-restore) input.
+
+-2) Under rare circumstances unvolving exclusion, OPTIMIZE 8 through 15
++2) Under rare circumstances involving exclusion, OPTIMIZE 8 through 15
+ could result in invalid iptables-restore (ip6tables-restore) input.
+
+ 3) The change in 4.4.12 to detect and use the new ipset match syntax
+ broke the ability to detect the old ipset match capability. Now,
+ both versions of the capability can be correctly detected.
+
+-4.4.12
++4) Previously, if REQUIRE_INTERFACE=Yes then start/restart would fail
++ if the last optional interface tested was not available.
+
++4.4.12
+
+ 1) Previously, the Shorewall6-lite version of shorecap was using
+ iptables rather than ip6tables, with the result that many capabilities
+diff -Naur -X /Users/teastep/bin/exclude.txt shorewall6-4.4.12.1/shorewall6.spec shorewall6-4.4.12.2/shorewall6.spec
+--- shorewall6-4.4.12.1/shorewall6.spec 2010-08-24 13:15:35.000000000 -0700
++++ shorewall6-4.4.12.2/shorewall6.spec 2010-09-04 07:30:24.000000000 -0700
+@@ -1,6 +1,6 @@
+ %define name shorewall6
+ %define version 4.4.12
+-%define release 1
++%define release 2
+
+ Summary: Shoreline Firewall 6 is an ip6tables-based firewall for Linux systems.
+ Name: %{name}
+@@ -98,6 +98,8 @@
+ %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn ipv6 Samples6
+
+ %changelog
++* Sat Sep 04 2010 Tom Eastep tom@shorewall.net
++- Updated to 4.4.12-2
+ * Mon Aug 23 2010 Tom Eastep tom@shorewall.net
+ - Updated to 4.4.12-1
+ * Sun Aug 15 2010 Tom Eastep tom@shorewall.net
+diff -Naur -X /Users/teastep/bin/exclude.txt shorewall6-4.4.12.1/uninstall.sh shorewall6-4.4.12.2/uninstall.sh
+--- shorewall6-4.4.12.1/uninstall.sh 2010-08-24 13:15:35.000000000 -0700
++++ shorewall6-4.4.12.2/uninstall.sh 2010-09-04 07:30:24.000000000 -0700
+@@ -26,7 +26,7 @@
+ # You may only use this script to uninstall the version
+ # shown below. Simply run this script to remove Shorewall Firewall
+
+-VERSION=4.4.12.1
++VERSION=4.4.12.2
+
+ usage() # $1 = exit status
+ {