Menu
▾
▴
Re: [Shorewall-users] [PATCH] Nasty bug
|
From: Tom E. <te...@sh...> - 2011-08-02 19:24:37
|
Which Shorewall version? -Tom On Tue, 2011-08-02 at 12:16 -0700, Andrew Silverman wrote: > After applying this patch, Shorewall6 startup fails as follows: > > [root@ipv6tunl Shorewall]# shorewall6 start > Compiling... > Subroutine insert_irule redefined at /usr/share/shorewall/Shorewall/Rules.pm line 517. > Subroutine imatch_source_dev redefined at /usr/share/shorewall/Shorewall/Rules.pm line 2485. > Global symbol "$comment" requires explicit package name at /usr/share/shorewall/Shorewall/Rules.pm line 536. > Global symbol "$comment" requires explicit package name at /usr/share/shorewall/Shorewall/Rules.pm line 537. > Global symbol "$iprangematch" requires explicit package name at /usr/share/shorewall/Shorewall/Rules.pm line 549. > Global symbol "%capabilities" requires explicit package name at /usr/share/shorewall/Shorewall/Rules.pm line 1490. > Compilation failed in require at /usr/share/shorewall/Shorewall/Tunnels.pm line 31. > BEGIN failed--compilation aborted at /usr/share/shorewall/Shorewall/Tunnels.pm line 31. > Compilation failed in require at /usr/share/shorewall/Shorewall/Compiler.pm line 32. > BEGIN failed--compilation aborted at /usr/share/shorewall/Shorewall/Compiler.pm line 32. > Compilation failed in require at /usr/share/shorewall/compiler.pl line 44. > BEGIN failed--compilation aborted at /usr/share/shorewall/compiler.pl line 44. > [root@ipv6tunl Shorewall]# > > -----Original Message----- > From: Tom Eastep [mailto:te...@sh...] > Sent: Tuesday, August 02, 2011 9:38 AM > To: Shorewall Users; Shorewall Announcements; Shorewall Development > Subject: [Shorewall-users] [PATCH] Nasty bug > > A bug in recent versions of Shorewall can result in rules that are wider in scope than intended. > > If a zone name begins with 'all', then rules referring to that zone are incorrectly handled as if the keyword 'all' had been entered rather than the zone name. > > Shorewall releases affected are 4.4.13 - 4.4.22. > > The attached patch applies to all of these releases. > > a) Save the patch > b) As root, execute this command: > > patch /usr/share/shorewall/Shorewall/Rules.pm < ALL.patch > > The patch will apply with an offset on releases prior to 4.4.22. > > Example (4.4.13): > > patch /usr/share/shorewall/Shorewall/Rules.pm < ~/ALL.patch > patching file /usr/share/shorewall/Shorewall/Rules.pm > Hunk #1 succeeded at 1548 (offset -704 lines). > > -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ |