X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from smtp.freemail.gr (smtp.freemail.gr [81.171.104.132]) by mail.alpinelinux.org (Postfix) with ESMTP id 13C331846D35 for ; Tue, 4 Oct 2011 06:37:02 +0000 (UTC) Received: from [10.10.10.233] (ppp-94-65-207-5.home.otenet.gr [94.65.207.5]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.freemail.gr (Postfix) with ESMTP id 8B161338F66; Tue, 4 Oct 2011 09:47:00 +0300 (EEST) Message-ID: <4E8AA98A.1060706@freemail.gr> Date: Tue, 04 Oct 2011 09:36:58 +0300 From: Harry Lachanas User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101218 Thunderbird/3.1.7 X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 To: Natanael Copa CC: Alpine Development Subject: [alpine-devel] Shorewall patch that resolves the shorewall ipset+iptables issue Content-Type: multipart/mixed; boundary="------------060707080608060104050004" This is a multi-part message in MIME format. --------------060707080608060104050004 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Alpine 2.2.3 shorewall v4.2.10 iptables v1.4.10 ipset v4.5 iptables complaints about the "-m set --set" and recommends to use "-m set --match-set" syntax. /usr/share/shorewall/lib.cli, /usr/share/shorewall/lib.config and /usr/share/shorewall-shell/compiler need to be patched The patch files are included Please note that previous versions of ipset included the -U option ( unbind ) In the new version I was not able to locate the equivalent options since the "-U" option is not supported anymore. Regards Harry ( Please excuse the quality of the patch files since I am not familiar or using diff etc in in my code ) --------------060707080608060104050004 Content-Type: text/x-patch; name="usr_share_shorewall.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="usr_share_shorewall.patch" --- lib.cli +++ lib.cli @@ -315,8 +315,6 @@ grep 'loadmodule ip_set' ${VARDIR}/.modules >> $f echo "__EOF__" >> $f echo >> $f - echo "ipset -U :all: :all:" >> $f - echo "ipset -U :all: :default:" >> $f echo "ipset -F" >> $f echo "ipset -X" >> $f echo "ipset -R << __EOF__" >> $f --- lib.config +++ lib.config @@ -884,7 +884,7 @@ ;; esac - echo "--set ${setname#+} $options" + echo "--match-set ${setname#+} $options" } # --------------060707080608060104050004 Content-Type: text/x-patch; name="usr_share_shorewall-shell.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="usr_share_shorewall-shell.patch" --- compiler +++ compiler @@ -5627,8 +5627,6 @@ if [ -f \$f ]; then progress_message2 "Restoring IPSETS..." - ipset -U :all: :all: - ipset -U :all: :default: ipset -F ipset -X ipset -R < \$f --------------060707080608060104050004-- --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---