Debian Patches

Status for shorewall/5.2.8-2

Patch Description Author Forwarded Bugs Origin Last update
01_debian_configuration.patch Customize the shorewall.conf configuration file to be more like what is expected by Debian users. Romain Francoise <> not-needed 2023-01-30
02_remove_deprecated_service_config.patch Drop deprecated "syslog" StandardOutput setting. It has been superseded by "journal" which is the default system-wide setting. Jeremy Sowden <> not-needed 2023-01-08
03_init_script_fix.patch fix `-x` test in init-script SRWL is defined as `/sbin/shorewall -6` which causes a syntax error
when the init-script tests it for executability.
Jeremy Sowden <> yes debian 2023-02-01
04_service_file_documentation.patch add a link to the related man-page to each systemd service file Jeremy Sowden <> yes 2023-02-01
05_manpage_fix.patch fix description of `stop` command .
The end of a sentence is missing.
Jeremy Sowden <> yes 2023-02-01
06_use_stop_service.patch Support `SAFESTOP` under systemd .
By default, stopping the Shorewall service executes `/sbin/shorewall clear`.
The `SAFESTOP` setting in /etc/default/shorewall is intended to stop the
service by calling `/sbin/shorewall stop`.
However, the systemd service files do not support this. Instead, we install a
shell-script that sources /etc/default/shorewall and honours `SAFESTOP` when
stopping Shorewall and patch the service files to call it.
Jeremy Sowden <> yes 2023-01-31
07_iface_addr_parse_fixes.patch fix parsing of `ip address show` output .
Shorewall uses an assortment of grep and sed commands to extract IP
addresses from the output of `ip address show` commands. This is
inherently brittle. This patch replaces some of these with simpler and
more precise awk commands. This is not ideal, either, but a bit more
The preferable solution would be to parse iproute2's structured JSON
output instead, which I will propose upstream. Since this patch is
intended as a stop-gap, I'm not going to forward it.
Jeremy Sowden <> not-needed debian 2023-02-12

All known versions for source package 'shorewall'