Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory
checked in at 2015-02-08 11:42:29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "shorewall"
Changes:
--------
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-01-24
22:21:14.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-02-08
11:42:31.000000000 +0100
@@ -1,0 +2,16 @@
+Sat Feb 7 01:27:59 UTC 2015 - tog...@opensuse.org
+
+- Update to version 4.6.6.2 For more details see changelog.txt and
+ releasenotes.txt
+
+ * The compiler failed to parse the construct +<ipset>[n] where n is
+ an integer (e.g., +bad[2]).
+
+ * Orion Paplawski has provided a patch that adds 'ko.xz' to the
+ default MODULE_SUFFIX setting. This change deals with recent
+ Fedora releases where the module names now end with ".ko.xz".
+
+ In addition to Orion's patch, the sample configurations have
+ been modified to specify MODULE_SUFFIX="ko ko.xz".
+
+-------------------------------------------------------------------
Old:
----
shorewall-4.6.6.1.tar.bz2
shorewall-core-4.6.6.1.tar.bz2
shorewall-docs-html-4.6.6.1.tar.bz2
shorewall-init-4.6.6.1.tar.bz2
shorewall-lite-4.6.6.1.tar.bz2
shorewall6-4.6.6.1.tar.bz2
shorewall6-lite-4.6.6.1.tar.bz2
New:
----
shorewall-4.6.6.2.tar.bz2
shorewall-core-4.6.6.2.tar.bz2
shorewall-docs-html-4.6.6.2.tar.bz2
shorewall-init-4.6.6.2.tar.bz2
shorewall-lite-4.6.6.2.tar.bz2
shorewall6-4.6.6.2.tar.bz2
shorewall6-lite-4.6.6.2.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ shorewall.spec ++++++
--- /var/tmp/diff_new_pack.BjYFoX/_old 2015-02-08 11:42:33.000000000 +0100
+++ /var/tmp/diff_new_pack.BjYFoX/_new 2015-02-08 11:42:33.000000000 +0100
@@ -20,7 +20,7 @@
%define have_systemd 1
Name: shorewall
-Version: 4.6.6.1
+Version: 4.6.6.2
Release: 0
Summary: Shoreline Firewall is an iptables-based firewall for Linux
systems
License: GPL-2.0
++++++ shorewall-4.6.6.1.tar.bz2 -> shorewall-4.6.6.2.tar.bz2 ++++++
++++ 1601 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Perl/Shorewall/Chains.pm
new/shorewall-4.6.6.2/Perl/Shorewall/Chains.pm
--- old/shorewall-4.6.6.1/Perl/Shorewall/Chains.pm 2015-01-23
17:49:48.000000000 +0100
+++ new/shorewall-4.6.6.2/Perl/Shorewall/Chains.pm 2015-02-06
23:28:17.000000000 +0100
@@ -5510,7 +5510,7 @@
my $rest = '';
- if ( $setname =~ /^(.*)\[([1-6])(?:,(.*))\]$/ ) {
+ if ( $setname =~ /^(.*)\[([1-6])(?:,(.+))?\]$/ ) {
$setname = $1;
my $count = $2;
$rest = $3;
@@ -5535,7 +5535,7 @@
}
}
- if ( $rest ) {
+ if ( supplied $rest ) {
my @extensions = split_list($rest, 'ipset option');
for ( @extensions ) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Perl/Shorewall/Config.pm
new/shorewall-4.6.6.2/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.6.1/Perl/Shorewall/Config.pm 2015-01-23
17:49:49.000000000 +0100
+++ new/shorewall-4.6.6.2/Perl/Shorewall/Config.pm 2015-02-06
23:28:17.000000000 +0100
@@ -713,7 +713,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "4.6.6.1",
+ VERSION => "4.6.6.2",
CAPVERSION => 40606 ,
);
#
@@ -3862,7 +3862,7 @@
close LSMOD;
- $config{MODULE_SUFFIX} = 'o gz ko o.gz ko.gz' unless
$config{MODULE_SUFFIX};
+ $config{MODULE_SUFFIX} = 'o gz xz ko o.gz o.xz ko.gz ko.xz' unless
$config{MODULE_SUFFIX};
my @suffixes = split /\s+/ , $config{MODULE_SUFFIX};
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Samples/Universal/rules.annotated
new/shorewall-4.6.6.2/Samples/Universal/rules.annotated
--- old/shorewall-4.6.6.1/Samples/Universal/rules.annotated 2015-01-23
17:51:32.000000000 +0100
+++ new/shorewall-4.6.6.2/Samples/Universal/rules.annotated 2015-02-06
23:30:00.000000000 +0100
@@ -485,7 +485,8 @@
# any is equivalent to all when there are no nested zones. When there are
# nested zones, any only refers to top-level zones (those with no parent
# zones). Note that any excludes all vserver zones, since those zones are
-# nested within the firewall zone.
+# nested within the firewall zone. Beginning with Shorewall 4.4.13,
exclusion
+# is supported with any -- see see shorewall-exclusion(5).
#
# Hosts may also be specified as an IP address range using the syntax
# lowaddress-highaddress. This requires that your kernel and iptables
contain
@@ -545,6 +546,14 @@
# The primary IP address of eth0 in the firewall zone (Shorewall 4.4.17
# and later).
#
+# loc,dmz
+#
+# Both the loc and dmz zones.
+#
+# all!dmz
+#
+# All but the dmz zone.
+#
# DEST - {zone|zone-list[+]|{all|any}[+][-]}[:{interface|address-or-range[,
#
address-or-range]...[exclusion]|exclusion|+ipset|^countrycode-list}][:port
# [:random]]
@@ -567,15 +576,28 @@
#
# When none is used either in the SOURCE or DEST column, the rule is
ignored.
#
+# all means "All Zones", including the firewall itself. all- means "All
+# Zones, except the firewall itself". When all[-] is used either in the
+# SOURCE or DEST column intra-zone traffic is not affected. When all+[-] is
+# "used, intra-zone traffic is affected. Beginning with Shorewall 4.4.13,
+# exclusion is supported -- see see shorewall6-exclusion(5).
+#
+# any is equivalent to all when there are no nested zones. When there are
+# nested zones, any only refers to top-level zones (those with no parent
+# zones). Note that any excludes all vserver zones, since those zones are
+# nested within the firewall zone.
+#
+# Except when all[+][-] or any[+][-] is specified, clients may be further
+# restricted to a list of networks and/or hosts by appending ":" and a
+# comma-separated list of network and/or host addresses. Hosts may be
+# specified by IP or MAC address; mac addresses must begin with "~" and
must
+# use "-" as a separator.
+#
# When all is used either in the SOURCE or DEST column intra-zone traffic
is
# not affected. When all+ is used, intra-zone traffic is affected.
Beginning
# with Shorewall 4.4.13, exclusion is supported -- see see
# shorewall-exclusion(5).
#
-# any is equivalent to all when there are no nested zones. When there are
-# nested zones, any only refers to top-level zones (those with no parent
-# zones).
-#
# The zone should be omitted in DNAT-, REDIRECT- and NONAT rules.
#
# If the DEST zone is a bport zone, then either:
@@ -588,9 +610,9 @@
# c. the SOURCE zone must be an ipv4 zone that is associated with only the
# same bridge.
#
-# Except when all[+]|[-] is specified, the server may be further restricted
-# to a particular network, host or interface by appending ":" and the
-# network, host or interface. See SOURCE above.
+# Except when {all|any}[+]|[-] is specified, the server may be further
+# restricted to a particular network, host or interface by appending ":"
and
+# the network, host or interface. See SOURCE above.
#
# You may exclude certain hosts from the set already defined through use of
# an exclusion (see shorewall-exclusion(5)).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Samples/Universal/shorewall.conf
new/shorewall-4.6.6.2/Samples/Universal/shorewall.conf
--- old/shorewall-4.6.6.1/Samples/Universal/shorewall.conf 2015-01-23
17:18:30.000000000 +0100
+++ new/shorewall-4.6.6.2/Samples/Universal/shorewall.conf 2015-02-06
21:56:35.000000000 +0100
@@ -188,7 +188,7 @@
MARK_IN_FORWARD_CHAIN=No
-MODULE_SUFFIX=ko
+MODULE_SUFFIX="ko ko.xz"
MULTICAST=No
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Samples/Universal/shorewall.conf.annotated
new/shorewall-4.6.6.2/Samples/Universal/shorewall.conf.annotated
--- old/shorewall-4.6.6.1/Samples/Universal/shorewall.conf.annotated
2015-01-23 17:51:33.000000000 +0100
+++ new/shorewall-4.6.6.2/Samples/Universal/shorewall.conf.annotated
2015-02-06 23:30:01.000000000 +0100
@@ -1148,12 +1148,12 @@
# option is not specified or if it is given the empty value (e.g.,
# MARK_IN_FORWARD_CHAIN="") then MARK_IN_FORWARD_CHAIN=No is assumed.
#
-MODULE_SUFFIX=ko
+MODULE_SUFFIX="ko ko.xz"
#
# MODULE_SUFFIX=["extension ..."]
#
# The value of this option determines the possible file extensions of
kernel
-# modules. The default value is "ko ko.gz o o.gz gz".
+# modules. The default value is "ko ko.gz ko.xz o o.gz o.xz gz xz".
#
MULTICAST=No
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Samples/one-interface/rules.annotated
new/shorewall-4.6.6.2/Samples/one-interface/rules.annotated
--- old/shorewall-4.6.6.1/Samples/one-interface/rules.annotated 2015-01-23
17:51:17.000000000 +0100
+++ new/shorewall-4.6.6.2/Samples/one-interface/rules.annotated 2015-02-06
23:29:45.000000000 +0100
@@ -489,7 +489,8 @@
# any is equivalent to all when there are no nested zones. When there are
# nested zones, any only refers to top-level zones (those with no parent
# zones). Note that any excludes all vserver zones, since those zones are
-# nested within the firewall zone.
+# nested within the firewall zone. Beginning with Shorewall 4.4.13,
exclusion
+# is supported with any -- see see shorewall-exclusion(5).
#
# Hosts may also be specified as an IP address range using the syntax
# lowaddress-highaddress. This requires that your kernel and iptables
contain
@@ -549,6 +550,14 @@
# The primary IP address of eth0 in the firewall zone (Shorewall 4.4.17
# and later).
#
+# loc,dmz
+#
+# Both the loc and dmz zones.
+#
+# all!dmz
+#
+# All but the dmz zone.
+#
# DEST - {zone|zone-list[+]|{all|any}[+][-]}[:{interface|address-or-range[,
#
address-or-range]...[exclusion]|exclusion|+ipset|^countrycode-list}][:port
# [:random]]
@@ -571,15 +580,28 @@
#
# When none is used either in the SOURCE or DEST column, the rule is
ignored.
#
+# all means "All Zones", including the firewall itself. all- means "All
+# Zones, except the firewall itself". When all[-] is used either in the
+# SOURCE or DEST column intra-zone traffic is not affected. When all+[-] is
+# "used, intra-zone traffic is affected. Beginning with Shorewall 4.4.13,
+# exclusion is supported -- see see shorewall6-exclusion(5).
+#
+# any is equivalent to all when there are no nested zones. When there are
+# nested zones, any only refers to top-level zones (those with no parent
+# zones). Note that any excludes all vserver zones, since those zones are
+# nested within the firewall zone.
+#
+# Except when all[+][-] or any[+][-] is specified, clients may be further
+# restricted to a list of networks and/or hosts by appending ":" and a
+# comma-separated list of network and/or host addresses. Hosts may be
+# specified by IP or MAC address; mac addresses must begin with "~" and
must
+# use "-" as a separator.
+#
# When all is used either in the SOURCE or DEST column intra-zone traffic
is
# not affected. When all+ is used, intra-zone traffic is affected.
Beginning
# with Shorewall 4.4.13, exclusion is supported -- see see
# shorewall-exclusion(5).
#
-# any is equivalent to all when there are no nested zones. When there are
-# nested zones, any only refers to top-level zones (those with no parent
-# zones).
-#
# The zone should be omitted in DNAT-, REDIRECT- and NONAT rules.
#
# If the DEST zone is a bport zone, then either:
@@ -592,9 +614,9 @@
# c. the SOURCE zone must be an ipv4 zone that is associated with only the
# same bridge.
#
-# Except when all[+]|[-] is specified, the server may be further restricted
-# to a particular network, host or interface by appending ":" and the
-# network, host or interface. See SOURCE above.
+# Except when {all|any}[+]|[-] is specified, the server may be further
+# restricted to a particular network, host or interface by appending ":"
and
+# the network, host or interface. See SOURCE above.
#
# You may exclude certain hosts from the set already defined through use of
# an exclusion (see shorewall-exclusion(5)).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Samples/one-interface/shorewall.conf
new/shorewall-4.6.6.2/Samples/one-interface/shorewall.conf
--- old/shorewall-4.6.6.1/Samples/one-interface/shorewall.conf 2015-01-23
17:18:30.000000000 +0100
+++ new/shorewall-4.6.6.2/Samples/one-interface/shorewall.conf 2015-02-06
21:56:35.000000000 +0100
@@ -199,7 +199,7 @@
MARK_IN_FORWARD_CHAIN=No
-MODULE_SUFFIX=ko
+MODULE_SUFFIX="ko ko.xz"
MULTICAST=No
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Samples/one-interface/shorewall.conf.annotated
new/shorewall-4.6.6.2/Samples/one-interface/shorewall.conf.annotated
--- old/shorewall-4.6.6.1/Samples/one-interface/shorewall.conf.annotated
2015-01-23 17:51:18.000000000 +0100
+++ new/shorewall-4.6.6.2/Samples/one-interface/shorewall.conf.annotated
2015-02-06 23:29:46.000000000 +0100
@@ -1159,12 +1159,12 @@
# option is not specified or if it is given the empty value (e.g.,
# MARK_IN_FORWARD_CHAIN="") then MARK_IN_FORWARD_CHAIN=No is assumed.
#
-MODULE_SUFFIX=ko
+MODULE_SUFFIX="ko ko.xz"
#
# MODULE_SUFFIX=["extension ..."]
#
# The value of this option determines the possible file extensions of
kernel
-# modules. The default value is "ko ko.gz o o.gz gz".
+# modules. The default value is "ko ko.gz ko.xz o o.gz o.xz gz xz".
#
MULTICAST=No
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Samples/three-interfaces/rules.annotated
new/shorewall-4.6.6.2/Samples/three-interfaces/rules.annotated
--- old/shorewall-4.6.6.1/Samples/three-interfaces/rules.annotated
2015-01-23 17:51:22.000000000 +0100
+++ new/shorewall-4.6.6.2/Samples/three-interfaces/rules.annotated
2015-02-06 23:29:50.000000000 +0100
@@ -489,7 +489,8 @@
# any is equivalent to all when there are no nested zones. When there are
# nested zones, any only refers to top-level zones (those with no parent
# zones). Note that any excludes all vserver zones, since those zones are
-# nested within the firewall zone.
+# nested within the firewall zone. Beginning with Shorewall 4.4.13,
exclusion
+# is supported with any -- see see shorewall-exclusion(5).
#
# Hosts may also be specified as an IP address range using the syntax
# lowaddress-highaddress. This requires that your kernel and iptables
contain
@@ -549,6 +550,14 @@
# The primary IP address of eth0 in the firewall zone (Shorewall 4.4.17
# and later).
#
+# loc,dmz
+#
+# Both the loc and dmz zones.
+#
+# all!dmz
+#
+# All but the dmz zone.
+#
# DEST - {zone|zone-list[+]|{all|any}[+][-]}[:{interface|address-or-range[,
#
address-or-range]...[exclusion]|exclusion|+ipset|^countrycode-list}][:port
# [:random]]
@@ -571,15 +580,28 @@
#
# When none is used either in the SOURCE or DEST column, the rule is
ignored.
#
+# all means "All Zones", including the firewall itself. all- means "All
+# Zones, except the firewall itself". When all[-] is used either in the
+# SOURCE or DEST column intra-zone traffic is not affected. When all+[-] is
+# "used, intra-zone traffic is affected. Beginning with Shorewall 4.4.13,
+# exclusion is supported -- see see shorewall6-exclusion(5).
+#
+# any is equivalent to all when there are no nested zones. When there are
+# nested zones, any only refers to top-level zones (those with no parent
+# zones). Note that any excludes all vserver zones, since those zones are
+# nested within the firewall zone.
+#
+# Except when all[+][-] or any[+][-] is specified, clients may be further
+# restricted to a list of networks and/or hosts by appending ":" and a
+# comma-separated list of network and/or host addresses. Hosts may be
+# specified by IP or MAC address; mac addresses must begin with "~" and
must
+# use "-" as a separator.
+#
# When all is used either in the SOURCE or DEST column intra-zone traffic
is
# not affected. When all+ is used, intra-zone traffic is affected.
Beginning
# with Shorewall 4.4.13, exclusion is supported -- see see
# shorewall-exclusion(5).
#
-# any is equivalent to all when there are no nested zones. When there are
-# nested zones, any only refers to top-level zones (those with no parent
-# zones).
-#
# The zone should be omitted in DNAT-, REDIRECT- and NONAT rules.
#
# If the DEST zone is a bport zone, then either:
@@ -592,9 +614,9 @@
# c. the SOURCE zone must be an ipv4 zone that is associated with only the
# same bridge.
#
-# Except when all[+]|[-] is specified, the server may be further restricted
-# to a particular network, host or interface by appending ":" and the
-# network, host or interface. See SOURCE above.
+# Except when {all|any}[+]|[-] is specified, the server may be further
+# restricted to a particular network, host or interface by appending ":"
and
+# the network, host or interface. See SOURCE above.
#
# You may exclude certain hosts from the set already defined through use of
# an exclusion (see shorewall-exclusion(5)).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Samples/three-interfaces/shorewall.conf
new/shorewall-4.6.6.2/Samples/three-interfaces/shorewall.conf
--- old/shorewall-4.6.6.1/Samples/three-interfaces/shorewall.conf
2015-01-23 17:18:30.000000000 +0100
+++ new/shorewall-4.6.6.2/Samples/three-interfaces/shorewall.conf
2015-02-06 21:56:35.000000000 +0100
@@ -196,7 +196,7 @@
MARK_IN_FORWARD_CHAIN=No
-MODULE_SUFFIX=ko
+MODULE_SUFFIX="ko ko.xz"
MULTICAST=No
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Samples/three-interfaces/shorewall.conf.annotated
new/shorewall-4.6.6.2/Samples/three-interfaces/shorewall.conf.annotated
--- old/shorewall-4.6.6.1/Samples/three-interfaces/shorewall.conf.annotated
2015-01-23 17:51:23.000000000 +0100
+++ new/shorewall-4.6.6.2/Samples/three-interfaces/shorewall.conf.annotated
2015-02-06 23:29:51.000000000 +0100
@@ -1157,12 +1157,12 @@
# option is not specified or if it is given the empty value (e.g.,
# MARK_IN_FORWARD_CHAIN="") then MARK_IN_FORWARD_CHAIN=No is assumed.
#
-MODULE_SUFFIX=ko
+MODULE_SUFFIX="ko ko.xz"
#
# MODULE_SUFFIX=["extension ..."]
#
# The value of this option determines the possible file extensions of
kernel
-# modules. The default value is "ko ko.gz o o.gz gz".
+# modules. The default value is "ko ko.gz ko.xz o o.gz o.xz gz xz".
#
MULTICAST=No
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Samples/two-interfaces/rules.annotated
new/shorewall-4.6.6.2/Samples/two-interfaces/rules.annotated
--- old/shorewall-4.6.6.1/Samples/two-interfaces/rules.annotated
2015-01-23 17:51:27.000000000 +0100
+++ new/shorewall-4.6.6.2/Samples/two-interfaces/rules.annotated
2015-02-06 23:29:55.000000000 +0100
@@ -489,7 +489,8 @@
# any is equivalent to all when there are no nested zones. When there are
# nested zones, any only refers to top-level zones (those with no parent
# zones). Note that any excludes all vserver zones, since those zones are
-# nested within the firewall zone.
+# nested within the firewall zone. Beginning with Shorewall 4.4.13,
exclusion
+# is supported with any -- see see shorewall-exclusion(5).
#
# Hosts may also be specified as an IP address range using the syntax
# lowaddress-highaddress. This requires that your kernel and iptables
contain
@@ -549,6 +550,14 @@
# The primary IP address of eth0 in the firewall zone (Shorewall 4.4.17
# and later).
#
+# loc,dmz
+#
+# Both the loc and dmz zones.
+#
+# all!dmz
+#
+# All but the dmz zone.
+#
# DEST - {zone|zone-list[+]|{all|any}[+][-]}[:{interface|address-or-range[,
#
address-or-range]...[exclusion]|exclusion|+ipset|^countrycode-list}][:port
# [:random]]
@@ -571,15 +580,28 @@
#
# When none is used either in the SOURCE or DEST column, the rule is
ignored.
#
+# all means "All Zones", including the firewall itself. all- means "All
+# Zones, except the firewall itself". When all[-] is used either in the
+# SOURCE or DEST column intra-zone traffic is not affected. When all+[-] is
+# "used, intra-zone traffic is affected. Beginning with Shorewall 4.4.13,
+# exclusion is supported -- see see shorewall6-exclusion(5).
+#
+# any is equivalent to all when there are no nested zones. When there are
+# nested zones, any only refers to top-level zones (those with no parent
+# zones). Note that any excludes all vserver zones, since those zones are
+# nested within the firewall zone.
+#
+# Except when all[+][-] or any[+][-] is specified, clients may be further
+# restricted to a list of networks and/or hosts by appending ":" and a
+# comma-separated list of network and/or host addresses. Hosts may be
+# specified by IP or MAC address; mac addresses must begin with "~" and
must
+# use "-" as a separator.
+#
# When all is used either in the SOURCE or DEST column intra-zone traffic
is
# not affected. When all+ is used, intra-zone traffic is affected.
Beginning
# with Shorewall 4.4.13, exclusion is supported -- see see
# shorewall-exclusion(5).
#
-# any is equivalent to all when there are no nested zones. When there are
-# nested zones, any only refers to top-level zones (those with no parent
-# zones).
-#
# The zone should be omitted in DNAT-, REDIRECT- and NONAT rules.
#
# If the DEST zone is a bport zone, then either:
@@ -592,9 +614,9 @@
# c. the SOURCE zone must be an ipv4 zone that is associated with only the
# same bridge.
#
-# Except when all[+]|[-] is specified, the server may be further restricted
-# to a particular network, host or interface by appending ":" and the
-# network, host or interface. See SOURCE above.
+# Except when {all|any}[+]|[-] is specified, the server may be further
+# restricted to a particular network, host or interface by appending ":"
and
+# the network, host or interface. See SOURCE above.
#
# You may exclude certain hosts from the set already defined through use of
# an exclusion (see shorewall-exclusion(5)).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Samples/two-interfaces/shorewall.conf
new/shorewall-4.6.6.2/Samples/two-interfaces/shorewall.conf
--- old/shorewall-4.6.6.1/Samples/two-interfaces/shorewall.conf 2015-01-23
17:18:30.000000000 +0100
+++ new/shorewall-4.6.6.2/Samples/two-interfaces/shorewall.conf 2015-02-06
21:56:35.000000000 +0100
@@ -199,7 +199,7 @@
MARK_IN_FORWARD_CHAIN=No
-MODULE_SUFFIX=ko
+MODULE_SUFFIX="ko ko.xz"
MULTICAST=No
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/Samples/two-interfaces/shorewall.conf.annotated
new/shorewall-4.6.6.2/Samples/two-interfaces/shorewall.conf.annotated
--- old/shorewall-4.6.6.1/Samples/two-interfaces/shorewall.conf.annotated
2015-01-23 17:51:28.000000000 +0100
+++ new/shorewall-4.6.6.2/Samples/two-interfaces/shorewall.conf.annotated
2015-02-06 23:29:56.000000000 +0100
@@ -1159,12 +1159,12 @@
# option is not specified or if it is given the empty value (e.g.,
# MARK_IN_FORWARD_CHAIN="") then MARK_IN_FORWARD_CHAIN=No is assumed.
#
-MODULE_SUFFIX=ko
+MODULE_SUFFIX="ko ko.xz"
#
# MODULE_SUFFIX=["extension ..."]
#
# The value of this option determines the possible file extensions of
kernel
-# modules. The default value is "ko ko.gz o o.gz gz".
+# modules. The default value is "ko ko.gz ko.xz o o.gz o.xz gz xz".
#
MULTICAST=No
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/changelog.txt new/shorewall-4.6.6.2/changelog.txt
--- old/shorewall-4.6.6.1/changelog.txt 2015-01-23 17:49:48.000000000 +0100
+++ new/shorewall-4.6.6.2/changelog.txt 2015-02-06 23:28:17.000000000 +0100
@@ -1,3 +1,15 @@
+Changes in 4.6.6.2
+
+1) Update release documents.
+
+2) Clarify Zone Exclusion
+
+3) Correct handling of +set[n]
+
+4) Apply Orion Paplawski's MODULE_SUFFIX patch.
+
+5) Update MODULE_SUFFIX="ko ko.xz" in samples.
+
Changes in 4.6.6.1
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/configfiles/rules.annotated
new/shorewall-4.6.6.2/configfiles/rules.annotated
--- old/shorewall-4.6.6.1/configfiles/rules.annotated 2015-01-23
17:51:08.000000000 +0100
+++ new/shorewall-4.6.6.2/configfiles/rules.annotated 2015-02-06
23:29:36.000000000 +0100
@@ -485,7 +485,8 @@
# any is equivalent to all when there are no nested zones. When there are
# nested zones, any only refers to top-level zones (those with no parent
# zones). Note that any excludes all vserver zones, since those zones are
-# nested within the firewall zone.
+# nested within the firewall zone. Beginning with Shorewall 4.4.13,
exclusion
+# is supported with any -- see see shorewall-exclusion(5).
#
# Hosts may also be specified as an IP address range using the syntax
# lowaddress-highaddress. This requires that your kernel and iptables
contain
@@ -545,6 +546,14 @@
# The primary IP address of eth0 in the firewall zone (Shorewall 4.4.17
# and later).
#
+# loc,dmz
+#
+# Both the loc and dmz zones.
+#
+# all!dmz
+#
+# All but the dmz zone.
+#
# DEST - {zone|zone-list[+]|{all|any}[+][-]}[:{interface|address-or-range[,
#
address-or-range]...[exclusion]|exclusion|+ipset|^countrycode-list}][:port
# [:random]]
@@ -567,15 +576,28 @@
#
# When none is used either in the SOURCE or DEST column, the rule is
ignored.
#
+# all means "All Zones", including the firewall itself. all- means "All
+# Zones, except the firewall itself". When all[-] is used either in the
+# SOURCE or DEST column intra-zone traffic is not affected. When all+[-] is
+# "used, intra-zone traffic is affected. Beginning with Shorewall 4.4.13,
+# exclusion is supported -- see see shorewall6-exclusion(5).
+#
+# any is equivalent to all when there are no nested zones. When there are
+# nested zones, any only refers to top-level zones (those with no parent
+# zones). Note that any excludes all vserver zones, since those zones are
+# nested within the firewall zone.
+#
+# Except when all[+][-] or any[+][-] is specified, clients may be further
+# restricted to a list of networks and/or hosts by appending ":" and a
+# comma-separated list of network and/or host addresses. Hosts may be
+# specified by IP or MAC address; mac addresses must begin with "~" and
must
+# use "-" as a separator.
+#
# When all is used either in the SOURCE or DEST column intra-zone traffic
is
# not affected. When all+ is used, intra-zone traffic is affected.
Beginning
# with Shorewall 4.4.13, exclusion is supported -- see see
# shorewall-exclusion(5).
#
-# any is equivalent to all when there are no nested zones. When there are
-# nested zones, any only refers to top-level zones (those with no parent
-# zones).
-#
# The zone should be omitted in DNAT-, REDIRECT- and NONAT rules.
#
# If the DEST zone is a bport zone, then either:
@@ -588,9 +610,9 @@
# c. the SOURCE zone must be an ipv4 zone that is associated with only the
# same bridge.
#
-# Except when all[+]|[-] is specified, the server may be further restricted
-# to a particular network, host or interface by appending ":" and the
-# network, host or interface. See SOURCE above.
+# Except when {all|any}[+]|[-] is specified, the server may be further
+# restricted to a particular network, host or interface by appending ":"
and
+# the network, host or interface. See SOURCE above.
#
# You may exclude certain hosts from the set already defined through use of
# an exclusion (see shorewall-exclusion(5)).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/configfiles/shorewall.conf.annotated
new/shorewall-4.6.6.2/configfiles/shorewall.conf.annotated
--- old/shorewall-4.6.6.1/configfiles/shorewall.conf.annotated 2015-01-23
17:51:10.000000000 +0100
+++ new/shorewall-4.6.6.2/configfiles/shorewall.conf.annotated 2015-02-06
23:29:38.000000000 +0100
@@ -1153,7 +1153,7 @@
# MODULE_SUFFIX=["extension ..."]
#
# The value of this option determines the possible file extensions of
kernel
-# modules. The default value is "ko ko.gz o o.gz gz".
+# modules. The default value is "ko ko.gz ko.xz o o.gz o.xz gz xz".
#
MULTICAST=No
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/configure.pl new/shorewall-4.6.6.2/configure.pl
--- old/shorewall-4.6.6.1/configure.pl 2015-01-23 17:49:48.000000000 +0100
+++ new/shorewall-4.6.6.2/configure.pl 2015-02-06 23:28:17.000000000 +0100
@@ -31,7 +31,7 @@
# Build updates this
#
use constant {
- VERSION => '4.6.6.1'
+ VERSION => '4.6.6.2'
};
my %params;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/install.sh new/shorewall-4.6.6.2/install.sh
--- old/shorewall-4.6.6.1/install.sh 2015-01-23 17:49:48.000000000 +0100
+++ new/shorewall-4.6.6.2/install.sh 2015-02-06 23:28:17.000000000 +0100
@@ -22,7 +22,7 @@
# along with this program; if not, see <http://www.gnu.org/licenses/>.
#
-VERSION=4.6.6.1
+VERSION=4.6.6.2
#
# Change to the directory containing this script
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/known_problems.txt
new/shorewall-4.6.6.2/known_problems.txt
--- old/shorewall-4.6.6.1/known_problems.txt 2015-01-23 17:49:48.000000000
+0100
+++ new/shorewall-4.6.6.2/known_problems.txt 2015-02-06 23:28:17.000000000
+0100
@@ -28,3 +28,9 @@
${VARDIR}/lock.
Corrected in 4.6.6.1
+
+7) The compiler fails to parse the construct +<ipset>[n] where n is an
+ integer (e.g., +bad[2]).
+
+ Corrected in 4.6.6.2
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-accounting.5
new/shorewall-4.6.6.2/manpages/shorewall-accounting.5
--- old/shorewall-4.6.6.1/manpages/shorewall-accounting.5 2015-01-23
17:49:51.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-accounting.5 2015-02-06
23:28:19.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-accounting
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ACCOUNTIN" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-ACCOUNTIN" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-actions.5
new/shorewall-4.6.6.2/manpages/shorewall-actions.5
--- old/shorewall-4.6.6.1/manpages/shorewall-actions.5 2015-01-23
17:49:52.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-actions.5 2015-02-06
23:28:21.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-actions
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ACTIONS" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-ACTIONS" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-arprules.5
new/shorewall-4.6.6.2/manpages/shorewall-arprules.5
--- old/shorewall-4.6.6.1/manpages/shorewall-arprules.5 2015-01-23
17:49:54.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-arprules.5 2015-02-06
23:28:22.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-arprules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ARPRULES" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-ARPRULES" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-blacklist.5
new/shorewall-4.6.6.2/manpages/shorewall-blacklist.5
--- old/shorewall-4.6.6.1/manpages/shorewall-blacklist.5 2015-01-23
17:49:55.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-blacklist.5 2015-02-06
23:28:23.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-blacklist
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-BLACKLIST" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-BLACKLIST" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-blrules.5
new/shorewall-4.6.6.2/manpages/shorewall-blrules.5
--- old/shorewall-4.6.6.1/manpages/shorewall-blrules.5 2015-01-23
17:49:56.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-blrules.5 2015-02-06
23:28:25.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-blrules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-BLRULES" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-BLRULES" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-conntrack.5
new/shorewall-4.6.6.2/manpages/shorewall-conntrack.5
--- old/shorewall-4.6.6.1/manpages/shorewall-conntrack.5 2015-01-23
17:50:03.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-conntrack.5 2015-02-06
23:28:31.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall6-conntrack
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-CONNTRAC" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL6\-CONNTRAC" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-ecn.5
new/shorewall-4.6.6.2/manpages/shorewall-ecn.5
--- old/shorewall-4.6.6.1/manpages/shorewall-ecn.5 2015-01-23
17:50:04.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-ecn.5 2015-02-06
23:28:33.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-ecn
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ECN" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-ECN" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-exclusion.5
new/shorewall-4.6.6.2/manpages/shorewall-exclusion.5
--- old/shorewall-4.6.6.1/manpages/shorewall-exclusion.5 2015-01-23
17:50:05.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-exclusion.5 2015-02-06
23:28:34.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-exclusion
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-EXCLUSION" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-EXCLUSION" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-hosts.5
new/shorewall-4.6.6.2/manpages/shorewall-hosts.5
--- old/shorewall-4.6.6.1/manpages/shorewall-hosts.5 2015-01-23
17:50:07.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-hosts.5 2015-02-06
23:28:35.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-hosts
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-HOSTS" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-HOSTS" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-init.8
new/shorewall-4.6.6.2/manpages/shorewall-init.8
--- old/shorewall-4.6.6.1/manpages/shorewall-init.8 2015-01-23
17:50:08.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-init.8 2015-02-06
23:28:37.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-init
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Administrative Commands
.\" Source: Administrative Commands
.\" Language: English
.\"
-.TH "SHOREWALL\-INIT" "8" "01/23/2015" "Administrative Commands"
"Administrative Commands"
+.TH "SHOREWALL\-INIT" "8" "02/06/2015" "Administrative Commands"
"Administrative Commands"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-interfaces.5
new/shorewall-4.6.6.2/manpages/shorewall-interfaces.5
--- old/shorewall-4.6.6.1/manpages/shorewall-interfaces.5 2015-01-23
17:50:10.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-interfaces.5 2015-02-06
23:28:38.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-interfaces
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-INTERFACE" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-INTERFACE" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-ipsets.5
new/shorewall-4.6.6.2/manpages/shorewall-ipsets.5
--- old/shorewall-4.6.6.1/manpages/shorewall-ipsets.5 2015-01-23
17:50:11.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-ipsets.5 2015-02-06
23:28:40.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-ipsets
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-IPSETS" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-IPSETS" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-maclist.5
new/shorewall-4.6.6.2/manpages/shorewall-maclist.5
--- old/shorewall-4.6.6.1/manpages/shorewall-maclist.5 2015-01-23
17:50:13.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-maclist.5 2015-02-06
23:28:41.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-maclist
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-MACLIST" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-MACLIST" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-mangle.5
new/shorewall-4.6.6.2/manpages/shorewall-mangle.5
--- old/shorewall-4.6.6.1/manpages/shorewall-mangle.5 2015-01-23
17:50:14.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-mangle.5 2015-02-06
23:28:43.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-mangle
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-MANGLE" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-MANGLE" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-masq.5
new/shorewall-4.6.6.2/manpages/shorewall-masq.5
--- old/shorewall-4.6.6.1/manpages/shorewall-masq.5 2015-01-23
17:50:16.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-masq.5 2015-02-06
23:28:44.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-masq
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-MASQ" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-MASQ" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-modules.5
new/shorewall-4.6.6.2/manpages/shorewall-modules.5
--- old/shorewall-4.6.6.1/manpages/shorewall-modules.5 2015-01-23
17:50:17.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-modules.5 2015-02-06
23:28:46.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-modules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-MODULES" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-MODULES" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-nat.5
new/shorewall-4.6.6.2/manpages/shorewall-nat.5
--- old/shorewall-4.6.6.1/manpages/shorewall-nat.5 2015-01-23
17:50:19.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-nat.5 2015-02-06
23:28:47.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-nat
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-NAT" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-NAT" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-nesting.5
new/shorewall-4.6.6.2/manpages/shorewall-nesting.5
--- old/shorewall-4.6.6.1/manpages/shorewall-nesting.5 2015-01-23
17:50:20.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-nesting.5 2015-02-06
23:28:48.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-nesting
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-NESTING" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-NESTING" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-netmap.5
new/shorewall-4.6.6.2/manpages/shorewall-netmap.5
--- old/shorewall-4.6.6.1/manpages/shorewall-netmap.5 2015-01-23
17:50:21.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-netmap.5 2015-02-06
23:28:50.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-netmap
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-NETMAP" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-NETMAP" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-params.5
new/shorewall-4.6.6.2/manpages/shorewall-params.5
--- old/shorewall-4.6.6.1/manpages/shorewall-params.5 2015-01-23
17:50:23.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-params.5 2015-02-06
23:28:51.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-params
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-PARAMS" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-PARAMS" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-policy.5
new/shorewall-4.6.6.2/manpages/shorewall-policy.5
--- old/shorewall-4.6.6.1/manpages/shorewall-policy.5 2015-01-23
17:50:24.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-policy.5 2015-02-06
23:28:53.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-policy
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-POLICY" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-POLICY" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-providers.5
new/shorewall-4.6.6.2/manpages/shorewall-providers.5
--- old/shorewall-4.6.6.1/manpages/shorewall-providers.5 2015-01-23
17:50:26.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-providers.5 2015-02-06
23:28:54.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-providers
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-PROVIDERS" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-PROVIDERS" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-proxyarp.5
new/shorewall-4.6.6.2/manpages/shorewall-proxyarp.5
--- old/shorewall-4.6.6.1/manpages/shorewall-proxyarp.5 2015-01-23
17:50:27.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-proxyarp.5 2015-02-06
23:28:55.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-proxyarp
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-PROXYARP" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-PROXYARP" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-routes.5
new/shorewall-4.6.6.2/manpages/shorewall-routes.5
--- old/shorewall-4.6.6.1/manpages/shorewall-routes.5 2015-01-23
17:50:30.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-routes.5 2015-02-06
23:28:58.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-routes
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ROUTES" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-ROUTES" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-routestopped.5
new/shorewall-4.6.6.2/manpages/shorewall-routestopped.5
--- old/shorewall-4.6.6.1/manpages/shorewall-routestopped.5 2015-01-23
17:50:28.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-routestopped.5 2015-02-06
23:28:57.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-routestopped
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ROUTESTOP" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-ROUTESTOP" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-rtrules.5
new/shorewall-4.6.6.2/manpages/shorewall-rtrules.5
--- old/shorewall-4.6.6.1/manpages/shorewall-rtrules.5 2015-01-23
17:50:31.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-rtrules.5 2015-02-06
23:28:59.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-rtrules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-RTRULES" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-RTRULES" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-rules.5
new/shorewall-4.6.6.2/manpages/shorewall-rules.5
--- old/shorewall-4.6.6.1/manpages/shorewall-rules.5 2015-01-23
17:50:34.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-rules.5 2015-02-06
23:29:02.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-rules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-RULES" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-RULES" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -658,7 +658,10 @@
\fBany\fR
only refers to top\-level zones (those with no parent zones)\&. Note that
\fBany\fR
-excludes all vserver zones, since those zones are nested within the firewall
zone\&.
+excludes all vserver zones, since those zones are nested within the firewall
zone\&. Beginning with Shorewall 4\&.4\&.13, exclusion is supported with
+\fBany\fR
+\-\- see see
+\m[blue]\fBshorewall\-exclusion\fR\m[]\&\s-2\u[7]\d\s+2(5)\&.
.sp
Hosts may also be specified as an IP address range using the syntax
\fIlowaddress\fR\-\fIhighaddress\fR\&. This requires that your kernel and
iptables contain iprange match support\&. If your kernel and iptables have
ipset match support then you may give the name of an ipset prefaced by "+"\&.
The ipset name may be optionally followed by a number from 1 to 6 enclosed in
square brackets ([]) to indicate the number of levels of source bindings to be
matched\&.
@@ -722,9 +725,22 @@
.RS 4
The primary IP address of eth0 in the firewall zone (Shorewall 4\&.4\&.17 and
later)\&.
.RE
+.PP
+loc,dmz
+.RS 4
+Both the
+\fBloc\fR
+and
+\fBdmz\fR
+zones\&.
.RE
.PP
+all!dmz
.RS 4
+All but the
+\fBdmz\fR
+zone\&.
+.RE
.RE
.PP
\fBDEST\fR \-
{\fIzone\fR|\fIzone\-list\fR[+]|{\fBall\fR|\fBany\fR}[\fB+\fR][\fB\-\fR]}\fB[:{\fR\fIinterface\fR|\fIaddress\-or\-range\fR[,\fIaddress\-or\-range\fR]\&.\&.\&.[\fIexclusion\fR]|\fIexclusion\fR|\fB+\fR\fIipset\fR|\fI^countrycode\-list\fR}][\fB:\fR\fIport\fR[:\fBrandom\fR]]
@@ -761,23 +777,41 @@
\fBDEST\fR
column, the rule is ignored\&.
.sp
-When
\fBall\fR
-is used either in the
+means "All Zones", including the firewall itself\&.
+\fBall\-\fR
+means "All Zones, except the firewall itself"\&. When
+\fBall\fR[\fB\-\fR] is used either in the
\fBSOURCE\fR
or
\fBDEST\fR
column intra\-zone traffic is not affected\&. When
-\fBall+\fR
-is used, intra\-zone traffic is affected\&. Beginning with Shorewall
4\&.4\&.13, exclusion is supported \-\- see see
-\m[blue]\fBshorewall\-exclusion\fR\m[]\&\s-2\u[7]\d\s+2(5)\&.
+\fBall+\fR[\fB\-\fR] is "used, intra\-zone traffic is affected\&. Beginning
with Shorewall 4\&.4\&.13, exclusion is supported \-\- see see
+\m[blue]\fBshorewall6\-exclusion\fR\m[]\&\s-2\u[10]\d\s+2(5)\&.
.sp
\fBany\fR
is equivalent to
\fBall\fR
when there are no nested zones\&. When there are nested zones,
\fBany\fR
-only refers to top\-level zones (those with no parent zones)\&.
+only refers to top\-level zones (those with no parent zones)\&. Note that
+\fBany\fR
+excludes all vserver zones, since those zones are nested within the firewall
zone\&.
+.sp
+Except when
+\fBall\fR[\fB+\fR][\fB\-\fR] or
+\fBany\fR[\fB+\fR][\fB\-\fR] is specified, clients may be further restricted
to a list of networks and/or hosts by appending ":" and a comma\-separated list
of network and/or host addresses\&. Hosts may be specified by IP or MAC
address; mac addresses must begin with "~" and must use "\-" as a separator\&.
+.sp
+When
+\fBall\fR
+is used either in the
+\fBSOURCE\fR
+or
+\fBDEST\fR
+column intra\-zone traffic is not affected\&. When
+\fBall+\fR
+is used, intra\-zone traffic is affected\&. Beginning with Shorewall
4\&.4\&.13, exclusion is supported \-\- see see
+\m[blue]\fBshorewall\-exclusion\fR\m[]\&\s-2\u[7]\d\s+2(5)\&.
.sp
The
\fIzone\fR
@@ -826,7 +860,7 @@
.RE
.sp
Except when
-\fBall\fR[\fB+]|[\-\fR] is specified, the server may be further restricted to
a particular network, host or interface by appending ":" and the network, host
or interface\&. See
+\fB{all|any}\fR[\fB+]|[\-\fR] is specified, the server may be further
restricted to a particular network, host or interface by appending ":" and the
network, host or interface\&. See
\fBSOURCE\fR
above\&.
.sp
@@ -909,7 +943,7 @@
.RS 4
Optional destination Ports\&. A comma\-separated list of Port names (from
services(5)), port numbers or port ranges; if the protocol is
\fBicmp\fR, this column is interpreted as the destination icmp\-type(s)\&.
ICMP types may be specified as a numeric type, a numeric type and code
separated by a slash (e\&.g\&., 3/4), or a typename\&. See
-\m[blue]\fBhttp://www\&.shorewall\&.net/configuration_file_basics\&.htm#ICMP\fR\m[]\&\s-2\u[10]\d\s+2\&;.
Note that prior to Shorewall 4\&.4\&.19, only a single ICMP type may be
listed\&.
+\m[blue]\fBhttp://www\&.shorewall\&.net/configuration_file_basics\&.htm#ICMP\fR\m[]\&\s-2\u[11]\d\s+2\&;.
Note that prior to Shorewall 4\&.4\&.19, only a single ICMP type may be
listed\&.
.sp
If the protocol is
\fBipp2p\fR, this column is interpreted as an ipp2p option without the leading
"\-\-" (example
@@ -1011,7 +1045,7 @@
\m[blue]\fBshorewall\-exclusion\fR\m[]\&\s-2\u[7]\d\s+2(5)\&.
.sp
See
-\m[blue]\fBhttp://www\&.shorewall\&.net/PortKnocking\&.html\fR\m[]\&\s-2\u[11]\d\s+2
+\m[blue]\fBhttp://www\&.shorewall\&.net/PortKnocking\&.html\fR\m[]\&\s-2\u[12]\d\s+2
for an example of using an entry in this column with a user\-defined action
rule\&.
.RE
.PP
@@ -1470,7 +1504,7 @@
.RE
.\}
.sp
-\m[blue]\fBshorewall\-host\fR\m[]\&\s-2\u[12]\d\s+2(5):
+\m[blue]\fBshorewall\-host\fR\m[]\&\s-2\u[13]\d\s+2(5):
.sp
.if n \{\
.RS 4
@@ -1636,11 +1670,11 @@
/etc/shorewall/rules
.SH "SEE ALSO"
.PP
-\m[blue]\fBhttp://www\&.shorewall\&.net/ipsets\&.html\fR\m[]\&\s-2\u[13]\d\s+2
+\m[blue]\fBhttp://www\&.shorewall\&.net/ipsets\&.html\fR\m[]\&\s-2\u[14]\d\s+2
.PP
-\m[blue]\fBhttp://www\&.shorewall\&.net/configuration_file_basics\&.htm#Pairs\fR\m[]\&\s-2\u[14]\d\s+2
+\m[blue]\fBhttp://www\&.shorewall\&.net/configuration_file_basics\&.htm#Pairs\fR\m[]\&\s-2\u[15]\d\s+2
.PP
-\m[blue]\fBhttp://www\&.shorewall\&.net/shorewall_logging\&.html\fR\m[]\&\s-2\u[15]\d\s+2
+\m[blue]\fBhttp://www\&.shorewall\&.net/shorewall_logging\&.html\fR\m[]\&\s-2\u[16]\d\s+2
.PP
shorewall(8), shorewall\-accounting(5), shorewall\-actions(5),
shorewall\-blacklist(5), shorewall\-blrules(5), shorewall\-hosts(5),
shorewall_interfaces(5), shorewall\-ipsets(5), shorewall\-maclist(5),
shorewall\-masq(5), shorewall\-nat(5), shorewall\-netmap(5),
shorewall\-params(5), shorewall\-policy(5), shorewall\-providers(5),
shorewall\-proxyarp(5), shorewall\-rtrules(5), shorewall\-routestopped(5),
shorewall\&.conf(5), shorewall\-secmarks(5), shorewall\-tcclasses(5),
shorewall\-tcdevices(5), shorewall\-mangle(5), shorewall\-tos(5),
shorewall\-tunnels(5), shorewall\-zones(5)
.SH "NOTES"
@@ -1690,31 +1724,36 @@
\%http://www.shorewall.net/ISO-3661.html
.RE
.IP "10." 4
+shorewall6-exclusion
+.RS 4
+\%http://www.shorewall.net/manpages6/shorewall6-exclusion.html
+.RE
+.IP "11." 4
http://www.shorewall.net/configuration_file_basics.htm#ICMP
.RS 4
\%http://www.shorewall.net/configuration_file_basics.htm#ICMP
.RE
-.IP "11." 4
+.IP "12." 4
http://www.shorewall.net/PortKnocking.html
.RS 4
\%http://www.shorewall.net/PortKnocking.html
.RE
-.IP "12." 4
+.IP "13." 4
shorewall-host
.RS 4
\%http://www.shorewall.net/manpages/shorewall-hosts.html
.RE
-.IP "13." 4
+.IP "14." 4
http://www.shorewall.net/ipsets.html
.RS 4
\%http://www.shorewall.net/ipsets.html
.RE
-.IP "14." 4
+.IP "15." 4
http://www.shorewall.net/configuration_file_basics.htm#Pairs
.RS 4
\%http://www.shorewall.net/configuration_file_basics.htm#Pairs
.RE
-.IP "15." 4
+.IP "16." 4
http://www.shorewall.net/shorewall_logging.html
.RS 4
\%http://www.shorewall.net/shorewall_logging.html
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-secmarks.5
new/shorewall-4.6.6.2/manpages/shorewall-secmarks.5
--- old/shorewall-4.6.6.1/manpages/shorewall-secmarks.5 2015-01-23
17:50:35.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-secmarks.5 2015-02-06
23:29:04.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-secmarks
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-SECMARKS" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-SECMARKS" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-stoppedrules.5
new/shorewall-4.6.6.2/manpages/shorewall-stoppedrules.5
--- old/shorewall-4.6.6.1/manpages/shorewall-stoppedrules.5 2015-01-23
17:50:37.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-stoppedrules.5 2015-02-06
23:29:05.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-stoppedrules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-STOPPEDRU" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-STOPPEDRU" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-tcclasses.5
new/shorewall-4.6.6.2/manpages/shorewall-tcclasses.5
--- old/shorewall-4.6.6.1/manpages/shorewall-tcclasses.5 2015-01-23
17:50:38.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-tcclasses.5 2015-02-06
23:29:07.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-tcclasses
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TCCLASSES" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-TCCLASSES" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-tcdevices.5
new/shorewall-4.6.6.2/manpages/shorewall-tcdevices.5
--- old/shorewall-4.6.6.1/manpages/shorewall-tcdevices.5 2015-01-23
17:50:39.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-tcdevices.5 2015-02-06
23:29:08.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-tcdevices
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TCDEVICES" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-TCDEVICES" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-tcfilters.5
new/shorewall-4.6.6.2/manpages/shorewall-tcfilters.5
--- old/shorewall-4.6.6.1/manpages/shorewall-tcfilters.5 2015-01-23
17:50:41.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-tcfilters.5 2015-02-06
23:29:09.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-tcfilters
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TCFILTERS" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-TCFILTERS" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-tcinterfaces.5
new/shorewall-4.6.6.2/manpages/shorewall-tcinterfaces.5
--- old/shorewall-4.6.6.1/manpages/shorewall-tcinterfaces.5 2015-01-23
17:50:42.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-tcinterfaces.5 2015-02-06
23:29:11.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-tcinterfaces
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TCINTERFA" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-TCINTERFA" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-tcpri.5
new/shorewall-4.6.6.2/manpages/shorewall-tcpri.5
--- old/shorewall-4.6.6.1/manpages/shorewall-tcpri.5 2015-01-23
17:50:44.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-tcpri.5 2015-02-06
23:29:12.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-tcpri
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TCPRI" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-TCPRI" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-tcrules.5
new/shorewall-4.6.6.2/manpages/shorewall-tcrules.5
--- old/shorewall-4.6.6.1/manpages/shorewall-tcrules.5 2015-01-23
17:50:45.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-tcrules.5 2015-02-06
23:29:14.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-mangle
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-MANGLE" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-MANGLE" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-tos.5
new/shorewall-4.6.6.2/manpages/shorewall-tos.5
--- old/shorewall-4.6.6.1/manpages/shorewall-tos.5 2015-01-23
17:50:47.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-tos.5 2015-02-06
23:29:15.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-tos
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TOS" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-TOS" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-tunnels.5
new/shorewall-4.6.6.2/manpages/shorewall-tunnels.5
--- old/shorewall-4.6.6.1/manpages/shorewall-tunnels.5 2015-01-23
17:50:48.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-tunnels.5 2015-02-06
23:29:17.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-tunnels
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TUNNELS" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-TUNNELS" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-vardir.5
new/shorewall-4.6.6.2/manpages/shorewall-vardir.5
--- old/shorewall-4.6.6.1/manpages/shorewall-vardir.5 2015-01-23
17:50:50.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-vardir.5 2015-02-06
23:29:18.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-vardir
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-VARDIR" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-VARDIR" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall-zones.5
new/shorewall-4.6.6.2/manpages/shorewall-zones.5
--- old/shorewall-4.6.6.1/manpages/shorewall-zones.5 2015-01-23
17:50:54.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall-zones.5 2015-02-06
23:29:23.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-zones
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ZONES" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\-ZONES" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall.8
new/shorewall-4.6.6.2/manpages/shorewall.8
--- old/shorewall-4.6.6.1/manpages/shorewall.8 2015-01-23 17:50:53.000000000
+0100
+++ new/shorewall-4.6.6.2/manpages/shorewall.8 2015-02-06 23:29:21.000000000
+0100
@@ -2,12 +2,12 @@
.\" Title: shorewall
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Administrative Commands
.\" Source: Administrative Commands
.\" Language: English
.\"
-.TH "SHOREWALL" "8" "01/23/2015" "Administrative Commands" "Administrative
Commands"
+.TH "SHOREWALL" "8" "02/06/2015" "Administrative Commands" "Administrative
Commands"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/manpages/shorewall.conf.5
new/shorewall-4.6.6.2/manpages/shorewall.conf.5
--- old/shorewall-4.6.6.1/manpages/shorewall.conf.5 2015-01-23
17:50:01.000000000 +0100
+++ new/shorewall-4.6.6.2/manpages/shorewall.conf.5 2015-02-06
23:28:30.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall.conf
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\&.CONF" "5" "01/23/2015" "Configuration Files" "Configuration
Files"
+.TH "SHOREWALL\&.CONF" "5" "02/06/2015" "Configuration Files" "Configuration
Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -1490,7 +1490,7 @@
.PP
\fBMODULE_SUFFIX=\fR[\fB"\fR\fIextension\fR \&.\&.\&.\fB"\fR]
.RS 4
-The value of this option determines the possible file extensions of kernel
modules\&. The default value is "ko ko\&.gz o o\&.gz gz"\&.
+The value of this option determines the possible file extensions of kernel
modules\&. The default value is "ko ko\&.gz ko\&.xz o o\&.gz o\&.xz gz xz"\&.
.RE
.PP
\fBMODULESDIR=\fR[\fIpathname\fR[\fB:\fR\fIpathname\fR]\&.\&.\&.]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/releasenotes.txt new/shorewall-4.6.6.2/releasenotes.txt
--- old/shorewall-4.6.6.1/releasenotes.txt 2015-01-23 17:49:48.000000000
+0100
+++ new/shorewall-4.6.6.2/releasenotes.txt 2015-02-06 23:28:17.000000000
+0100
@@ -1,7 +1,7 @@
----------------------------------------------------------------------------
- S H O R E W A L L 4 . 6 . 6 . 1
+ S H O R E W A L L 4 . 6 . 6 . 2
------------------------------------
- J a n u a r y 2 3 , 2 0 1 5
+ F e b r u a r y 0 6 , 2 0 1 5
----------------------------------------------------------------------------
I. PROBLEMS CORRECTED IN THIS RELEASE
@@ -14,6 +14,18 @@
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
+4.6.6.2
+
+1) The compiler failed to parse the construct +<ipset>[n] where n is an
+ integer (e.g., +bad[2]).
+
+2) Orion Paplawski has provided a patch that adds 'ko.xz' to the
+ default MODULE_SUFFIX setting. This change deals with recent Fedora
+ releases where the module names now end with ".ko.xz".
+
+ In addition to Orion's patch, the sample configurations have been
+ modified to specify MODULE_SUFFIX="ko ko.xz".
+
4.6.6.1
1) Previously the SAVE and RESTORE actions were erroneously disallowed
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/shorewall.spec new/shorewall-4.6.6.2/shorewall.spec
--- old/shorewall-4.6.6.1/shorewall.spec 2015-01-23 17:49:48.000000000
+0100
+++ new/shorewall-4.6.6.2/shorewall.spec 2015-02-06 23:28:17.000000000
+0100
@@ -1,6 +1,6 @@
%define name shorewall
%define version 4.6.6
-%define release 1
+%define release 2
Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
Name: %{name}
@@ -132,6 +132,10 @@
%doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples
%changelog
+* Mon Jan 26 2015 Tom Eastep t...@shorewall.net
+- Updated to 4.6.6-2
+* Mon Jan 26 2015 Tom Eastep t...@shorewall.net
+- Updated to 4.6.6-2
* Thu Jan 22 2015 Tom Eastep t...@shorewall.net
- Updated to 4.6.6-1
* Sat Jan 10 2015 Tom Eastep t...@shorewall.net
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/shorewall-4.6.6.1/uninstall.sh new/shorewall-4.6.6.2/uninstall.sh
--- old/shorewall-4.6.6.1/uninstall.sh 2015-01-23 17:49:48.000000000 +0100
+++ new/shorewall-4.6.6.2/uninstall.sh 2015-02-06 23:28:17.000000000 +0100
@@ -26,7 +26,7 @@
# You may only use this script to uninstall the version
# shown below. Simply run this script to remove Shorewall Firewall
-VERSION=4.6.6.1
+VERSION=4.6.6.2
PRODUCT=shorewall
usage() # $1 = exit status
++++++ shorewall-core-4.6.6.1.tar.bz2 -> shorewall-core-4.6.6.2.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.6.1/changelog.txt
new/shorewall-core-4.6.6.2/changelog.txt
--- old/shorewall-core-4.6.6.1/changelog.txt 2015-01-23 17:49:48.000000000
+0100
+++ new/shorewall-core-4.6.6.2/changelog.txt 2015-02-06 23:28:17.000000000
+0100
@@ -1,3 +1,15 @@
+Changes in 4.6.6.2
+
+1) Update release documents.
+
+2) Clarify Zone Exclusion
+
+3) Correct handling of +set[n]
+
+4) Apply Orion Paplawski's MODULE_SUFFIX patch.
+
+5) Update MODULE_SUFFIX="ko ko.xz" in samples.
+
Changes in 4.6.6.1
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.6.1/configure
new/shorewall-core-4.6.6.2/configure
--- old/shorewall-core-4.6.6.1/configure 2015-01-23 17:49:48.000000000
+0100
+++ new/shorewall-core-4.6.6.2/configure 2015-02-06 23:28:16.000000000
+0100
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=4.6.6.1
+VERSION=4.6.6.2
case "$BASH_VERSION" in
[4-9].*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.6.1/configure.pl
new/shorewall-core-4.6.6.2/configure.pl
--- old/shorewall-core-4.6.6.1/configure.pl 2015-01-23 17:49:48.000000000
+0100
+++ new/shorewall-core-4.6.6.2/configure.pl 2015-02-06 23:28:16.000000000
+0100
@@ -31,7 +31,7 @@
# Build updates this
#
use constant {
- VERSION => '4.6.6.1'
+ VERSION => '4.6.6.2'
};
my %params;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.6.1/install.sh
new/shorewall-core-4.6.6.2/install.sh
--- old/shorewall-core-4.6.6.1/install.sh 2015-01-23 17:49:48.000000000
+0100
+++ new/shorewall-core-4.6.6.2/install.sh 2015-02-06 23:28:16.000000000
+0100
@@ -22,7 +22,7 @@
# along with this program; if not, see <http://www.gnu.org/licenses/>.
#
-VERSION=4.6.6.1
+VERSION=4.6.6.2
usage() # $1 = exit status
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.6.1/known_problems.txt
new/shorewall-core-4.6.6.2/known_problems.txt
--- old/shorewall-core-4.6.6.1/known_problems.txt 2015-01-23
17:49:48.000000000 +0100
+++ new/shorewall-core-4.6.6.2/known_problems.txt 2015-02-06
23:28:17.000000000 +0100
@@ -28,3 +28,9 @@
${VARDIR}/lock.
Corrected in 4.6.6.1
+
+7) The compiler fails to parse the construct +<ipset>[n] where n is an
+ integer (e.g., +bad[2]).
+
+ Corrected in 4.6.6.2
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.6.1/lib.common
new/shorewall-core-4.6.6.2/lib.common
--- old/shorewall-core-4.6.6.1/lib.common 2015-01-23 17:18:30.000000000
+0100
+++ new/shorewall-core-4.6.6.2/lib.common 2015-02-06 21:56:35.000000000
+0100
@@ -374,7 +374,7 @@
moduleloader=insmod
fi
- [ -n "${MODULE_SUFFIX:=ko ko.gz o o.gz gz}" ]
+ [ -n "${MODULE_SUFFIX:=ko ko.gz ko.xz o o.gz o.xz gz xz}" ]
[ -z "$MODULESDIR" ] && \
uname=$(uname -r) && \
@@ -413,7 +413,7 @@
moduleloader=insmod
fi
- [ -n "${MODULE_SUFFIX:=o gz ko o.gz ko.gz}" ]
+ [ -n "${MODULE_SUFFIX:=o gz xz ko o.gz o.xz ko.gz ko.xz}" ]
[ -z "$MODULESDIR" ] && \
uname=$(uname -r) && \
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.6.1/releasenotes.txt
new/shorewall-core-4.6.6.2/releasenotes.txt
--- old/shorewall-core-4.6.6.1/releasenotes.txt 2015-01-23 17:49:48.000000000
+0100
+++ new/shorewall-core-4.6.6.2/releasenotes.txt 2015-02-06 23:28:17.000000000
+0100
@@ -1,7 +1,7 @@
----------------------------------------------------------------------------
- S H O R E W A L L 4 . 6 . 6 . 1
+ S H O R E W A L L 4 . 6 . 6 . 2
------------------------------------
- J a n u a r y 2 3 , 2 0 1 5
+ F e b r u a r y 0 6 , 2 0 1 5
----------------------------------------------------------------------------
I. PROBLEMS CORRECTED IN THIS RELEASE
@@ -14,6 +14,18 @@
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
+4.6.6.2
+
+1) The compiler failed to parse the construct +<ipset>[n] where n is an
+ integer (e.g., +bad[2]).
+
+2) Orion Paplawski has provided a patch that adds 'ko.xz' to the
+ default MODULE_SUFFIX setting. This change deals with recent Fedora
+ releases where the module names now end with ".ko.xz".
+
+ In addition to Orion's patch, the sample configurations have been
+ modified to specify MODULE_SUFFIX="ko ko.xz".
+
4.6.6.1
1) Previously the SAVE and RESTORE actions were erroneously disallowed
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.6.1/shorewall-core.spec
new/shorewall-core-4.6.6.2/shorewall-core.spec
--- old/shorewall-core-4.6.6.1/shorewall-core.spec 2015-01-23
17:49:48.000000000 +0100
+++ new/shorewall-core-4.6.6.2/shorewall-core.spec 2015-02-06
23:28:17.000000000 +0100
@@ -1,6 +1,6 @@
%define name shorewall-core
%define version 4.6.6
-%define release 1
+%define release 2
Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
Name: %{name}
@@ -63,6 +63,10 @@
%doc COPYING INSTALL changelog.txt releasenotes.txt
%changelog
+* Mon Jan 26 2015 Tom Eastep t...@shorewall.net
+- Updated to 4.6.6-2
+* Mon Jan 26 2015 Tom Eastep t...@shorewall.net
+- Updated to 4.6.6-2
* Thu Jan 22 2015 Tom Eastep t...@shorewall.net
- Updated to 4.6.6-1
* Sat Jan 10 2015 Tom Eastep t...@shorewall.net
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-core-4.6.6.1/uninstall.sh
new/shorewall-core-4.6.6.2/uninstall.sh
--- old/shorewall-core-4.6.6.1/uninstall.sh 2015-01-23 17:49:48.000000000
+0100
+++ new/shorewall-core-4.6.6.2/uninstall.sh 2015-02-06 23:28:16.000000000
+0100
@@ -26,7 +26,7 @@
# You may only use this script to uninstall the version
# shown below. Simply run this script to remove Shorewall Firewall
-VERSION=4.6.6.1
+VERSION=4.6.6.2
usage() # $1 = exit status
{
++++++ shorewall-docs-html-4.6.6.1.tar.bz2 ->
shorewall-docs-html-4.6.6.2.tar.bz2 ++++++
++++ 6986 lines of diff (skipped)
++++++ shorewall-init-4.6.6.1.tar.bz2 -> shorewall-init-4.6.6.2.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-init-4.6.6.1/changelog.txt
new/shorewall-init-4.6.6.2/changelog.txt
--- old/shorewall-init-4.6.6.1/changelog.txt 2015-01-23 17:49:49.000000000
+0100
+++ new/shorewall-init-4.6.6.2/changelog.txt 2015-02-06 23:28:17.000000000
+0100
@@ -1,3 +1,15 @@
+Changes in 4.6.6.2
+
+1) Update release documents.
+
+2) Clarify Zone Exclusion
+
+3) Correct handling of +set[n]
+
+4) Apply Orion Paplawski's MODULE_SUFFIX patch.
+
+5) Update MODULE_SUFFIX="ko ko.xz" in samples.
+
Changes in 4.6.6.1
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-init-4.6.6.1/configure
new/shorewall-init-4.6.6.2/configure
--- old/shorewall-init-4.6.6.1/configure 2015-01-23 17:49:49.000000000
+0100
+++ new/shorewall-init-4.6.6.2/configure 2015-02-06 23:28:17.000000000
+0100
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=4.6.6.1
+VERSION=4.6.6.2
case "$BASH_VERSION" in
[4-9].*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-init-4.6.6.1/configure.pl
new/shorewall-init-4.6.6.2/configure.pl
--- old/shorewall-init-4.6.6.1/configure.pl 2015-01-23 17:49:49.000000000
+0100
+++ new/shorewall-init-4.6.6.2/configure.pl 2015-02-06 23:28:17.000000000
+0100
@@ -31,7 +31,7 @@
# Build updates this
#
use constant {
- VERSION => '4.6.6.1'
+ VERSION => '4.6.6.2'
};
my %params;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-init-4.6.6.1/install.sh
new/shorewall-init-4.6.6.2/install.sh
--- old/shorewall-init-4.6.6.1/install.sh 2015-01-23 17:49:49.000000000
+0100
+++ new/shorewall-init-4.6.6.2/install.sh 2015-02-06 23:28:17.000000000
+0100
@@ -27,7 +27,7 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
02110-1301 USA.
#
-VERSION=4.6.6.1
+VERSION=4.6.6.2
usage() # $1 = exit status
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-init-4.6.6.1/releasenotes.txt
new/shorewall-init-4.6.6.2/releasenotes.txt
--- old/shorewall-init-4.6.6.1/releasenotes.txt 2015-01-23 17:49:49.000000000
+0100
+++ new/shorewall-init-4.6.6.2/releasenotes.txt 2015-02-06 23:28:17.000000000
+0100
@@ -1,7 +1,7 @@
----------------------------------------------------------------------------
- S H O R E W A L L 4 . 6 . 6 . 1
+ S H O R E W A L L 4 . 6 . 6 . 2
------------------------------------
- J a n u a r y 2 3 , 2 0 1 5
+ F e b r u a r y 0 6 , 2 0 1 5
----------------------------------------------------------------------------
I. PROBLEMS CORRECTED IN THIS RELEASE
@@ -14,6 +14,18 @@
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
+4.6.6.2
+
+1) The compiler failed to parse the construct +<ipset>[n] where n is an
+ integer (e.g., +bad[2]).
+
+2) Orion Paplawski has provided a patch that adds 'ko.xz' to the
+ default MODULE_SUFFIX setting. This change deals with recent Fedora
+ releases where the module names now end with ".ko.xz".
+
+ In addition to Orion's patch, the sample configurations have been
+ modified to specify MODULE_SUFFIX="ko ko.xz".
+
4.6.6.1
1) Previously the SAVE and RESTORE actions were erroneously disallowed
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-init-4.6.6.1/shorewall-init.spec
new/shorewall-init-4.6.6.2/shorewall-init.spec
--- old/shorewall-init-4.6.6.1/shorewall-init.spec 2015-01-23
17:49:49.000000000 +0100
+++ new/shorewall-init-4.6.6.2/shorewall-init.spec 2015-02-06
23:28:17.000000000 +0100
@@ -1,6 +1,6 @@
%define name shorewall-init
%define version 4.6.6
-%define release 1
+%define release 2
Summary: Shorewall-init adds functionality to Shoreline Firewall (Shorewall).
Name: %{name}
@@ -126,6 +126,10 @@
%doc COPYING changelog.txt releasenotes.txt
%changelog
+* Mon Jan 26 2015 Tom Eastep t...@shorewall.net
+- Updated to 4.6.6-2
+* Mon Jan 26 2015 Tom Eastep t...@shorewall.net
+- Updated to 4.6.6-2
* Thu Jan 22 2015 Tom Eastep t...@shorewall.net
- Updated to 4.6.6-1
* Sat Jan 10 2015 Tom Eastep t...@shorewall.net
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-init-4.6.6.1/uninstall.sh
new/shorewall-init-4.6.6.2/uninstall.sh
--- old/shorewall-init-4.6.6.1/uninstall.sh 2015-01-23 17:49:49.000000000
+0100
+++ new/shorewall-init-4.6.6.2/uninstall.sh 2015-02-06 23:28:17.000000000
+0100
@@ -26,7 +26,7 @@
# You may only use this script to uninstall the version
# shown below. Simply run this script to remove Shorewall Firewall
-VERSION=4.6.6.1
+VERSION=4.6.6.2
usage() # $1 = exit status
{
++++++ shorewall-lite-4.6.6.1.tar.bz2 -> shorewall-lite-4.6.6.2.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-lite-4.6.6.1/changelog.txt
new/shorewall-lite-4.6.6.2/changelog.txt
--- old/shorewall-lite-4.6.6.1/changelog.txt 2015-01-23 17:49:49.000000000
+0100
+++ new/shorewall-lite-4.6.6.2/changelog.txt 2015-02-06 23:28:17.000000000
+0100
@@ -1,3 +1,15 @@
+Changes in 4.6.6.2
+
+1) Update release documents.
+
+2) Clarify Zone Exclusion
+
+3) Correct handling of +set[n]
+
+4) Apply Orion Paplawski's MODULE_SUFFIX patch.
+
+5) Update MODULE_SUFFIX="ko ko.xz" in samples.
+
Changes in 4.6.6.1
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-lite-4.6.6.1/configure
new/shorewall-lite-4.6.6.2/configure
--- old/shorewall-lite-4.6.6.1/configure 2015-01-23 17:49:49.000000000
+0100
+++ new/shorewall-lite-4.6.6.2/configure 2015-02-06 23:28:17.000000000
+0100
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=4.6.6.1
+VERSION=4.6.6.2
case "$BASH_VERSION" in
[4-9].*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-lite-4.6.6.1/configure.pl
new/shorewall-lite-4.6.6.2/configure.pl
--- old/shorewall-lite-4.6.6.1/configure.pl 2015-01-23 17:49:49.000000000
+0100
+++ new/shorewall-lite-4.6.6.2/configure.pl 2015-02-06 23:28:17.000000000
+0100
@@ -31,7 +31,7 @@
# Build updates this
#
use constant {
- VERSION => '4.6.6.1'
+ VERSION => '4.6.6.2'
};
my %params;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-lite-4.6.6.1/install.sh
new/shorewall-lite-4.6.6.2/install.sh
--- old/shorewall-lite-4.6.6.1/install.sh 2015-01-23 17:49:49.000000000
+0100
+++ new/shorewall-lite-4.6.6.2/install.sh 2015-02-06 23:28:17.000000000
+0100
@@ -22,7 +22,7 @@
# along with this program; if not, see <http://www.gnu.org/licenses/>.
#
-VERSION=4.6.6.1
+VERSION=4.6.6.2
usage() # $1 = exit status
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/shorewall-lite-4.6.6.1/manpages/shorewall-lite-vardir.5
new/shorewall-lite-4.6.6.2/manpages/shorewall-lite-vardir.5
--- old/shorewall-lite-4.6.6.1/manpages/shorewall-lite-vardir.5 2015-01-23
17:53:10.000000000 +0100
+++ new/shorewall-lite-4.6.6.2/manpages/shorewall-lite-vardir.5 2015-02-06
23:31:37.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-lite-vardir
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-LITE\-VAR" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-LITE\-VAR" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-lite-4.6.6.1/manpages/shorewall-lite.8
new/shorewall-lite-4.6.6.2/manpages/shorewall-lite.8
--- old/shorewall-lite-4.6.6.1/manpages/shorewall-lite.8 2015-01-23
17:53:11.000000000 +0100
+++ new/shorewall-lite-4.6.6.2/manpages/shorewall-lite.8 2015-02-06
23:31:39.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-lite
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Administrative Commands
.\" Source: Administrative Commands
.\" Language: English
.\"
-.TH "SHOREWALL\-LITE" "8" "01/23/2015" "Administrative Commands"
"Administrative Commands"
+.TH "SHOREWALL\-LITE" "8" "02/06/2015" "Administrative Commands"
"Administrative Commands"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/shorewall-lite-4.6.6.1/manpages/shorewall-lite.conf.5
new/shorewall-lite-4.6.6.2/manpages/shorewall-lite.conf.5
--- old/shorewall-lite-4.6.6.1/manpages/shorewall-lite.conf.5 2015-01-23
17:53:08.000000000 +0100
+++ new/shorewall-lite-4.6.6.2/manpages/shorewall-lite.conf.5 2015-02-06
23:31:36.000000000 +0100
@@ -2,12 +2,12 @@
.\" Title: shorewall-lite.conf
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 <http://docbook.sf.net/>
-.\" Date: 01/23/2015
+.\" Date: 02/06/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-LITE\&.CO" "5" "01/23/2015" "Configuration Files"
"Configuration Files"
+.TH "SHOREWALL\-LITE\&.CO" "5" "02/06/2015" "Configuration Files"
"Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-lite-4.6.6.1/releasenotes.txt
new/shorewall-lite-4.6.6.2/releasenotes.txt
--- old/shorewall-lite-4.6.6.1/releasenotes.txt 2015-01-23 17:49:49.000000000
+0100
+++ new/shorewall-lite-4.6.6.2/releasenotes.txt 2015-02-06 23:28:17.000000000
+0100
@@ -1,7 +1,7 @@
----------------------------------------------------------------------------
- S H O R E W A L L 4 . 6 . 6 . 1
+ S H O R E W A L L 4 . 6 . 6 . 2
------------------------------------
- J a n u a r y 2 3 , 2 0 1 5
+ F e b r u a r y 0 6 , 2 0 1 5
----------------------------------------------------------------------------
I. PROBLEMS CORRECTED IN THIS RELEASE
@@ -14,6 +14,18 @@
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
+4.6.6.2
+
+1) The compiler failed to parse the construct +<ipset>[n] where n is an
+ integer (e.g., +bad[2]).
+
+2) Orion Paplawski has provided a patch that adds 'ko.xz' to the
+ default MODULE_SUFFIX setting. This change deals with recent Fedora
+ releases where the module names now end with ".ko.xz".
+
+ In addition to Orion's patch, the sample configurations have been
+ modified to specify MODULE_SUFFIX="ko ko.xz".
+
4.6.6.1
1) Previously the SAVE and RESTORE actions were erroneously disallowed
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-lite-4.6.6.1/shorecap
new/shorewall-lite-4.6.6.2/shorecap
--- old/shorewall-lite-4.6.6.1/shorecap 2015-01-23 17:18:30.000000000 +0100
+++ new/shorewall-lite-4.6.6.2/shorecap 2015-02-06 21:56:35.000000000 +0100
@@ -38,7 +38,7 @@
#
# IPTABLES - iptables
# MODULESDIR - /lib/modules/$(uname -r)/kernel/net/ipv4/netfilter
-# MODULE_SUFFIX - "o gz ko o.gz ko.gz"
+# MODULE_SUFFIX - "o gz xz ko o.gz o.xz ko.gz ko.xz"
#
# Shorewall need not be installed on the target system to run shorecap. If
the '-e' flag is
# used during firewall compilation, then the generated firewall program
will likewise not
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-lite-4.6.6.1/shorewall-lite.spec
new/shorewall-lite-4.6.6.2/shorewall-lite.spec
--- old/shorewall-lite-4.6.6.1/shorewall-lite.spec 2015-01-23
17:49:49.000000000 +0100
+++ new/shorewall-lite-4.6.6.2/shorewall-lite.spec 2015-02-06
23:28:17.000000000 +0100
@@ -1,6 +1,6 @@
%define name shorewall-lite
%define version 4.6.6
-%define release 1
+%define release 2
%define initdir /etc/init.d
Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux
systems.
@@ -106,6 +106,10 @@
%doc COPYING changelog.txt releasenotes.txt
%changelog
+* Mon Jan 26 2015 Tom Eastep t...@shorewall.net
+- Updated to 4.6.6-2
+* Mon Jan 26 2015 Tom Eastep t...@shorewall.net
+- Updated to 4.6.6-2
* Thu Jan 22 2015 Tom Eastep t...@shorewall.net
- Updated to 4.6.6-1
* Sat Jan 10 2015 Tom Eastep t...@shorewall.net
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/shorewall-lite-4.6.6.1/uninstall.sh
new/shorewall-lite-4.6.6.2/uninstall.sh
--- old/shorewall-lite-4.6.6.1/uninstall.sh 2015-01-23 17:49:49.000000000
+0100
+++ new/shorewall-lite-4.6.6.2/uninstall.sh 2015-02-06 23:28:17.000000000
+0100
@@ -26,7 +26,7 @@
# You may only use this script to uninstall the version
# shown below. Simply run this script to remove Shorewall Firewall
-VERSION=4.6.6.1
+VERSION=4.6.6.2
PRODUCT=shorewall-lite
usage() # $1 = exit status
++++++ shorewall-4.6.6.1.tar.bz2 -> shorewall6-4.6.6.2.tar.bz2 ++++++
++++ 127471 lines of diff (skipped)
++++++ shorewall-lite-4.6.6.1.tar.bz2 -> shorewall6-lite-4.6.6.2.tar.bz2 ++++++
++++ 7986 lines of diff (skipped)
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
