[Shorewall-devel] Shorewall 4.5.3

Fri, 08 Jan 2010 09:08:22 -0800 

For your weekend testing enjoyment, 4.5.3 is available for download.

The release notes in the release packages do not mention the TPROXY
support included in 4.5.3 (see New Feature #2 below). That feature is
very lightly tested; I've verified that the correct rules are being
generated and that iptables/kernel with TPROXY support load a TPROXY
configuration okay but I don't have a Squid3 test environment to try it
out. I encourage those of you who do have such an environment to test
this feature and let me know the result.

Squid information may be found at
http://wiki.squid-cache.org/Features/Tproxy4.

----------------------------------------------------------------------------
          P R O B L E M S   C O R R E C T E D   I N   4 . 5 . 3
----------------------------------------------------------------------------

1)  Previously, Shorewall generated invalid iptables-restore input if
    logging was specified on a NONAT rule.

2)  The fw2fw (fw-fw) chain could be incorrectly deleted with optimize
    4.

3)  Entries in /etc/shorewall/tcpri generated an iptables-restore error
    on CentOS 5.3.

----------------------------------------------------------------------------
             K N O W N   P R O B L E M S   R E M A I N I N G
----------------------------------------------------------------------------

None.

----------------------------------------------------------------------------
                N E W   F E A T U R E S   I N   4 . 5 . 3
----------------------------------------------------------------------------

1)  Non-empty rules chains (those of the form zoneA2zoneB or
    zoneA-zoneB) are no longer optimized out of existence by optimize 4.

2)  TPROXY support has been added. See
    http://www.shorewall.net/Shorewall_Squid_Usage.html#TPROXY.

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev 
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel

Reply via email to