Beta 4 is now available for testing. Changes in this version include: Problems Corrected:
1) Previously, when a device number was explicitly specified in
/etc/shorewall/tcdevices, all unused numbers less than the one
specified were unavailable for allocation to following entries that
did not specify a number. Now, the compiler selects the lowest
unallocated number when no device number is explicitly allocated.
2) Problem in Beta 3 that resulted in these failures:
ERROR: Internal error in Shorewall::Chains::new_chain
at /usr/share/shorewall/Shorewall/Chains.pm line 1200
Use of uninitialized value in numeric gt (>)
at /usr/share/shorewall/Shorewall/Chains.pm line 814.
ERROR: Internal error in
Shorewall::Chains::decrement_reference_count
at /usr/share/shorewall/Shorewall/Chains.pm line 814
New Features:
1) There are audited versions of the standard Default Actions
named ADrop and AReject. Note that these audit everything that
they do so you will probably want to make your own copies and
modify them to only audit the packets that you care about.
2) Significant work has been done toward unifying the sources for
/sbin/shorewall and /sbin/shorewall6. This work should be
transparent to users so please report any issues that you find
with either program.
3) Shorewall and Shorewall6 no longer have a dependence on 'make'.
4) Up to this release, the behaviors of 'start -f' and 'restart -f'
has been inconsistent. The 'start -f' command compares the
modification times of /etc/shorewall[6] with
/var/lib/shorewall[6]/restore while 'restart -f' compares with
/var/lib/shorewall[6]/firewall.
To make the two consistent, a new LEGACY_FASTSTART option has been
added. The default value when the option isn't specified is
LEGACY_FASTSTART=Yes which preserves the old behavior. When
LEGACY_FASTSTART=No, 'start -f' and 'restart -f' compare with
/var/lib/shorewall[6]/firewall.
5) A '-c' (compile) option has been added to the 'restart'
command in both Shorewall and Shorewall6. It overrides the setting
of AUTOMAKE and unconditionally forces a recompilation of the
configuration.
When both -c and -f are specified, the result is determined by the
option that appears last.
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ vRanger cuts backup time in half-while increasing security. With the market-leading solution for virtual backup and recovery, you get blazing-fast, flexible, and affordable data protection. Download your free trial now. http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
