Beta 3 is now available for testing. Problems corrected since Beta 2:
1) If a chain consisted of a single RETURN rule, optimize level 4
would handle it incorrectly by moving the RETURN rule to the
chain(s) that jumped to the single-rule chain.
Known Problems Remaining (in addition to the perennial Upstart issue):
1) The optimizer doesn't delete ending RETURN rules from chains.
New Features since Beta 2:
1) There are now two new sections in the rules file:
INVALID
Allows definition of rules to be applied to packets in the
INVALID connection state.
UNTRACKED
Allows definition of rules to be applied to packets in the
UNTRACKED connection state (due to entries in the conntrack
file).
The implementation of these sections is modeled after that of the
RELATED section. There are options in shorewall.conf
(shorewall6.conf) that control the disposition and logging of
packets that fail to match any of the rules in the section.
INVALID_DISPOSITION
Valid values are CONTINUE, DROP, REJECT, and A_DROP.
The default is CONTINUE, which provides compatibility with
earlier releases (the packets are subject to the rules in
the NEW section).
INVALID_LOG_LEVEL.
Determines logging of packets handled by
INVALID_DISPOSITION. Empty by default (no logginig).
NOTRACK_DISPOSITION
Valid values are CONTINUE, ACCEPT, DROP, REJECT, A_ACCEPT
and A_DROP.
The default is CONTINUE, which provides compatibility with
earlier releases (the packets are subject to the rules in
the NEW section).
NOTRACK_LOG_LEVEL.
Determines logging of packets handled by
NOTRACK_DISPOSITION. Empty by default (no logging).
The new order of sections in the rules files is:
ALL
ESTABLISHED
RELATED
INVALID
NOTRACK
NEW
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnnow-d2d
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
