Shorewall 4.6.10 Beta 2 is now available for testing. New Features since Beta 1:
1) Two new options have been added to the NFQUEUE target.
- By default, if no userspace program is listening on an NFQUEUE,
then all packets that are to be queued are dropped. When the new
'bypass' option is used, the NFQUEUE rule is silently bypassed
instead. The packet will move on to the next rule.
Examples:
NFQUEUE(bypass)
NFQUEUE(3,bypass)
- Now, a queue range of the form n:m may be specified. Packets are
then balanced across the given queues. This is useful for
multicore systems: start multiple instances of the userspace
program on queues x, x+1, .. x+n and use "x:x+n". Packets
belonging to the same connection are put into the same nfqueue.
Examples:
NFQUEUE(4:6)
NFQUEUE(4:6,bypass)
Queue ranges are also permitted in an NFQUEUE policy; the
'bypass' option is not permitted there.
2) The 'call' command is now documented. It provides a way to call
shell functions in the Shorewall libraries or in the generated
script.
call <function> [ <parameter> ... ]
<function> must name a shell function in one of the Shorewall
libraries or in the generated script. The function is first
searched for in lib.base, lib.common, lib.cli and lib.cli-std
(lib.cli-std is not searched by the '-lite' products). If the
function is found, it is called with any supplied <parameter>s.
If the function is not found in the libraries, the call command
is passed to the generated script for processing.
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
