Shorewall 4.6.13 RC 1 is now available for testing. Problems Corrected since Beta 2:
1) Inline matches on IP[6]TABLE rules could be ignored if
INLINE_MATCHES=No. They are now recognized.
2) Specifying an action with a logging level in one of the _DEFAULT
options in shorewall[6].conf (e.g., REJECT_DEFAULT=Reject:info)
produced a compilation error:
ERROR: Invalid value (:info) for first Reject parameter
/usr/share/shorewall/action.Reject (line 52)
That has been corrected. Note, however, that specifying logging
with a default action tends to defeat one of the main purposes of
default actions which is to suppress logging.
New Features since Beta 2:
1) When the 'update' command is converting a deprecated file, it now
makes additional checks when it finds a target file (mangle,
stoppedrules or blrules) to append the converted rules to:
- If the file is in the directory $SHAREDIR/$product/configfiles/,
the file is not opened.
- If the file is in the directory
$SHAREDIR/doc/$product/default-config/, the file is not opened.
- If the file is not writable, the file is not opened.
When the file isn't opened because of one of these checks, an
attempt is made to create a new file in either the directory
specified on the command line (if any) or in the first directory
listed in the CONFIG_PATH setting.
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
