Shorewall 4.5.21 is now available for testing. Problems corrected since Beta 3:
1) If a Shorewall-lite installation used an /etc/shorewall-lite/vardir
file to set a non-standard state directory, the 'load' and 'reload
commands on the administrative system would send the firewall and
firewall.conf files to the wrong directory on the firewall system.
New Features since Beta 3:
1) The generated firewall script inserts a host route for each
provider gateway into both the main routing table and into the
provider's routing table. This is necessary on older kernels to
avoid failure of default route insertion into the tables.
It has been discovered, however, that these host routes prevent
Zebra from being able to add routes on some distributions, most
notably Debian 7.0. To work around this issue, two new provider
options are now available:
hostroute This is the default and causes the host routes
described above to be inserted.
nohostroute Prevents the host routes from being inserted.
2) It was previously not possible for Perl code in an action file to
change the rule comment as is done using the ?COMMENT directive
outside of Perl.
To allow actions to manipulate the current comment, two functions
are made available:
push_comment() Clears the current rule comment and returns
that comment to the caller.
set_comment($) Sets the current rule comment to the passed
string.
Typical usage would be:
?BEGIN PERL
use Shorewall::Config;
...
my $oldcomment = push_comment(); #Save and clear current
#current rule comment
...
set_comment('This is a comment');
add_ijump(....); #This rule will have comment
# /* This is a comment */
set_comment(''); #Clear current rule comment
add_ijump(....); #This rule has no comment
...
set_comment($oldcomment) #Restore caller's comment
#if any.
?END PERL
Thank you for testing.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
