Shorewall 5.1.7.2 is now available for download. It corrects a couple of potentially serious problems that affect many resent releases:
1) Previously during the opening of a configuration file, if SELinux
denied the "getattr" (stat) request, then the compiler would skip
processing of the file as if it did not exist. Now, if "getattr"
fails for any reason other than that the file does not exist, an
error is raised.
ERROR: Unable to access <filename>: <reason for denial>
2) Previously, when a range was passed to the MARK() action (mangle
file), any specified protocol, port and time restrictions were
ignored. Now these elements are included in the rule.
Thank you for using Shorewall,
-Tom
--
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.org \ understand
\_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
