[Shorewall-users] Shorewall 5.1.9

Sun, 26 Nov 2017 08:47:22 -0800 

Shorewall 5.1.9 is now available for download.

Problems Corrected:

1)  This release includes defect repair through Shorewall 5.1.8.1.

2)  Previously, Shorewall6 did not accept square brackets ("[...]")
    around the GATEWAY address in a Providers file entry. That has been
    corrected, so that the usual convention of enclosing IPv6 addresses
    in square brackets is allowed in that context.

3)  Previously, if the IP variables was set in a remote firewall's
    configuration directory, and the named file did not exist on the
    local administrative system, then a fatal error was raised.

    Example:

       ERROR: The program specified in IP (/usr/bin/ip) does not exist
              or is not executable

    Beginning with this release, the contents of the IP option will not
    be verified at compile time when compiling for export.

New Features:

1)  The mangle file now supports a TCPMSS action for setting the MSS
    value in TCP SYN packets. See shorewall-mangle(5) for details. As
    part of this change, the TCPMSS rule generated by the CLAMPMSS
    option has been moved from the filter table FOWARD chain to the
    mangle table FORWARD chain.

2)  The Broadcast and Multicast actions are now inlined when the
    Address Type Match capability is available.

3)  It is now possible to specify 'noinline' in an entry in
    /etc/shorewall[6]/actions to override the 'inline' option
    specified in /usr/share/shorewall/actions.std.

4)  Logging is now supported in the snat file.

    - Log levels may be specified on SNAT, MASQUERADE and CONTINUE
      rules.

    - The NFLOG, ULOG and LOG actions are now supported.

    See shorewall-snat(5) for details.

5)  A logging manpage (shorewall-logging(5)) has been added.

6)  The IPMI macro now includes support for Redfish remote consoles.

7)  The Sample configuration files now use logical interface names to
    simplify adapting them to fit the newer interface naming
    convention adopted by the kernel.

Thank you for using Shorewall,

-Tom
-- 
Tom Eastep        \   Q: What do you get when you cross a mobster with
Shoreline,         \     an international standard?
Washington, USA     \ A: Someone who makes you an offer you can't
http://shorewall.org \   understand
                      \_______________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to