Shorewall 5.1.10 Beta 2 is now available for testing. New features since Beta 1:
1) It is now possible to associate a particular protocol with an
action in shorewall[6]-actions(5). When a protocol is specified in
that file, it is not necessary to specify the protocol in the PROTO
column when invoking the action. If a protocol is included in the
PROTO column then it must match the one specified in the actions
file. If an action defined with a protocol is used as a Policy
Action, then only packets with the specified protocol will be
passed to the action.
A number of standard actions definitions in
/usr/share/shorewall[6]/actions.std have had a protocol added.
The protocol has no effect if 'builtin' or 'inline' is also
specified; specifying 'builtin' with a protocol results in a
warning message. No warning is issued when 'inline' is specified
with a protocol, thus allowing 'inline' and a protocol to appear
together in actions.std. Note that 'noinline' in
shorewall-actions(5) can override an 'inline' specification in
actions.std.
2) The FIN action previously included the PSH flag (FIN,ACK,PSH). To
make the action a bit more general, the PSH flag is now removed and
TCP packets with just the FIN and ACK flags set will now match.
Thank you for testing,
-Tom
--
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.org \ understand
\_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
