Shorewall 5.2.7 is now available for download. Problems Corrected:
1) This release contains defect repair up through Shorewall 5.2.6.1.
New Features:
1) Previously, it was not possible to classify traffic by destination
IP address when using an Intermediate Functional Block (IFB) for
traffic shaping. This is because such classification takes place
before the traffic passes through the mangle PREROUTING chain.
Such filtering is now possible by setting the 'connmark' option in
the tcdevices file. This option causes the current connection mark
to be copied to the packet mark prior to filtering, thus allowing
the packet mark to be used for classification.
This change adds a new CONNMARK_ACTION capability which is
required to be able to specify the 'connmark' option.
Rodrigo Araujo provided the bulk of the code for this enhancement.
2) The tcpri file now supports ?FORMAT 2 which inserts an SPORT
column directly to the right of the PORT column. As part of this
change, the PORT column is renamed to DPORT while allowing both
'port' and 'dport' to be used in the alternate input format. See
shorewall-tcpri(5) and
http://shorewall.org/simple_traffic_shaping.html for additional
information.
3) The Simple TC document is now linked to FAQs 97 and 97a.
Thank you for using Shorewall,
-Tom
--
Tom Eastep \ Q: What do you get when you cross a mobster
Shoreline, \ with an international standard?
Washington, USA \ A: Someone who makes you an offer you
http://shorewall.org \ can't understand
\________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
