Beta 4 is now ready for testing.
http://www.shorewall.net/pub/shorewall/development/4.4/shorewall-4.4.0-Beta4/
ftp://ftp.shorewall.net/pub/shorewall/development/4.4/shorewall-4.4.0-Beta4/
----------------------------------------------------------------------------
P R O B L E M S C O R R E C T E D I N 4 . 4 . 0 Beta 4
----------------------------------------------------------------------------
1) The BGP and OSFP macros released in Beta 3 contained rules to allow
administrative access to the related routing daemons. Those rules
have been deleted.
2) Previously, if Address Type Match was not available and an
interface on the firewall was (mis-)configured as shown below, then
REJECT policies in Shorewall-perl would drop packets addressed to
the interface rather than reject them.
3: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 ...
inet 127.0.0.1/32 scope host venet0
inet 206.124.146.176/32 brd 206.124.146.176 ...
Note that a /32 should never be configured with a broadcast
address.
3) Due to a syntax ambiguity arising from the new dynamic zone
implementation, ''shorewall show dynamic'' produced no
output. It now
shows the contents of the dynamic blacklist as in earlier
Shorewall releases.
4) The ''findgw'' script produced an error if VERBOSITY > 0.
----------------------------------------------------------------------------
K N O W N P R O B L E M S R E M A I N I N G
----------------------------------------------------------------------------
None.
----------------------------------------------------------------------------
N E W F E A T U R E S I N 4 . 4 . 0 Beta 4
----------------------------------------------------------------------------
1) Paul Gear has contributed the following macros:
macro.Webcache (originally named macro.DG)
macro.IPPbrd
macro.NTPbi
macro.RIPbi
macro.mDNS
2) The default value of DISABLE_IPV6 has been changed from
''Yes'' to
''No'' in all sample shorewall.conf files. Shorewall6 should
be
installed to restrict IPv6 traffic.
As part of this change, the ip6tables program in the directory
specified by the IPTABLES setting will be used to disable IPv6. If
the iptables utility is discovered using the PATH setting, then
ip6tables in the same directory as the discovered iptables will be
used.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge
This is your chance to win up to $100,000 in prizes! For a limited time,
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize
details at: http://p.sf.net/sfu/Challenge