-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://shorewall.net/pub/shorewall/2.1/shorewall-2.1.8 ftp://shorewall.net/pub/shorewall/2.1/shorewall-2.1.8 New in this release: 1) Shorewall now verifies that your kernel and iptables have physdev ~ match support if BRIDGING=Yes in shorewall.conf. 2) Beginning with this release, if your kernel and iptables have ~ iprange match support (see the output from "shorewall check"), then ~ with the exception of the /etc/shorewall/netmap file, anywhere that ~ a network address may appear, an IP address range of the form <low ~ address>-<high address> may also appear. 3) Support has been added for the iptables CLASSIFY target. That ~ target allows you to classify packets for traffic shaping directly ~ rather than indirectly through fwmark. Simply entry the ~ <major>:<minor> classification in the first column of ~ /etc/shorewall/tcrules: ~ Example: ~ #MARK/ SOURCE DEST PROTO PORT(S) ~ #CLASSIFY ~ 1:30 - - tcp 25 ~ Marking using the CLASSIFY target always occurs in the POSTROUTING ~ chain of the mangle table and is not affected by the setting of ~ MARK_IN_FORWARD_CHAIN in shorewall.conf. - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBP3KCO/MAbZfjDLIRAu+4AJ9FbTMKr3X0ZqO5Lbr32G51f1Uf6gCgiyu1 9E/rHS8aI9Bt/2dQrmtYoWI=Wnqq -----END PGP SIGNATURE-----