thr3ads.net - Shorewall devel - Shorewall 4.3.4 [Dec 2008]

If this information is useful, please help other people find it:
Share via:
Tom Eastep
2008-Dec-16 22:55 UTC
Shorewall 4.3.4

4.3.4 is available for testing:

Problems Corrected in 4.3.4

1)  Previously, an extra ''done'' could be emitted in the
generated shell
    script resulting in a shell syntax error at run-time.

2)  In IPv6, ipranges were previously not supported even when the
    kernel and ip6tables included support for them.

3)  An optimization in all Shorewall-perl 4.2 and 4.3 versions could
    cause undesirable side effects. The optimization deleted the
    <interface>_in and <interface>_fwd chains and moved their rules
    to the appropriate rules chain (a <zone>2<xxx> chain).

    This worked badly in cases where a zone was associated with more
    than one interface. Rules could be duplicated or, worse, a rule
    that was intended for only input from one of the zone''s interfaces
    would be applied to input from all of the zone''s interfaces.

    This problem has been corrected so that an interface-related
    chains is only deleted if:

    a) the chain has no rules in it; or
    b) the interface is associated with only one zone and that zone is
       associated with only that interface in which case it is safe to
       move the rules.

Other Changes in 4.3.4

1)  Shorewall and Shorewall Lite now show only IPv4 connections in the
    output of ''shorewall show connections'',
''shorewall-lite show
    connections'', ''shorewall dump'' and
''shorewall-lite dump''.

2)  The Shorewall and Shorewall lite commands that show log messages
    (''shorewall show log'', ...) now show only IPv4 messages.
The
    corresponding commands in Shorewall6 and Shorewall6 Lite only show
    IPv6 messages.

Happy testing,
-Tom
-- 
Tom Eastep        \ The ultimate result of shielding men from the
Shoreline,         \ effects of folly is to fill the world with fools.
Washington, USA     \                                 -Herbert Spencer
http://shorewall.net \________________________________________________



------------------------------------------------------------------------------
SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada.
The future of the web can''t happen without you.  Join us at MIX09 to
help
pave the way to the Next Web now. Learn more and register at
http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
Shorewall devel - Dec 2008 - Shorewall 4.3.4

Shorewall 4.3.4
