As often happens, immediately after I released 4.4.19, several problem reports came it reporting issues from prior releases. This patch release corrects the following problems: 1) A duplicate ACCEPT rule in the INPUT chain has been eliminated when the firewall is stopped. 2) A defect introduced in Shorewall 4.4.17 broke the ability to specify '':<low port>-<high port>'' in the ADDRESS column of /etc/shorewall/masq. 3) Several long-standing defects having to do with default route save/restore have been corrected in the Multi-ISP implementation. a) Shorewall previously interpreted all ''nexthop'' routes as default routes when analyzing the pre-start routing configuration. This could lead to unwanted default routes when the firewall was started or stopped. b) The default route with metric 0 was usually not restored during ''stop'' processing. c) If there were multiple default routes in the main table prior to ''shorewall start'' and USE_DEFAULT_RT was set, only the first one with metric 0 was deleted. 4) A couple of issues with the Shorewall install script have been corrected. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Benefiting from Server Virtualization: Beyond Initial Workload Consolidation -- Increasing the use of server virtualization is a top priority.Virtualization can reduce costs, simplify management, and improve application availability and disaster protection. Learn more about boosting the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev
As often happens, immediately after I released 4.4.19, several problem reports came it reporting issues from prior releases. This patch release corrects the following problems: 1) A duplicate ACCEPT rule in the INPUT chain has been eliminated when the firewall is stopped. 2) A defect introduced in Shorewall 4.4.17 broke the ability to specify '':<low port>-<high port>'' in the ADDRESS column of /etc/shorewall/masq. 3) Several long-standing defects having to do with default route save/restore have been corrected in the Multi-ISP implementation. a) Shorewall previously interpreted all ''nexthop'' routes as default routes when analyzing the pre-start routing configuration. This could lead to unwanted default routes when the firewall was started or stopped. b) The default route with metric 0 was usually not restored during ''stop'' processing. c) If there were multiple default routes in the main table prior to ''shorewall start'' and USE_DEFAULT_RT was set, only the first one with metric 0 was deleted. 4) A couple of issues with the Shorewall install script have been corrected. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Benefiting from Server Virtualization: Beyond Initial Workload Consolidation -- Increasing the use of server virtualization is a top priority.Virtualization can reduce costs, simplify management, and improve application availability and disaster protection. Learn more about boosting the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev