Shorewall 4.4.25 RC 1 is now available for testing.
Problems corrected:
1) When copying IPv6 routes, the generated script previously attempted
to copy ''cache'' entries. Those entries are now omitted.
2) Previously, the use of large provider numbers could cause some
Shorewall-generated routing rules to be ineffective.
Example (provider numbers 110 and 120):
0: from all lookup local
10109: from all fwmark 0x6e/0xff lookup 110
10119: from all fwmark 0x78/0xff lookup 120
11000: from 2001:470:1f04:262::1/64 lookup 110
11001: from 2001:470:c:316::1/64 lookup 120
32766: from all lookup main
47904: from 2001:470:8388::1 lookup 110 <========== 50464: from
2001:470:f032::1 lookup 120 <==========
Now, all routing rules generated by provider interface IP (and IP6)
addresses are created at priority 20000.
0: from all lookup local
10109: from all fwmark 0x6e/0xff lookup 110
10119: from all fwmark 0x78/0xff lookup 120
11000: from 2001:470:1f04:262::1/64 lookup 110
11001: from 2001:470:c:316::1/64 lookup 120
20000: from 2001:470:8388::1 lookup 110 <========== 20000: from
2001:470:f032::1 lookup 120 <========== 32766: from all lookup main
3) In some contexts, IPv6 addresses of the form ::i.j.k.l were
incorrectly classified as invalid by the configuration compiler.
New Features:
1) A ''MARK'' column has been added to the route_rules file.
See
shorewall-route_rules (5) and shorewall6-route_rules (5) for
details.
Thank you for testing,
-Tom
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
The demand for IT networking professionals continues to grow, and the
demand for specialized networking skills is growing even more rapidly.
Take a complimentary Learning@Cisco Self-Assessment and learn
about Cisco certifications, training, and career opportunities.
http://p.sf.net/sfu/cisco-dev2dev