Shorewall 4.5.7 Beta 1 is now available for testing.
Problems Corrected:
1) Previously, when Shorewall products were installed using install.sh
on systems with systemd, the products failed to start at boot. That
has been corrected.
New Features:
1) A new ''rpfilter'' interface option has been added. Setting
this
option requires kernel 3.4.0 or later and iptables 1.4.14. This
option is similar to routefilter but without the disadvantages:
- Works with both IPv4 and IPv6
- Uses packet marks when doing reverse path lookup so works with
all Multi-ISP configurations.
- Uses standard Netfilter/Shorewall log messages controlled by the
- RPFILTER_LOG_LEVEL setting in shorewall.conf (5).
- Disposition and auditing may be controlled using the
- RPFILTER_DISPOSITION option in shorewall.conf (5).
This feature adds a new ''RPFilter Match'' capability; if
you use a
capabilities file, you should regenerate it using this release.
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today''s security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/