Shorewall devel - Oct 2012 - Shorewall 4.5.9 Beta 2

Shorewall 4.5.9 Beta 2 is now available for testing.

Problems Corrected:

1)  This release contains all defect repair from Shorewall 4.5.8.2.

2)  A typo has been corrected in the shorewallrc.default file.

3)  Beginning with Shorewall 4.5.7.2, Shorewall unconditionally
    restores the provider mark as the first rule in the mangle table
    OUTPUT and PREROUTING chains. Previously, the provider mark was
    restored only if it was non-zero.

    It has become clear that some users need it one way while others
    need it the other way. To resolve this issue, a RESTORE_ROUTEMARKS
    option has been added to shorewall.conf and shorewall6.conf. When
    this option is set to Yes (the default), the 4.5.7.2 approach is
    used (always restore the mark, even if it is zero); when it is set
    to No, the pre-4.5.7.2 behavior is retained.

New Features:

1)  Prior to this release, if a dynamic zone was associated with more
    than one interface, then Shorewall created a separate ipset for
    each interface. This meant that multiple ''add'' and
''delete''
    commands might be required to change the zone composition.

    This release introduces a ''dynamic_shared'' zone option.
When that
    option is specified, a single ipset is generated regardless of the
    number of entries the zone has in the hosts file.

    The ''dynamic_shared'' option may only be specified in the
OPTIONS
    column of the zones file.

    The syntax of the ''add'' and ''delete''
commands is changed for zones
    having the ''dynamic_shared'' option:

    	   add <zone> <address>[,<address> ... ]

       	   delete <zone> <address>[,<address> ... ]

    Example:

        shorewall add direct 172.20.1.99

    The syntax for ''add'' and ''delete'' for
zones not having the
    ''dynamic_shared'' option is unchanged.

Thank you for testing,
-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________



------------------------------------------------------------------------------
Don''t let slow site performance ruin your business. Deploy New Relic
APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev