Beta 1 has been uploaded for testing.
Note: The version in the release note heading in the tarballs is
incorrect (4.5.13).
Problems Corrected:
1) Previously, a list of IPv6 host addresses where each address was
enclosed in square brackets generated a fatal compile-time error.
Such lists are now handled correctly.
New Features:
1) Previously, when compiling for export to a Shorewall lite system,
either /etc/shorewall/params was required to be readable by the
user or the remote host''s configuration directory was required to
include a (possibly empty) params file.
Beginning with this release, when a directory name is specified in
a ''compile'', ''check'',
''load'', ''reload'' or
''export'' command and the
user is not root (euid is not zero), then /sbin/shorewall and
/sbin/shorewall6 will only look in the specified directory for the
params and shorewall[6].conf files.
2) The BLACKLIST_LOGLEVEL option has been renamed BLACKLIST_LOG_LEVEL
to be consistent with the other log-level option
names. BLACKLIST_LOGLEVEL continues to be accepted as a synonym for
BLACKLIST_LOG_LEVEL, but a ''shorewall update'' or
''shorewall6
update'' command will replace BLACKLIST_LOGLEVEL with
BLACKLIST_LOG_LEVEL in the new .conf file.
3) Rules in the ESTABLISHED section are now placed in separate
chains. Rules for traffic from zone Za to zone Zb and placed in
^Za2Zb or ^Za-Zb, depending on the setting of
ZONE2ZONE. Previously, they were placed in Za2Zb (Za-Zb).
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Free Next-Gen Firewall Hardware Offer
Buy your Sophos next-gen firewall before the end March 2013
and get the hardware for free! Learn more.
http://p.sf.net/sfu/sophos-d2d-feb
Tom Shorewall6 rule: ACCEPT lan:[2001:1::1],[2001:1::2],[] wan tcp 23 Produces the following message: Use of uninitialized value $net in pattern match (m//) at /usr/share/shorewall/Shorewall/IPAddrs.pm line 659, <$currentfile> line 19. Steven. ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb
On 02/13/2013 12:59 PM, Steven Jan Springl wrote:> Tom > > Shorewall6 rule: > > ACCEPT lan:[2001:1::1],[2001:1::2],[] wan tcp 23 > > Produces the following message: > > Use of uninitialized value $net in pattern match (m//) at > /usr/share/shorewall/Shorewall/IPAddrs.pm line 659, <$currentfile> line 19.The attached patch seems to close that hole. Thanks Steven, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb
On Wednesday 13 Feb 2013 21:26:41 Tom Eastep wrote:> On 02/13/2013 12:59 PM, Steven Jan Springl wrote: > > Tom > > > > Shorewall6 rule: > > > > ACCEPT lan:[2001:1::1],[2001:1::2],[] wan tcp 23 > > > > Produces the following message: > > > > Use of uninitialized value $net in pattern match (m//) at > > /usr/share/shorewall/Shorewall/IPAddrs.pm line 659, <$currentfile> line > > 19. > > The attached patch seems to close that hole. > > Thanks Steven, > -TomTom The patch fixes the issue. Thanks. Steven. ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb