Shorewall 1.3.2 is now available. New features include:
1. A new "logwatch" command has been added to the /sbin/shorewall
program.
2. Shorewall can now take advantage of the Netfilter
''multiport'' match
function (kernel configuration option CONFIG_IP_NF_MATCH_MULTIPORT).
3. Dynamic blacklisting is now supported through the use of three new
commands in /sbin/shorewall:
deny - drop packets from one or more hosts.
reject - reject packets from one or more hosts.
allow - reverse the effect of a prior ''deny'' or
''reject'' command.
save - save the current dynamic blacklisting settings so that they
will be applied the next time that Shorewall is started.
4. The ''firewall'', ''version'' and
''functions'' files have been moved from
/etc/shorewall to /var/lib/shorewall.
As requested by several folks, the RPM is for this release is
shorewall-1.3.2-1.noarch.rpm. You can upgrade to that RPM from older
versions in the usual way.
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net