Shorewall 4.5.3.1 is now available for download. Problems Corrected: 1) Previously, nested conditionals did not work correctly in all cases. In particular: ?IF $FALSE ?IF $FALSE foo bar ?ENDIF baz bop ?ENDIF In this case, the lines ''baz'' and ''bop'' were incorrectly included when they should have beeen omitted. 2) The ''balance'' routing table is now cleared if there are no ''balance'' providers. 3) Previously, the compiler generated an invalid ''ip add route'' command if an IPv6 provider had ''-'' in the GATEWAY column. 4) As noted in the Migration Considerations, the generated firewall script maintains the interface .status files used by LSM and SWPING. Up to now, however, the ''disable'' command did not update the .status file. That has been corrected. As part of the change, the ''isusable'' script is no longer consulted by the ''enable'' command. 5) The configure and configure.pl scripts have not been outputting the setting of SPARSE, with the result that /etc/shorewall and /etc/shorewall6 are fully-populated on Debian systems. This has been corrected. For Debian users that want to remove the extra files from /etc/shorewall (/etc/shorewall6), the following script will do the job (replace ''shorewall'' by ''shorewall6'' to clean /etc/shorewall6): #!/bin/sh cd /etc/shorewall for f in *; do [ -f /usr/share/shorewall/configfiles/$f ] && \ diff -q $f /usr/share/shorewall/configfiles/$f > /dev/null \ && rm $f; done Once you have done that, edit ~/.shorewallrc and add SPARSE=Yes to the settings in that file. Thank you for using Shorewall, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today''s security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/