shorewall_code/Shorewall/known_problems.txt

1)  All versions of Shorewall-perl mishandle per-IP rate limiting in
    REDIRECT and DNAT rules. The effective rate and burst are 1/2 of
    the values given in the rule.

    Corrected in 4.4.7.1

2)  Detection of the 'Old hashlimit match' capability was broken in
    /sbin/shorewall, /sbin/shorewall-lite and in the IPv4 version of 
    shorecap. This problem only affects users of older distributions
    such as RH3L5 and derivatives.

    Corrected in 4.4.7.2

2)  On older distributions such as RHEL5 and derivatives, when
    LOAD_HELPERS_ONLY=No, Shorewall would fail to start if a TYPE was
    specified in /etc/shorewall/tcinterfaces.

    Corrected in 4.4.7.2
Document per-IP rate limiting bug. Signed-off-by: Tom Eastep <teastep@shorewall.net> 2010-02-13 16:26:49 +01:00			`1) All versions of Shorewall-perl mishandle per-IP rate limiting in`
			`REDIRECT and DNAT rules. The effective rate and burst are 1/2 of`
			`the values given in the rule.`

			`Corrected in 4.4.7.1`
Fix detection of FLOW_FILTER when LOAD_HELPERS_ONLY=No Signed-off-by: Tom Eastep <teastep@shorewall.net> 2010-02-14 16:55:41 +01:00
			`2) Detection of the 'Old hashlimit match' capability was broken in`
			`/sbin/shorewall, /sbin/shorewall-lite and in the IPv4 version of`
			`shorecap. This problem only affects users of older distributions`
			`such as RH3L5 and derivatives.`

			`Corrected in 4.4.7.2`

			`2) On older distributions such as RHEL5 and derivatives, when`
			`LOAD_HELPERS_ONLY=No, Shorewall would fail to start if a TYPE was`
			`specified in /etc/shorewall/tcinterfaces.`

			`Corrected in 4.4.7.2`