2003-03-21 05:14:20 +01:00
|
|
|
This is a minor release of Shorewall.
|
2002-05-01 01:13:15 +02:00
|
|
|
|
2003-03-26 17:11:31 +01:00
|
|
|
Problems Corrected:
|
2002-12-31 02:10:28 +01:00
|
|
|
|
2003-03-26 17:11:31 +01:00
|
|
|
New Features:
|
|
|
|
|
|
2003-05-21 01:27:11 +02:00
|
|
|
1) A REDIRECT- rule target has been added. This target behaves for
|
|
|
|
|
REDIRECT in the same was as DNAT- does for DNAT in that the
|
|
|
|
|
Netfilter nat table REDIRECT rule is added but not the companion
|
|
|
|
|
filter table ACCEPT rule.
|
2003-05-20 01:28:37 +02:00
|
|
|
|
2003-05-21 23:36:05 +02:00
|
|
|
2) The LOGMARKER variable has been renamed LOGFORMAT and has been
|
|
|
|
|
changed to a 'printf' formatting template which accepts three
|
2003-05-28 21:20:23 +02:00
|
|
|
arguments (the chain name, logging rule number (optional) and the
|
|
|
|
|
disposition). The logging rule number is included if the LOGFORMAT
|
|
|
|
|
value contains '%d'. For example, to use LOGFORMAT with fireparse,
|
|
|
|
|
set it as:
|
2003-05-21 23:36:05 +02:00
|
|
|
|
2003-05-22 22:37:24 +02:00
|
|
|
LOGFORMAT="fp=%s:%d a=%s "
|
2003-05-21 23:36:05 +02:00
|
|
|
|
2003-05-22 22:37:24 +02:00
|
|
|
|
|
|
|
|
CAUTION: /sbin/shorewall uses the leading part of the LOGFORMAT
|
|
|
|
|
string (up to but not including the first '%') to find log messages
|
|
|
|
|
in the 'show log', 'status' and 'hits' commands. This part should
|
|
|
|
|
not be omitted (the LOGFORMAT should not begin with "%") and the
|
|
|
|
|
leading part should be sufficiently unique for /sbin/shorewall to
|
|
|
|
|
identify Shorewall messages.
|
|
|
|
|
|
|
|
|
|
3) When logging is specified on a DNAT[-] or REDIRECT[-] rule, the
|
|
|
|
|
logging now takes place in the nat table rather than in the filter
|
|
|
|
|
table. This way, only those connections that actually undergo DNAT
|
|
|
|
|
or redirection will be logged.
|
2003-05-28 21:20:23 +02:00
|
|
|
|
