extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 17:28:35 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update release notes for RC 1

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@3957 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-05-30 14:31:05 +00:00
parent 1a4998645a
commit 1ada13bcec
1 changed files with 33 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
Shorewall/releasenotes.txt
View File

@ -1,4 +1,4 @@
Shorewall 3.2.0 Beta 8 Shorewall 3.2.0 RC 1
Note to users upgrading from Shorewall 2.x or 3.0 Note to users upgrading from Shorewall 2.x or 3.0
@ -31,55 +31,13 @@ Note to users upgrading from Shorewall 2.x or 3.0
Please see the "Migration Considerations" below for additional upgrade Please see the "Migration Considerations" below for additional upgrade
information. information.
Problems Corrected in 3.2.0 Beta 8 Problems Corrected in 3.2.0 RC 1
1) If BRIDGING=No in shorewall.conf, then an entry in None.
/etc/shorewall/hosts such as the following would result in an
obscure failure of an iptables command:
loc br0:eth0 Other changes in 3.2.0 RC 1
Shorewall now detects this case and issues a more helpful error None.
message:
ERROR: BRIDGING=Yes is required for this zone definition: loc br0:eth0
2) Previously, if LOGFORMAT generated any embedded white-space then a
startup error would result.
3) The 'trace' keyword now causes the execution of the compiled script to
be traced when the command is 'start' or 'restart'.
4) It is now possible to exclude a single source MAC address using
!<MAC address>. Previously, a startup error occurred.
Other changes in 3.2.0 Beta 8
1) In /etc/shorewall/rules, the values "all-" and "all+-" may now be
used for zone names. "all-" means "All zones except the firewall";
"all+-" means "All zones except the firewall" and intra-zone
traffic is included.
2) Kernel version 2.6.16 introduces 'xtables', a new common packet
filtering and connection tracking facility that supports both IPv4
and IPv6. Because a different set of kernel modules must be loaded
for xtables, Shorewall now includes two 'modules' files:
a) /usr/share/shorewall/modules -- the former
/etc/shorewall/modules
b) /usr/share/shorewall/xmodules -- a new file that support
xtables.
If you wish to use the new file, then simply execute this command:
cp -f /usr/share/shorewall/xmodules /etc/modules
3) Shorewall now checks to see if devices in /etc/shorewall/tcdevices
exist. If a device does not exist, a warning message is issued and
that device's entries in /etc/shorewall/tcclasses are ignored. This
applies to "shorewall start", "shorewall restart" and "shorewall
refresh".
Migration Considerations: Migration Considerations:
@ -627,3 +585,31 @@ New Features:
/etc/shorewall/tcdevices and will use the detected MTU in setting /etc/shorewall/tcdevices and will use the detected MTU in setting
up traffic shaping. up traffic shaping.
15) In /etc/shorewall/rules, the values "all-" and "all+-" may now be
used for zone names. "all-" means "All zones except the firewall";
"all+-" means "All zones except the firewall" and intra-zone
traffic is included.
16) Kernel version 2.6.16 introduces 'xtables', a new common packet
filtering and connection tracking facility that supports both IPv4
and IPv6. Because a different set of kernel modules must be loaded
for xtables, Shorewall now includes two 'modules' files:
a) /usr/share/shorewall/modules -- the former
/etc/shorewall/modules
b) /usr/share/shorewall/xmodules -- a new file that support
xtables.
If you wish to use the new file, then simply execute this command:
cp -f /usr/share/shorewall/xmodules /etc/shorewall/modules
17) Shorewall now checks to see if devices in /etc/shorewall/tcdevices
exist. If a device does not exist, a warning message is issued and
that device's entries in /etc/shorewall/tcclasses are ignored. This
applies to "shorewall start", "shorewall restart" and "shorewall
refresh".