extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-01-26 07:29:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update versions to 2.3.2

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2137 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2005-05-19 14:16:52 +00:00
parent c8dc7f1271
commit 1b2a068025
5 changed files with 70 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall2/fallback.sh
View File

@ -28,7 +28,7 @@
# shown below. Simply run this script to revert to your prior version of # shown below. Simply run this script to revert to your prior version of
# Shoreline Firewall. # Shoreline Firewall.
VERSION=2.3.1 VERSION=2.3.2
usage() # $1 = exit status usage() # $1 = exit status
{ {

2
Shorewall2/install.sh
View File

@ -22,7 +22,7 @@
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
# #
VERSION=2.3.1 VERSION=2.3.2
usage() # $1 = exit status usage() # $1 = exit status
{ {

126
Shorewall2/releasenotes.txt
View File

@ -1,4 +1,4 @@
Shorewall 2.3.3 Shorewall 2.3.2
----------------------------------------------------------------------- -----------------------------------------------------------------------
Problems corrected in version 2.3.2 Problems corrected in version 2.3.2
@ -7,9 +7,70 @@ None.
----------------------------------------------------------------------- -----------------------------------------------------------------------
New Features in version 2.3.2 New Features in version 2.3.2
1) Shorewall 2.3.2 can now configure routing if your kernel and 1) Shorewall 2.3.2 includes support for multiple internet interfaces to
different ISPs.
The file /etc/shorewall/providers may be used to define the
different providers. It can actually be used to define alternate
routing tables so uses like transparent proxy can use the file as
well.
Columns are:
NAME The provider name.
NUMBER The provider number -- a number between 1 and 15
MARK A FWMARK value used in your
/etc/shorewall/tcrules file to direct packets to
this provider.
DUPLICATE The name of an existing table to duplicate. May
be 'main' or the name of a previous provider.
INTERFACE The name of the network interface to the
provider. Must be listed in
/etc/shorewall/interfaces.
GATEWAY The IP address of the provider's gateway router.
OPTIONS A comma-separated list selected from the
following:
track If specified, connections FROM this interface are
to be tracked so that responses may be routed
back out this same interface.
You want specify 'trask' if internet hosts will be
connecting to local servers through this
provider.
Because of limitations in the 'ip' utility and
policy routing, you may not use the SAVE or
RESTORE tcrules options or use connection
marking on any traffic to or from this
interface. For traffic control purposes, you
must mark packets in the FORWARD chain (or
better yet, use the CLASSIFY target).
balance The providers that have 'balance' specified will
get outbound traffic load-balanced among them.
Example: You run squid in your DMZ on IP address
192.168.2.99. Your DMZ interface is eth2
#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS
Squid 1 1 - eth2 192.168.2.99 -
Use of this feature requires that your kernel and iptables
support CONNTRACK target and conntrack match as well as extended
MARK support. It does NOT require the ROUTE target extension.
2) Shorewall 2.3.2 can now configure routing if your kernel and
iptables support the ROUTE target extension. This extension is iptables support the ROUTE target extension. This extension is
available in Patch-O-Matic-ng. available in Patch-O-Matic-ng. This feature is *EXPERIMENTAL* since
the Netfilter team have no intention of ever releasing the ROUTE
target extension to kernel.org.
Routing is configured using the /etc/shorewall/routes file. Columns Routing is configured using the /etc/shorewall/routes file. Columns
in the file are as follows: in the file are as follows:
@ -91,65 +152,6 @@ New Features in version 2.3.2
GATEWAY The gateway that the packet is to be forewarded GATEWAY The gateway that the packet is to be forewarded
through. through.
2) Shorewall 2.3.2 includes support for multiple internet interfaces to
different ISPs.
The file /etc/shorewall/providers may be used to define the
different providers. It can actually be used to define alternate
routing tables so uses like transparent proxy can use the file as
well.
Columns are:
NAME The provider name.
NUMBER The provider number -- a number between 1 and 15
MARK A FWMARK value used in your
/etc/shorewall/tcrules file to direct packets to
this provider.
DUPLICATE The name of an existing table to duplicate. May
be 'main' or the name of a previous provider.
INTERFACE The name of the network interface to the
provider. Must be listed in
/etc/shorewall/interfaces.
GATEWAY The IP address of the provider's gateway router.
OPTIONS A comma-separated list selected from the
following:
track If specified, connections FROM this interface are
to be tracked so that responses may be routed
back out this same interface.
You want specify 'trask' if internet hosts will be
connecting to local servers through this
provider.
Because of limitations in the 'ip' utility and
policy routing, you may not use the SAVE or
RESTORE tcrules options or use connection
marking on any traffic to or from this
interface. For traffic control purposes, you
must mark packets in the FORWARD chain (or
better yet, use the CLASSIFY target).
balance The providers that have 'balance' specified will
get outbound traffic load-balanced among them.
Example: You run squid in your DMZ on IP address
192.168.2.99. Your DMZ interface is eth2
#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS
Squid 1 1 - eth2 192.168.2.99 -
Use of this feature requires that your kernel and iptables
support CONNTRACK target and conntrack match as well as extended
MARK support. It does NOT require the ROUTE target extension.
----------------------------------------------------------------------- -----------------------------------------------------------------------
Problems corrected in version 2.3.1 Problems corrected in version 2.3.1

4
Shorewall2/shorewall.spec
View File

@ -1,5 +1,5 @@
%define name shorewall %define name shorewall
%define version 2.3.1 %define version 2.3.2
%define release 1 %define release 1
%define prefix /usr %define prefix /usr
@ -140,6 +140,8 @@ fi
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn
%changelog %changelog
* Thu May 19 2005 Tom Eastep tom@shorewall.net
- Updated to 2.3.2-1
* Sun May 15 2005 Tom Eastep tom@shorewall.net * Sun May 15 2005 Tom Eastep tom@shorewall.net
- Updated to 2.3.1-1 - Updated to 2.3.1-1
* Mon Apr 11 2005 Tom Eastep tom@shorewall.net * Mon Apr 11 2005 Tom Eastep tom@shorewall.net

2
Shorewall2/uninstall.sh
View File

@ -26,7 +26,7 @@
# You may only use this script to uninstall the version # You may only use this script to uninstall the version
# shown below. Simply run this script to remove Seattle Firewall # shown below. Simply run this script to remove Seattle Firewall
VERSION=2.3.1 VERSION=2.3.2
usage() # $1 = exit status usage() # $1 = exit status
{ {