April 16, 2009
2000-04-16 Shorewall 4.2.8
+2009-05-14 Shorewall 4.2.9
++
Problems corrected in Shorewall 4.2.9+
1) The Shorweall-perl 4.2.8 compiler did not rename the output script
file with the result that:
a) Shorewall would not start for the first time after
installation.
b) Configuration changes were apparently ignored.
2) Placing a broadcast address in the BROADCAST column of
/etc/shorewall/interfaces caused Shorewall-perl to generate an
error:
ERROR: Invalid BROADCAST address : /etc/shorewall/interfaces\
(line 225)
3) When Shorewall could not determine the MAC address of of a gateway
router where multiple providers are configured through the same
interface, invalid iptables-restore input was generated. This
resulted in an error message similar to the following:
iptables-restore v1.3.5: Bad mac address `-j'
4) Shorewall-perl was not processing the tcrules file when
TC_ENABLED=No.
5) When 'all' appeared in the SOURCE column of a DNAT rule, no rule to
redirect output from the firewall itself was generated.
6) The 'shorewall iprange' command failed to produce a minimal list of
networks.
New Features in Shorewall 4.2.9
1) Shorewall6 has now been validated on Ubuntu Hardy running kernel
2.6.24. Shorewall6 is now supported on that kernel version.
2009-04-16 Shorewall 4.2.8
+
Problems Corrected in Shorewall 4.2.8
1) The 'start -f' command would previously skip the compilation step
unconditionally when the 'make' utility was not installed. Now, the
compilation step is run unconditionally in this case.
2) When ADD_IP_ALIASES=Yes in shorewall.conf, entries in
/etc/shorewall/nat produce this failure at compile time when
using Shorewall-perl:
ERROR: Internal Error in emit : /etc/shorewall/nat (line 12)
3) When LOG_MARTIANS=Yes with Shorewall-perl, setting logmartians=0 in
an entry in /etc/shorewall/interface failed to suppress martian
logging on the interface.
4) Shorewall-perl now generates rules with inversion that are
compatible with iptables 1.4.3.
5) When a network address was specified in the SOURCE or DEST column of
/etc/shorewall/tcfilters, Shorewall-perl was generating an incorrect
netmask.
New Features in 4.2.8
1) The /usr/share/shorewall/modules and /usr/share/shorewall6/modules
files have been updated for iptables 1.4.3/kernel 2.6.29.
2009-03-19 Shorewall 4.2.7
diff --git a/web/shorewall_index.htm b/web/shorewall_index.htm index 21bddc30c..d2c535aeb 100644 --- a/web/shorewall_index.htm +++ b/web/shorewall_index.htm @@ -47,7 +47,7 @@ -| 4.2.8 + | 4.2.9 (includes IPv6 support.) | Release + href="http://www1.shorewall.net/pub/shorewall/4.2/shorewall-4.2.9/releasenotes.txt">Release notes | Known + href="http://www1.shorewall.net/pub/shorewall/4.2/shorewall-4.2.9/known_problems.txt">Known Problems |