diff --git a/docs/support.xml b/docs/support.xml index 9a8c003e2..2018b483e 100644 --- a/docs/support.xml +++ b/docs/support.xml @@ -18,7 +18,7 @@ - 2001-2007 + 2001-2008 Thomas M. Eastep @@ -42,9 +42,9 @@ - This article applies to Shorewall 3.0 and + This article applies to Shorewall 4.0 and later. If you are running a version of Shorewall earlier than Shorewall - 3.0.0 then please see the documentation for that + 4.0.0 then please see the documentation for that release. @@ -56,12 +56,11 @@ - The three currently-supported Shorewall major releases are 3.2, 3.4 and - 4.0. + The two currently-supported Shorewall major releases are 4.0 and 4.2. - Shorewall versions earlier than 3.2.0 are no longer supported; + Shorewall versions earlier than 4.0.0 are no longer supported; we will try to help but I will personally not spend time reading earlier code to try to help you solve a problem and I will not release a patch to correct any defect found. @@ -149,13 +148,12 @@ Shorewall-perl, there is no need to compress the file — it will be very short). - If you are running Shorewall version 3.2.0 or later and - compilation succeeds but the compiled program fails, then please - include the compiled program with your report. The compiled program - will be named /var/lib/shorewall/.start if the - command is shorewall start and it will be named - /var/lib/shorewall/.restart if the command is - shorewall restart. + If compilation succeeds but the compiled program fails, then + please include the compiled program with your report. The compiled + program will be named /var/lib/shorewall/.start + if the command is shorewall start and it will be + named /var/lib/shorewall/.restart if the + command is shorewall restart. If you are running Shorewall-perl 4.0.5 or later, you may also include the word debug as the first @@ -217,17 +215,10 @@ If you are unsure if Shorewall is starting successfully or not then first note that if Shorewall starts successfully, the last message produced by Shorewall 3.0 is "Shorewall Started" and the last - message produced by Shorewall 3.2 in "done.": + message produced by Shorewall is "done.":
- Shorewall 3.0: - - … -Activating Rules... -Shorewall Started -gateway:~# - - Shorewall 3.2: + … Activating Rules... @@ -249,7 +240,7 @@ gateway:~# similar to this:
- Shorewall-3.0.6 Status at gateway - Thu Mar 30 14:07:29 PDT 2006 + Shorewall-4.0.6 Status at gateway - Thu Mar 30 14:07:29 PDT 2008 Shorewall is running State:Started (Thu Mar 30 14:07:29 PDT 2006) @@ -259,7 +250,7 @@ State:Started (Thu Mar 30 14:07:29 PDT 2006) similar to this:
- Shorewall-3.0.6 Status at gateway - Thu Mar 30 14:08:11 PDT 2006 + Shorewall-4.0.6 Status at gateway - Thu Mar 30 14:08:11 PDT 2008 Shorewall is stopped State:Stopped (Thu Mar 30 14:08:11 PDT 2006) diff --git a/web/News.htm b/web/News.htm index e0daa80b3..c683debd8 100644 --- a/web/News.htm +++ b/web/News.htm @@ -30,7 +30,24 @@ License".

2006-10-05 Shorewall 4.2.0

-
Release Highlights.

1) Support is included for multiple internet providers through the same
   ethernet interface.

2) Support for NFLOG has been added.

3) Enhanced operational logging.

4) The tarball installers now work under Cygwin.

5) Shorewall-perl now supports IFB devices which allow traffic shaping of
   incoming traffic.

6) Shorewall-perl supports definition of u32 traffic classification
   filters.
+
Release Highlights.

1) Support is included for multiple internet providers through the same
   ethernet interface.

2) Support for NFLOG has been added.

3) Enhanced operational logging.

4) The tarball installers now work under Cygwin.

5) Shorewall-perl now supports IFB devices which allow traffic shaping of
   incoming traffic.

6) Shorewall-perl supports definition of u32 traffic classification
   filters.
+

+

2008-03-29 Shorewall 4.0.10

Problems corrected in Shorewall-perl 4.0.10.

1)  Shorewall-perl 4.0.9 erroneously reported an error message when a
    bridge port was defined in /etc/shorewall/interfaces:

     ERROR: Your iptables is not recent enough to support bridge ports

2)  Under Shorewall-perl, if an empty action was invoked or was named
    in one of the DEFAULT_xxx options in shorewall.conf, an
    iptables-restore error occured.

3)  If $ADMIN was empty, then the rule:

        ACCEPT loc:$ADMIN all

     became

        ACCEPT loc   net

     It is now flagged as an error.

4)  Previously, Shorewall-perl would reject an IP address range in the
    ecn and routestopped files.

5)  A POLICY of ":" in /etc/shorewall/policy would produce Perl
    run-time errors.

6)  An INTERFACE of ":" in /etc/shorewall/interfaces would produce Perl
    run-time errors.

7)  A MARK of ":" in /etc/shorewall/tcrules would produce Perl
    run-time errors.

Problems corrected in Shorewall-shell 4.0.10.

1)  Specifying a value for ACCEPT_DEFAULT or QUEUE_DEFAULT resulted in
    a fatal error at compile time.

Known Problems Remaining.

1)  The 'refresh' command doesn't refresh the mangle table. So changes
    made to /etc/shorewall/providers and/or /etc/shorewall/tcrules may
    not be reflected in the running ruleset.

Other changes in 4.0.10.

1)  The Sample configurations have been updated to set
    LOG_MARTIANS=keep. In 4.2, this will be changed to
    LOG_MARTIANS=Yes.

2)  Shorewall-perl now generates a fatal error if a non-existant shell
    variable is used in any configuration file (except
    /etc/shorewall/params).

3)  Shorewall-perl now supports an 'l2tp' tunnel type. It opens UDP
    port 1701 in both directions and assumes that the source port will
    also be 1701. Some implementations (particularly OS X) use a
    different source port. In that case, you should use
    'generic:udp:1701' rather than 'l2tp'.