From 33b54e4ebe37ca48c19ee0cbc10d5d41fd0c791a Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 3 Jan 2011 09:00:39 -0800 Subject: [PATCH] Version to 4.4.16 --- Shorewall-init/install.sh | 2 +- Shorewall-init/shorewall-init.spec | 4 +- Shorewall-init/uninstall.sh | 2 +- Shorewall-lite/install.sh | 2 +- Shorewall-lite/shorewall-lite.spec | 4 +- Shorewall-lite/uninstall.sh | 2 +- Shorewall/Perl/Shorewall/Config.pm | 2 +- Shorewall/install.sh | 2 +- Shorewall/releasenotes.txt | 96 ++++++++++------------------ Shorewall/shorewall.spec | 4 +- Shorewall/uninstall.sh | 2 +- Shorewall6-lite/install.sh | 2 +- Shorewall6-lite/shorewall6-lite.spec | 4 +- Shorewall6-lite/uninstall.sh | 2 +- Shorewall6/install.sh | 2 +- Shorewall6/shorewall6.spec | 4 +- Shorewall6/uninstall.sh | 2 +- 17 files changed, 61 insertions(+), 77 deletions(-) diff --git a/Shorewall-init/install.sh b/Shorewall-init/install.sh index 7607e97be..5e7ef3ec8 100755 --- a/Shorewall-init/install.sh +++ b/Shorewall-init/install.sh @@ -23,7 +23,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.16-RC1 +VERSION=4.4.16 usage() # $1 = exit status { diff --git a/Shorewall-init/shorewall-init.spec b/Shorewall-init/shorewall-init.spec index 32409dc40..bbde62952 100644 --- a/Shorewall-init/shorewall-init.spec +++ b/Shorewall-init/shorewall-init.spec @@ -1,6 +1,6 @@ %define name shorewall-init %define version 4.4.16 -%define release 0RC1 +%define release 0base Summary: Shorewall-init adds functionality to Shoreline Firewall (Shorewall). Name: %{name} @@ -119,6 +119,8 @@ fi %doc COPYING changelog.txt releasenotes.txt %changelog +* Mon Jan 03 2011 Tom Eastep tom@shorewall.net +- Updated to 4.4.16-0base * Thu Dec 30 2010 Tom Eastep tom@shorewall.net - Updated to 4.4.16-0RC1 * Thu Dec 30 2010 Tom Eastep tom@shorewall.net diff --git a/Shorewall-init/uninstall.sh b/Shorewall-init/uninstall.sh index 2a4f82ce6..4dcadb185 100755 --- a/Shorewall-init/uninstall.sh +++ b/Shorewall-init/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.16-RC1 +VERSION=4.4.16 usage() # $1 = exit status { diff --git a/Shorewall-lite/install.sh b/Shorewall-lite/install.sh index 8357c0827..bf35fe81b 100755 --- a/Shorewall-lite/install.sh +++ b/Shorewall-lite/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.16-RC1 +VERSION=4.4.16 usage() # $1 = exit status { diff --git a/Shorewall-lite/shorewall-lite.spec b/Shorewall-lite/shorewall-lite.spec index 3fbbceb2e..6f7f05416 100644 --- a/Shorewall-lite/shorewall-lite.spec +++ b/Shorewall-lite/shorewall-lite.spec @@ -1,6 +1,6 @@ %define name shorewall-lite %define version 4.4.16 -%define release 0RC1 +%define release 0base Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems. Name: %{name} @@ -102,6 +102,8 @@ fi %doc COPYING changelog.txt releasenotes.txt %changelog +* Mon Jan 03 2011 Tom Eastep tom@shorewall.net +- Updated to 4.4.16-0base * Thu Dec 30 2010 Tom Eastep tom@shorewall.net - Updated to 4.4.16-0RC1 * Thu Dec 30 2010 Tom Eastep tom@shorewall.net diff --git a/Shorewall-lite/uninstall.sh b/Shorewall-lite/uninstall.sh index e8b204968..be958b981 100755 --- a/Shorewall-lite/uninstall.sh +++ b/Shorewall-lite/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.16-RC1 +VERSION=4.4.16 usage() # $1 = exit status { diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 9e63b3fc6..466e2fc1a 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -359,7 +359,7 @@ sub initialize( $ ) { EXPORT => 0, STATEMATCH => '-m state --state', UNTRACKED => 0, - VERSION => "4.4.16-RC1", + VERSION => "4.4.16", CAPVERSION => 40415 , ); diff --git a/Shorewall/install.sh b/Shorewall/install.sh index 8eb2de1b1..b86381a8f 100755 --- a/Shorewall/install.sh +++ b/Shorewall/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.16-RC1 +VERSION=4.4.16 usage() # $1 = exit status { diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index cc285f84a..5f2dcfec3 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -1,6 +1,5 @@ ---------------------------------------------------------------------------- S H O R E W A L L 4 . 4 . 1 6 - R C 1 ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -14,66 +13,6 @@ VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- -RC 1 - -1) Corrected an issue in Beta 7 whereby the jump to an action chain - in the nat table could be logged inappropriately (logging in an - action rule should be applied to the entries in the action body, - not to the jump itself). - -Beta 8 - -1) Previously, under very rare circumstances, a chain would be - optimized away while there were still jumps to the chain. This caused - Shorewall start/restart to fail during iptables-restore. - -2) Previously, the setting of BLACKLIST_DISPOSITION was not - validated. Now, an error is raised unless the value is DROP or REJECT. - -Beta 7 - -None. - -Beta 6 - -1) Previously, the root of a wildcard name erroneously matched that - name. For example 'eth' matched 'eth+'. Now there must be at least - one additional character (e.g., 'eth4'). - -2) Use of logical interface names in the notrack and ecn files - resulted in perl runtime warning messages. - -3) The use of wildcard-matching names in certain contexts would result - in anomalous behavior. Among the symptoms were: - - - Perl run-time messages similar to this one: - - Use of uninitialized value in numeric comparison (<=>) - at /usr/share/shorewall/Shorewall/Zones.pm line 1334. - - - Failure to treat the interface as optional or required. - -4) Where two ISPs share the same interface, if one of the ISPs was not - reachable, an iptables-restore error such as this occurred: - - iptables-restore v1.4.10: Bad mac address "-j" - -Beta 5 - -1) Previously, proxy ARP with logical interface names did not - work. Symptoms included numerous Perl runtime error messages. - -Beta 4 - -None. - -Beta 3 - -1) Compilation no longer fails when /bin/sh is an older (e.g., - RHEL5.x) bash. - -Beta 1 - 1) If the output of 'env' contained a multi-line value, then compilation failed with an Internal Error. The code has been changed so that the compiler now handles multi-line values @@ -89,6 +28,41 @@ Beta 1 .: 31: Can't open /etc/shorewall6/params ERROR: Processing of /etc/shorewall6/params failed +4) Compilation no longer fails when /bin/sh is an older (e.g., + RHEL5.x) bash. + +5) Previously, proxy ARP with logical interface names did not + work. Symptoms included numerous Perl runtime error messages. + +6) Previously, the root of a wildcard name erroneously matched that + name. For example 'eth' matched 'eth+'. Now there must be at least + one additional character (e.g., 'eth4'). + +7) Use of logical interface names in the notrack and ecn files + resulted in perl runtime warning messages. + +8) The use of wildcard-matching names in certain contexts would result + in anomalous behavior. Among the symptoms were: + + - Perl run-time messages similar to this one: + + Use of uninitialized value in numeric comparison (<=>) + at /usr/share/shorewall/Shorewall/Zones.pm line 1334. + + - Failure to treat the interface as optional or required. + +9) Where two ISPs share the same interface, if one of the ISPs was not + reachable, an iptables-restore error such as this occurred: + + iptables-restore v1.4.10: Bad mac address "-j" + +10) Previously, under very rare circumstances, a chain would be + optimized away while there were still jumps to the chain. This caused + Shorewall start/restart to fail during iptables-restore. + +11) Previously, the setting of BLACKLIST_DISPOSITION was not + validated. Now, an error is raised unless the value is DROP or REJECT. + ---------------------------------------------------------------------------- I I. K N O W N P R O B L E M S R E M A I N I N G ---------------------------------------------------------------------------- diff --git a/Shorewall/shorewall.spec b/Shorewall/shorewall.spec index 4b0aae2c6..4de7e57b8 100644 --- a/Shorewall/shorewall.spec +++ b/Shorewall/shorewall.spec @@ -1,6 +1,6 @@ %define name shorewall %define version 4.4.16 -%define release 0RC1 +%define release 0base Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. Name: %{name} @@ -109,6 +109,8 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples %changelog +* Mon Jan 03 2011 Tom Eastep tom@shorewall.net +- Updated to 4.4.16-0base * Thu Dec 30 2010 Tom Eastep tom@shorewall.net - Updated to 4.4.16-0RC1 * Thu Dec 30 2010 Tom Eastep tom@shorewall.net diff --git a/Shorewall/uninstall.sh b/Shorewall/uninstall.sh index 829360b43..17e3cd88a 100755 --- a/Shorewall/uninstall.sh +++ b/Shorewall/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.16-RC1 +VERSION=4.4.16 usage() # $1 = exit status { diff --git a/Shorewall6-lite/install.sh b/Shorewall6-lite/install.sh index 5e7144706..f5a9ad84c 100755 --- a/Shorewall6-lite/install.sh +++ b/Shorewall6-lite/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.16-RC1 +VERSION=4.4.16 usage() # $1 = exit status { diff --git a/Shorewall6-lite/shorewall6-lite.spec b/Shorewall6-lite/shorewall6-lite.spec index 6907fab15..9c900a53c 100644 --- a/Shorewall6-lite/shorewall6-lite.spec +++ b/Shorewall6-lite/shorewall6-lite.spec @@ -1,6 +1,6 @@ %define name shorewall6-lite %define version 4.4.16 -%define release 0RC1 +%define release 0base Summary: Shoreline Firewall 6 Lite is an ip6tables-based firewall for Linux systems. Name: %{name} @@ -93,6 +93,8 @@ fi %doc COPYING changelog.txt releasenotes.txt %changelog +* Mon Jan 03 2011 Tom Eastep tom@shorewall.net +- Updated to 4.4.16-0base * Thu Dec 30 2010 Tom Eastep tom@shorewall.net - Updated to 4.4.16-0RC1 * Thu Dec 30 2010 Tom Eastep tom@shorewall.net diff --git a/Shorewall6-lite/uninstall.sh b/Shorewall6-lite/uninstall.sh index 73d5ebcb0..4bdecaf2f 100755 --- a/Shorewall6-lite/uninstall.sh +++ b/Shorewall6-lite/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.16-RC1 +VERSION=4.4.16 usage() # $1 = exit status { diff --git a/Shorewall6/install.sh b/Shorewall6/install.sh index acc4ab8e5..c5dc13af7 100755 --- a/Shorewall6/install.sh +++ b/Shorewall6/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.16-RC1 +VERSION=4.4.16 usage() # $1 = exit status { diff --git a/Shorewall6/shorewall6.spec b/Shorewall6/shorewall6.spec index bdd80bbe9..9605eec41 100644 --- a/Shorewall6/shorewall6.spec +++ b/Shorewall6/shorewall6.spec @@ -1,6 +1,6 @@ %define name shorewall6 %define version 4.4.16 -%define release 0RC1 +%define release 0base Summary: Shoreline Firewall 6 is an ip6tables-based firewall for Linux systems. Name: %{name} @@ -98,6 +98,8 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn ipv6 Samples6 %changelog +* Mon Jan 03 2011 Tom Eastep tom@shorewall.net +- Updated to 4.4.16-0base * Thu Dec 30 2010 Tom Eastep tom@shorewall.net - Updated to 4.4.16-0RC1 * Thu Dec 30 2010 Tom Eastep tom@shorewall.net diff --git a/Shorewall6/uninstall.sh b/Shorewall6/uninstall.sh index 2dfa02843..ce9458466 100755 --- a/Shorewall6/uninstall.sh +++ b/Shorewall6/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.16-RC1 +VERSION=4.4.16 usage() # $1 = exit status {