Update verions to 3.4.0-RC3

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5441 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall-lite/fallback.sh

@@ -28,7 +28,7 @@
 #       shown below. Simply run this script to revert to your prior version of
 #       Shoreline Firewall.
 
-VERSION=3.4.0
+VERSION=3.4.0-RC3
 
 usage() # $1 = exit status
 {

Shorewall-lite/install.sh

@@ -22,7 +22,7 @@
 #       Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #
 
-VERSION=3.4.0
+VERSION=3.4.0-RC3
 
 usage() # $1 = exit status
 {

Shorewall-lite/shorewall-lite.spec

@@ -1,6 +1,6 @@
 %define name shorewall-lite
 %define version 3.4.0
-%define release 1
+%define release 0RC3
 %define prefix /usr
 
 Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems.
@@ -99,8 +99,8 @@ fi
 %doc COPYING changelog.txt releasenotes.txt
 
 %changelog
-* Fri Feb 16 2007 Tom Eastep tom@shorewall.net
-- Updated to 3.4.0-1
+* Sun Feb 25 2007 Tom Eastep tom@shorewall.net
+- Updated to 3.4.0-0RC3
 * Sun Feb 04 2007 Tom Eastep tom@shorewall.net
 - Updated to 3.4.0-0RC2
 * Wed Jan 24 2007 Tom Eastep tom@shorewall.net

Shorewall-lite/uninstall.sh

@@ -26,7 +26,7 @@
 #       You may only use this script to uninstall the version
 #       shown below. Simply run this script to remove Shorewall Firewall
 
-VERSION=3.4.0
+VERSION=3.4.0-RC3
 
 usage() # $1 = exit status
 {

Shorewall/changelog.txt

@@ -1,4 +1,4 @@
-Changes in 3.4.0 Final
+Changes in 3.4.0 RC 3
 
 1)  Add warning about 'loose' and 'balance'
 

Shorewall/fallback.sh

@@ -28,7 +28,7 @@
 #       shown below. Simply run this script to revert to your prior version of
 #       Shoreline Firewall.
 
-VERSION=3.4.0
+VERSION=3.4.0-RC3
 
 usage() # $1 = exit status
 {

Shorewall/install.sh

@@ -22,7 +22,7 @@
 #       Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA
 #
 
-VERSION=3.4.0
+VERSION=3.4.0-RC3
 
 usage() # $1 = exit status
 {

Shorewall/releasenotes.txt

@@ -1,4 +1,4 @@
-Shorewall 3.4.0
+Shorewall 3.4.0 RC3
 
 Release Highlights
 
@@ -28,7 +28,7 @@ Release Highlights
     /etc/shorewall/route_rules and reverses those changes when
     appropriate.
 
-Problems Corrected in 3.4.0 Final
+Problems Corrected in 3.4.0 RC3
 
 1)  The route_rules file was being ignored. This has been corrected.
 
@@ -46,7 +46,7 @@ Problems Corrected in 3.4.0 Final
     intra-zone traffic to be rejected by rules for one of the
     parent zones.
 
-Other Changes in 3.4.0 Final
+Other Changes in 3.4.0 RC3
 
 1)  A warning is now issued when 'loose' and 'balance' are specified together
     for a provider. This combination of options can lead to packets being
@@ -695,3 +695,140 @@ New Features in Shorewall 3.4:
     Note: EXPORTPARAMS was actually introduced in Shorewall version
     3.2.9. It is described here for the benefit of those who did not
     install that version.
+
+Problems Corrected in 3.4.0 Beta 1.
+
+1)  It is now possible to place entries in the IPSEC column of 
+    /etc/shorewall/masq without having specified ipsec zones or hosts.
+
+2)  The /etc/shorewall/masq file is no longer ignored when the
+    /etc/shorewall/nat file is empty.
+
+Problems Corrected in 3.4.0 Beta 2
+
+1)  If 'blacklist' was specified on an interface and the
+    /etc/shorewall/blacklist file was empty, then the generated
+    firewall script contained a syntax error (the function
+    load_blacklist() was empty).
+
+2)  If the file /etc/shorewall/init did not exist, then the compiler
+    would incorrectly copy /usr/share/shorewall/init into the
+    compiled script. /usr/share/shorewall/init is a symbolic link
+    to the Shorewall init script (usually /etc/init.d/shorewall).
+
+3)  To allow Shorewall and Shorewall Lite to coexist on a single
+    system, the Shorewall section 5 manpages are no longer included in
+    Shorewall Lite. In addition, the Shorewall Lite manpage for
+    "shorewall.conf" has been renamed "shorewall-lite.conf". This
+    has resulted in a similar change to the actual file --
+    /etc/shorewall-lite/shorewall.conf has been renamed
+    /etc/shorewall-lite/shorewall-lite.conf.
+
+Problems Corrected in 3.4.0 Beta 3
+
+1)  Shorewall now supports VLAN interfaces with names of the form
+    vlan@ethX.
+
+2)  Previously, "ipp2p:udp" was incorrectly rejected in the PROTO
+    column of an action definition.
+
+3)  Previously, if an invalid DISPOSITION was specified in a record in
+    /etc/shorewall/maclist, then a confusing error message would
+    result.
+
+    Example:
+
+    /etc/shorewall/mac:
+
+	ALOW:info	eth0	02:0C:03:04:05:06
+
+    Error message:
+
+	ERROR: No hosts on ALOW:info have the maclist option specified
+
+    The new error message is:
+
+        ERROR: Invalid DISPOSITION (ALOW:info) in rule "ALOW:info eth0
+        02:0C:03:04:05:06"
+
+Problems Corrected in 3.4.0 RC1
+
+1)  While most distributions store the Shorewall Lite compiled program
+    in /var/lib/shorewall/, Shorewall includes features that allow that
+    location to be changed on a per-distribution basis. The default for
+    a particular distribution may be determined by the command
+    "shorewall[-lite] show config".
+
+        teastep@lists:~/shorewall/trunk$ shorewall show config
+	Default CONFIG_PATH is /etc/shorewall:/usr/share/shorewall
+	LITEDIR is /var/lib/shorewall-lite
+	teastep@lists:~/shorewall/trunk$
+
+    The LITEDIR setting is the location where the compiled script
+    should be placed. Unfortunately, the "shorewall [re]load" command
+    previously used the setting on the administrative system rather
+    than the one from the firewall system so it was possible for that
+    command to upload the compiled script to the wrong directory.
+
+    To work around this problem, Shorewall now determines the LITEDIR
+    setting on the firewall system and uses that setting for uploading
+    the compiled script and its companion .conf file.
+
+2)  Previously, IP ranges and ipset names were handled incorrectly in
+    the last column of the maclist file with the result that run-time
+    errors occured.
+
+3)  The Beta3 manpages are sprinked with .html filenames enclosed in
+    square brackets.
+
+    Example:
+
+	...set MARK_IN_FORWARD_CHAIN=Yes in shorewall.conf
+	[shorewall.conf.html](5) and have...
+ 
+    These were generated by <ulink> elements in the XML source which
+    were added to provide inter-document links in the HTML rendition of
+    the manpages. <ulink>s were previously ignored by the XML->man
+    conversion tool; unfortunately, the latest release of the tool
+    no longer ignores these elements but rather produces the ugly
+    result shown above.
+
+    This problem has been corrected in RC1.
+
+4)  Previously, if "INCLUDE <filename>" appeared in
+    /etc/shorewall/params then run-time errors occurred.
+
+    As part of the fix for this problem, the mechanism by which
+    /etc/shorewall/params is copied into the compiler output was
+    changed. As a result, extra white space is removed from the text
+    during the copy operation so code in /etc/shorewall/params should
+    not depend on precise white-space, even in quoted strings.
+
+Other Changes in 3.4.0 RC 1
+
+1)  A macro that handles SixXS has been contributed by Christian
+    Roessner.
+
+Problems Corrected in 3.4.0 RC2
+
+1)  The new SIP and H323 Netfilter helper modules were not being
+    automatically loaded by Shorewall. They have now been added to the
+    /usr/share/shorewall[-lite]/modules files.
+
+2)  It is quite difficult to code a 'params' file that assigns other
+    than constant values such that it works correctly with Shorewall
+    Lite. To work around this problem, a new EXPORTPARAMS option
+    has been added to shorewall.conf. When EXPORTPARAMS=No, the
+    'params' file is no longer copied to the compiler output.
+
+    With EXPORTPARAMS=No, if you need to set environmental variables on
+    the firewall system for use by your extension scripts, then do so
+    in the init extension script.
+
+    The default is EXPORTPARAMS=Yes to retain the current behavior.
+
+    This fix is brought forward from Shorewall version 3.2.9.
+ 
+Other Changes in 3.4.0 RC 2
+
+None.

Shorewall/shorewall.spec

@@ -1,6 +1,6 @@
 %define name shorewall
 %define version 3.4.0
-%define release 1
+%define release 0RC3
 %define prefix /usr
 
 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
@@ -260,8 +260,8 @@ fi
 %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn Samples
 
 %changelog
-* Fri Feb 16 2007 Tom Eastep tom@shorewall.net
-- Updated to 3.4.0-1
+* Sun Feb 25 2007 Tom Eastep tom@shorewall.net
+- Updated to 3.4.0-0RC3
 * Sun Feb 04 2007 Tom Eastep tom@shorewall.net
 - Updated to 3.4.0-0RC2
 * Wed Jan 24 2007 Tom Eastep tom@shorewall.net

Shorewall/uninstall.sh

@@ -26,7 +26,7 @@
 #       You may only use this script to uninstall the version
 #       shown below. Simply run this script to remove Shorewall Firewall
 
-VERSION=3.4.0
+VERSION=3.4.0-RC3
 
 usage() # $1 = exit status
 {