extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-05-29 22:18:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

Final editing of release notes

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-01-14 08:25:32 -08:00
parent 81a5723009
commit 45d975cb45
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Shorewall/releasenotes.txt
View File

@ -178,10 +178,10 @@ Shorewall 4.4.6
P R O B L E M S C O R R E C T E D I N 4 . 4 . 6 P R O B L E M S C O R R E C T E D I N 4 . 4 . 6
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
1) A 'feature' of xtables-addons when applied to Lenny causes extra 1) A 'feature' of xtables-addons when applied to Debian Lenny causes
/31 networks to appear for nethash sets in the output of "ipset extra /31 networks to appear for nethash sets in the output of
-L" and "ipset -S". A hack has been added to prevent these from "ipset -L" and "ipset -S". A hack has been added to prevent these
being saved when Shorewall is saving IPSETS during 'stop'. from being saved when Shorewall is saving IPSETS during 'stop'.
As part of this change, the generated script is more careful about As part of this change, the generated script is more careful about
verifying the existence of the correct ipset utility before using verifying the existence of the correct ipset utility before using
@ -289,9 +289,9 @@ None.
8) Previously, when TC_EXPERT=No, packets arriving through 'tracked' 8) Previously, when TC_EXPERT=No, packets arriving through 'tracked'
provider interfaces were unconditionally passed to the PREROUTING provider interfaces were unconditionally passed to the PREROUTING
tcrules. This was done so that tcrules could reset the packet mark tcrules. This was done so that tcrules could reset the packet mark
to zero so that the packet would be routed using the 'main' routing to zero, thus allowing the packet to be routed using the 'main'
table. Using the main table allowed dynamic routes (such as those routing table. Using the main table allowed dynamic routes (such as
added for VPNs) to be effective. those added for VPNs) to be effective.
The route_rules file was created to provide a better alternative The route_rules file was created to provide a better alternative
to clearing the packet mark. As a consequence, passing these to clearing the packet mark. As a consequence, passing these