extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-26 01:23:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Document double exclusion fix

Browse Source
This commit is contained in:
Tom Eastep 2011-05-03 13:54:54 -07:00
parent e7831d5a15
commit 6603978ba4
2 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall/changelog.txt
View File

@ -5,6 +5,8 @@ Changes in Shorewall 4.4.19.2
2) Correct several complex TC issues reported by Mr Dash4.
3) Detect double exclusion involving ipset expressions.
Changes in Shorewall 4.4.19.1
1) Eliminate silly duplicate rule when stopped.

9
Shorewall/releasenotes.txt
View File

@ -56,6 +56,15 @@ VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
d) Where there are more than 10 tcdevices, tcfilter entries could
generate invalid rules.
3) Double exclusion involving ipset lists was previously not detected,
resulting in anomalous behavior.
Example:
ACCEPT:info $FW net:!10.1.0.7,10.1.0.9,+[!my-host[src]]]
Such cases now result in a compilation error.
4.4.19.1
1) A duplicate ACCEPT rule in the INPUT chain has been eliminated when