diff --git a/Shorewall-init/install.sh b/Shorewall-init/install.sh index 08df0f7b3..6729c8e13 100755 --- a/Shorewall-init/install.sh +++ b/Shorewall-init/install.sh @@ -23,7 +23,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.21-Beta3 +VERSION=4.4.21-RC1 usage() # $1 = exit status { diff --git a/Shorewall-init/shorewall-init.spec b/Shorewall-init/shorewall-init.spec index 78f9a467e..d20aa2d80 100644 --- a/Shorewall-init/shorewall-init.spec +++ b/Shorewall-init/shorewall-init.spec @@ -1,6 +1,6 @@ %define name shorewall-init %define version 4.4.21 -%define release 0Beta3 +%define release 0RC1 Summary: Shorewall-init adds functionality to Shoreline Firewall (Shorewall). Name: %{name} @@ -119,6 +119,8 @@ fi %doc COPYING changelog.txt releasenotes.txt %changelog +* Thu Jun 23 2011 Tom Eastep tom@shorewall.net +- Updated to 4.4.21-0RC1 * Sun Jun 19 2011 Tom Eastep tom@shorewall.net - Updated to 4.4.21-0Beta3 * Sat Jun 18 2011 Tom Eastep tom@shorewall.net diff --git a/Shorewall-init/uninstall.sh b/Shorewall-init/uninstall.sh index 467f36506..d9da02048 100755 --- a/Shorewall-init/uninstall.sh +++ b/Shorewall-init/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.21-Beta3 +VERSION=4.4.21-RC1 usage() # $1 = exit status { diff --git a/Shorewall-lite/install.sh b/Shorewall-lite/install.sh index ba8ddc8f4..5ef974e19 100755 --- a/Shorewall-lite/install.sh +++ b/Shorewall-lite/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.21-Beta3 +VERSION=4.4.21-RC1 usage() # $1 = exit status { diff --git a/Shorewall-lite/shorewall-lite.spec b/Shorewall-lite/shorewall-lite.spec index b7c89acc3..f1c0ee0a6 100644 --- a/Shorewall-lite/shorewall-lite.spec +++ b/Shorewall-lite/shorewall-lite.spec @@ -1,6 +1,6 @@ %define name shorewall-lite %define version 4.4.21 -%define release 0Beta3 +%define release 0RC1 Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems. Name: %{name} @@ -103,6 +103,8 @@ fi %doc COPYING changelog.txt releasenotes.txt %changelog +* Thu Jun 23 2011 Tom Eastep tom@shorewall.net +- Updated to 4.4.21-0RC1 * Sun Jun 19 2011 Tom Eastep tom@shorewall.net - Updated to 4.4.21-0Beta3 * Sat Jun 18 2011 Tom Eastep tom@shorewall.net diff --git a/Shorewall-lite/uninstall.sh b/Shorewall-lite/uninstall.sh index 5c048e872..dd41a1776 100755 --- a/Shorewall-lite/uninstall.sh +++ b/Shorewall-lite/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.21-Beta3 +VERSION=4.4.21-RC1 usage() # $1 = exit status { diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index 456d1e375..0bd35dea6 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -432,7 +432,7 @@ sub initialize( $ ) { EXPORT => 0, STATEMATCH => '-m state --state', UNTRACKED => 0, - VERSION => "4.4.21-Beta3", + VERSION => "4.4.21-RC1", CAPVERSION => 40421 , ); # diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index ae2d67a8e..745b13845 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -1,3 +1,7 @@ +Changes in Shorewall 4.4.21 RC 1 + +None. + Changes in Shorewall 4.4.21 Beta 3 1) Shorewall-init can now save/restore ipsets. diff --git a/Shorewall/install.sh b/Shorewall/install.sh index 10a72732f..f3dd4a1c5 100755 --- a/Shorewall/install.sh +++ b/Shorewall/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.21-Beta3 +VERSION=4.4.21-RC1 usage() # $1 = exit status { diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 986c149cc..402a3b9fb 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -1,5 +1,5 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 4 . 2 1 B e t a 3 + S H O R E W A L L 4 . 4 . 2 1 R C I ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -13,7 +13,8 @@ VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- -None. +1) All problems corrections included in Shorewall 4.4.20.1 - 4.4.20.3 + (see below). ---------------------------------------------------------------------------- I I. K N O W N P R O B L E M S R E M A I N I N G @@ -387,6 +388,50 @@ V I. P R O B L E M S C O R R E C T E D A N D N E W F E A T U R E S P R O B L E M S C O R R E C T E D I N 4 . 4 . 2 0 ---------------------------------------------------------------------------- +4.4.20.3 + +1) Deprecated options have been removed from the .conf files. + They remain in the man pages. + +2) A simple configuration like the 'Universal' sample that includes a + single wildcard interface ('+' in the INTERFACE column) produces a + ruleset that blocks all incoming packets. + + As part of correcting this defect, which was introduced in + 4.4.20.2, one or more superfluous rules (which could never match) + have been eliminated from most configurations. + +4.4.20.2 + +1) Problem Corrected #1 from 4.4.19.4 was inadvertently omitted from + 4.4.20. It is now included. + +2) A defect introduced in 4.4.20 could cause the following failure at + start/restart: + + ERROR: Command "tc qdisc add dev eth0 parent 1:11 handle 1: + sfq quantum 12498 limit 127 perturb 10" failed + +3) The 'sfilter' interface option introduced in 4.4.20 was only + applied to forwarded traffic. Now it is also applied to traffic + addressed to the firewall itself. + +4) IPSEC traffic is now (correctly) excluded from sfilter. + +5) Shorewall 4.4.20 could, under some circumstances, fail during + iptables-restore with a message such as the following: + + iptables-restore v1.4.10: Couldn't load target + `dsl0_fwd':/usr/lib/xtables/libipt_dsl0_fwd.so: cannot open shared object + file: No such file or directory + + Error occurred at line: 113 + Try `iptables-restore -h' or 'iptables-restore --help' for more + information. + + ERROR: iptables-restore Failed. Input is in + /var/lib/shorewall/.iptables-restore-input + 6) The following incorrect warning message has been eliminated: WARNING: sfilter is ineffective with FASTACCEPT=Yes diff --git a/Shorewall/shorewall.spec b/Shorewall/shorewall.spec index 61f291e17..d175beed0 100644 --- a/Shorewall/shorewall.spec +++ b/Shorewall/shorewall.spec @@ -1,6 +1,6 @@ %define name shorewall %define version 4.4.21 -%define release 0Beta3 +%define release 0RC1 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. Name: %{name} @@ -111,6 +111,8 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples %changelog +* Thu Jun 23 2011 Tom Eastep tom@shorewall.net +- Updated to 4.4.21-0RC1 * Sun Jun 19 2011 Tom Eastep tom@shorewall.net - Updated to 4.4.21-0Beta3 * Sat Jun 18 2011 Tom Eastep tom@shorewall.net diff --git a/Shorewall/uninstall.sh b/Shorewall/uninstall.sh index 40c6de9f2..f8dbcecdd 100755 --- a/Shorewall/uninstall.sh +++ b/Shorewall/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.21-Beta3 +VERSION=4.4.21-RC1 usage() # $1 = exit status { diff --git a/Shorewall6-lite/install.sh b/Shorewall6-lite/install.sh index 64a1b4a58..4a2c2a3dd 100755 --- a/Shorewall6-lite/install.sh +++ b/Shorewall6-lite/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.21-Beta3 +VERSION=4.4.21-RC1 usage() # $1 = exit status { diff --git a/Shorewall6-lite/shorewall6-lite.spec b/Shorewall6-lite/shorewall6-lite.spec index a21aae45d..e1ce5e707 100644 --- a/Shorewall6-lite/shorewall6-lite.spec +++ b/Shorewall6-lite/shorewall6-lite.spec @@ -1,6 +1,6 @@ %define name shorewall6-lite %define version 4.4.21 -%define release 0Beta3 +%define release 0RC1 Summary: Shoreline Firewall 6 Lite is an ip6tables-based firewall for Linux systems. Name: %{name} @@ -94,6 +94,8 @@ fi %doc COPYING changelog.txt releasenotes.txt %changelog +* Thu Jun 23 2011 Tom Eastep tom@shorewall.net +- Updated to 4.4.21-0RC1 * Sun Jun 19 2011 Tom Eastep tom@shorewall.net - Updated to 4.4.21-0Beta3 * Sat Jun 18 2011 Tom Eastep tom@shorewall.net diff --git a/Shorewall6-lite/uninstall.sh b/Shorewall6-lite/uninstall.sh index 5840c23d6..dcdb0f75f 100755 --- a/Shorewall6-lite/uninstall.sh +++ b/Shorewall6-lite/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.21-Beta3 +VERSION=4.4.21-RC1 usage() # $1 = exit status { diff --git a/Shorewall6/install.sh b/Shorewall6/install.sh index 5fd8c6d7f..fa374efb4 100755 --- a/Shorewall6/install.sh +++ b/Shorewall6/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.21-Beta3 +VERSION=4.4.21-RC1 usage() # $1 = exit status { diff --git a/Shorewall6/shorewall6.spec b/Shorewall6/shorewall6.spec index 88f25637a..0dc77c4b8 100644 --- a/Shorewall6/shorewall6.spec +++ b/Shorewall6/shorewall6.spec @@ -1,6 +1,6 @@ %define name shorewall6 %define version 4.4.21 -%define release 0Beta3 +%define release 0RC1 Summary: Shoreline Firewall 6 is an ip6tables-based firewall for Linux systems. Name: %{name} @@ -101,6 +101,8 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn ipv6 Samples6 %changelog +* Thu Jun 23 2011 Tom Eastep tom@shorewall.net +- Updated to 4.4.21-0RC1 * Sun Jun 19 2011 Tom Eastep tom@shorewall.net - Updated to 4.4.21-0Beta3 * Sat Jun 18 2011 Tom Eastep tom@shorewall.net diff --git a/Shorewall6/uninstall.sh b/Shorewall6/uninstall.sh index 6e76d03c7..0c0503784 100755 --- a/Shorewall6/uninstall.sh +++ b/Shorewall6/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.21-Beta3 +VERSION=4.4.21-RC1 usage() # $1 = exit status {