diff --git a/Shorewall2/action.AllowNTP b/Shorewall2/action.AllowNTP index 341bc6a3b..189f62a9a 100644 --- a/Shorewall2/action.AllowNTP +++ b/Shorewall2/action.AllowNTP @@ -7,4 +7,5 @@ #TARGET SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE # PORT PORT(S) DEST LIMIT ACCEPT - - udp 123 +ACCEPT - - udp 1024: 123 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE diff --git a/Shorewall2/changelog.txt b/Shorewall2/changelog.txt index de2451b72..85b6e3288 100644 --- a/Shorewall2/changelog.txt +++ b/Shorewall2/changelog.txt @@ -116,3 +116,5 @@ Changes since 2.0.3 55) Added LOGALLNEW support. 56) Fix typo in check_config() + +27) Allow outgoing NTP responses in action.AllowNTP. diff --git a/Shorewall2/releasenotes.txt b/Shorewall2/releasenotes.txt index 9a49254d3..65253b33f 100755 --- a/Shorewall2/releasenotes.txt +++ b/Shorewall2/releasenotes.txt @@ -101,6 +101,9 @@ Problems corrected since 2.2.0 Beta 1. /usr/share/shorewall/firewall: line 2753: check_dupliate_zones: command not found + +2) The AllowNTP standard action now allows outgoing responses to + broadcasts. ----------------------------------------------------------------------- Issues when migrating from Shorewall 2.0 to Shorewall 2.1: