extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-11-14 19:54:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update documentation regarding FLOW_FILTER

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-02-11 14:35:12 -08:00
parent b35f20b403
commit 757fea7467
1 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
Shorewall/releasenotes.txt
View File

@ -211,12 +211,19 @@ Shorewall 4.4.7
5) Previously, specifying a TYPE in /etc/shorewall/tcinterfaces would 5) Previously, specifying a TYPE in /etc/shorewall/tcinterfaces would
cause start/restart to fail on systems lacking 'flow' classifier cause start/restart to fail on systems lacking 'flow' classifier
support. While we currently know of no safe way to test for that support. In Shorewall 4.4.7, we detect the ability of the 'tc'
support, in Shorewall 4.4.7 we use other hints to surmise that the utility to support that classifier.
installed toolset is likely to be too old to support 'flow' and
simply ignore the TYPE setting. In particular, RHEL5 and There are two caveats:
derivatives no lonter experience a startup failure when TYPE is
specified. - 'tc' may support 'flow' but the kernel does not. In that case,
start/restart will still fail.
- If you use a capabilities file, you will need to regenerate the
file using shorewall-lite 4.4.7 in order for 'flow' to be
accurately detected. If you do not regenerate the file, the
compiler will use other hints to try to determine if 'flow' is
available.
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
K N O W N P R O B L E M S R E M A I N I N G K N O W N P R O B L E M S R E M A I N I N G