extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-08-16 11:44:28 +02:00
Code Issues Packages Projects Releases Wiki Activity

Shorewall-1.4.7a

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@774 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep
2003-10-21 22:22:44 +00:00
parent f6c8974bda
commit 7bb80bf3fe
16 changed files with 1112 additions and 1003 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
STABLE/documentation/News.htm
View File

@ -19,6 +19,54 @@
</tr>
</tbody>
</table>
<p><b>10/21/2003 - Shorewall 1.4.7a<br>
</b></p>
<p>This is a bugfix rollup of the following problem corrections:<br>
</p>
<ol>
<li>Tuomo Soini has supplied a correction to a problem that occurs
using some versions of 'ash'. The symptom is that "shorewall start"
fails with:<br>
&nbsp;<br>
&nbsp;&nbsp; local: --limit: bad variable name<br>
&nbsp;&nbsp; iptables v1.2.8: Couldn't load match
`-j':/lib/iptables/libipt_-j.so:<br>
&nbsp;&nbsp; cannot open shared object file: No such file or directory<br>
&nbsp;&nbsp; Try `iptables -h' or 'iptables --help' for more
information.<br>
<br>
</li>
<li>Andres Zhoglo has supplied a correction that avoids trying to use
the multiport match iptables facility on ICMP rules.<br>
&nbsp;<br>
&nbsp;&nbsp; Example of rule that previously caused "shorewall start"
to fail:<br>
&nbsp;<br>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
ACCEPT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; loc&nbsp; $FW&nbsp;
icmp&nbsp;&nbsp;&nbsp; 0,8,11,12<br>
<br>
</li>
<li>Previously, if the following error message was issued, Shorewall
was left in an inconsistent state.<br>
&nbsp;<br>
&nbsp;&nbsp; Error: Unable to determine the routes routes through
interface xxx<br>
<br>
</li>
<li>Handling of the LOGUNCLEAN option in shorewall.conf has been
corrected.</li>
<li>In Shorewall 1.4.2, an optimization was added. This optimization
involved creating a chain named "&lt;zone&gt;_frwd" for most zones
defined using the /etc/shorewall/hosts file. It has since been
discovered that in many cases these new chains contain redundant rules
and that the "optimization" turns out to be less than optimal. The
implementation has now been corrected.</li>
<li>When the MARK value in a tcrules entry is followed by ":F" or
":P", the ":F" or ":P" was previously only applied to the first
Netfilter rule generated by the entry. It is now applied to all entries.<br>
</li>
</ol>
<p><b>10/06/2003 - Shorewall 1.4.7</b><b><br>
</b></p>
<b>Problems Corrected since version 1.4.6 (Those in bold font were