Allow 'capabilities' file to be used with Shorewall

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5046 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2006-12-04 16:31:48 +00:00
parent 6f133e9783
commit 9749b617ef
3 changed files with 20 additions and 1 deletions

View File

@ -18,6 +18,9 @@ Changes in 3.3.6
9) Restore 'try' command and improve 'safe-' commands. 9) Restore 'try' command and improve 'safe-' commands.
10) Allow capabilities file to be used with Shorewall as well as
Shorewall Lite.
Changes in 3.3.5 Changes in 3.3.5
1) Restore default route when there are no 'balance' providers. 1) Restore default route when there are no 'balance' providers.

View File

@ -1869,7 +1869,10 @@ do_initialize() {
else else
[ -e "$IPTABLES" ] || fatal_error "\$IPTABLES=$IPTABLES does not exist or is not executable" [ -e "$IPTABLES" ] || fatal_error "\$IPTABLES=$IPTABLES does not exist or is not executable"
fi fi
determine_capabilities
f=$(find_file capabilities)
if [ -f $f ] && . $f || determine_capabilities
else else
f=$(find_file capabilities) f=$(find_file capabilities)

View File

@ -115,6 +115,19 @@ Other Changes in 3.3.6
export firewall2 export firewall2
8) Shorewall commands may be speeded up slightly by using a
'capabilities' file. The 'capabilities' file was originally
designed for use with Shorewall Lite and records the
iptables/Netfilter features available on the target system.
To generate a capabilities file, execute the following command as
root:
shorewall show -f capabilities > /etc/shorewall/capabilities
When you install a new kernel and/or iptables, be sure to generate
a new file.
Migration Considerations: Migration Considerations:
1) Shorewall supports the notion of "default actions". A default 1) Shorewall supports the notion of "default actions". A default