mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-23 06:38:53 +01:00
Allow 'capabilities' file to be used with Shorewall
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5046 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
6f133e9783
commit
9749b617ef
@ -18,6 +18,9 @@ Changes in 3.3.6
|
||||
|
||||
9) Restore 'try' command and improve 'safe-' commands.
|
||||
|
||||
10) Allow capabilities file to be used with Shorewall as well as
|
||||
Shorewall Lite.
|
||||
|
||||
Changes in 3.3.5
|
||||
|
||||
1) Restore default route when there are no 'balance' providers.
|
||||
|
@ -1869,7 +1869,10 @@ do_initialize() {
|
||||
else
|
||||
[ -e "$IPTABLES" ] || fatal_error "\$IPTABLES=$IPTABLES does not exist or is not executable"
|
||||
fi
|
||||
determine_capabilities
|
||||
|
||||
f=$(find_file capabilities)
|
||||
|
||||
if [ -f $f ] && . $f || determine_capabilities
|
||||
|
||||
else
|
||||
f=$(find_file capabilities)
|
||||
|
@ -115,6 +115,19 @@ Other Changes in 3.3.6
|
||||
|
||||
export firewall2
|
||||
|
||||
8) Shorewall commands may be speeded up slightly by using a
|
||||
'capabilities' file. The 'capabilities' file was originally
|
||||
designed for use with Shorewall Lite and records the
|
||||
iptables/Netfilter features available on the target system.
|
||||
|
||||
To generate a capabilities file, execute the following command as
|
||||
root:
|
||||
|
||||
shorewall show -f capabilities > /etc/shorewall/capabilities
|
||||
|
||||
When you install a new kernel and/or iptables, be sure to generate
|
||||
a new file.
|
||||
|
||||
Migration Considerations:
|
||||
|
||||
1) Shorewall supports the notion of "default actions". A default
|
||||
|
Loading…
Reference in New Issue
Block a user