extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-16 19:30:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Clean up release notes

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@6253 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-05-05 23:44:24 +00:00
parent d826944666
commit a9ba8c8ad4
2 changed files with 50 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Shorewall-common/changelog.txt
View File

@ -1,3 +1,7 @@
Changes in 3.9.7
1) Clean up release notes.
Changes in 3.9.6 Changes in 3.9.6
1) Fix parsing problems in protocol handling. 1) Fix parsing problems in protocol handling.

148
Shorewall-common/releasenotes.txt
View File

@ -1,4 +1,4 @@
Shorewall 3.9.6 Shorewall 3.9.7
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
R E L E A S E H I G H L I G H T S R E L E A S E H I G H L I G H T S
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
@ -15,111 +15,13 @@ Shorewall 3.9.6
You must install Shorewall and at least one of the compiler packages You must install Shorewall and at least one of the compiler packages
(you may install them both). (you may install them both).
Problems corrected in 3.9.6. Problems corrected in 3.9.7.
1) Placing 'ipp2p' in the PROTOCOL column of configuration files now None.
works.
2) Previously, '!' in the TEST column of the tcrules file was not
handled correctly.
3) The code generated for copying routing tables from provider file
entries was previously incorrect, resulting in run-time errors.
4) Previously, using an ipset in a rule would generate invalid
iptables-restore input.
5) Previously, use of CONTINUE in the tcrules file would cause
generation of invalid iptables-restore input.
6) If a chain's only reference is in the ACTION column of an
accounting rule, a run-time error would occur:
iptables-restore v1.3.6: Couldn't load target
`SJS':/lib/iptables/libipt_SJS.so: cannot open shared object file: No such
file or directory
7) A problem with merging the log level and tag in macro or action
invocations has been corrected.
8) An empty action body no longer results in a run-time error.
9) Shorewall-perl now traps the case where an action invokes itself.
10) Shorewall-perl now traps COMMENT followed by a colon (":") and a
log level.
11) COMMENT in an action body is now properly handled.
12) LOG rules in macros are now handled correctly.
13) Parsing of 'ipp2p' rules has been corrected.
14) Inversion is now handled correctly in packet/connection mark tests.
15) Parsing errors in RATE/BURST and USER/GROUP columns have been
eliminated.
16) ipsets have now been tested and several bugs in their handling have
been corrected.
17) Errors in handling the SOURCE and DEST column during macro
expansion have been corrected.
18) The correct mask is now used when testing HIGH_ROUTE_MARK marks.
19) Shorewall-perl now correctly handles the COPY column in provider
definitions.
20) A number of cases where Shorewall-perl did not handle undefined
zones have been corrected.
21) A number of bugs relating to parsing the tunnels file have been
corrected.
Other changes in Shorewall 3.9.6. Other changes in Shorewall 3.9.6.
1) Eariler generations of Shorewall Lite required that remote root None.
login via ssh be enabled in order to use the 'load' and 'reload'
commands.
Beginning with this release, you may define an alternative means
for accessing the remote firewall system.
Two new options have been added to shorewall.conf:
RSH_COMMAND
RCP_COMMAND
The default values for these are as follows:
RSH_COMMAND: ssh ${root}@${system} ${command}
RCP_COMMAND: scp ${files} ${root}@${system}:${destination}
Shell variables that will be set when the commands are envoked are
as follows:
root - root user. Normally 'root' but may be overridden using
the '-r' option.
system - The name/IP address of the remote firewall system.
command - For RSH_COMMAND, the command to be executed on the
firewall system.
files - For RCP_COMMAND, a space-separated list of files to
be copied to the remote firewall system.
destination - The directory on the remote system that the files
are to be copied into.
2) The accounting, masq, rules and tos files now have a 'MARK' column
similar to the column of the same name in the tcrules file. This
column allows filtering by MARK and CONNMARK value.
3) SOURCE and DEST are now reserved zone names to avoid problems with
bi-directional macro definisions which use these as names as key
words.
Migration Considerations: Migration Considerations:
@ -453,6 +355,48 @@ Migration Considerations:
option option
Keep - Shorewall ignores the option entirely. Keep - Shorewall ignores the option entirely.
6) Eariler generations of Shorewall Lite required that remote root
login via ssh be enabled in order to use the 'load' and 'reload'
commands.
Beginning with this release, you may define an alternative means
for accessing the remote firewall system.
Two new options have been added to shorewall.conf:
RSH_COMMAND
RCP_COMMAND
The default values for these are as follows:
RSH_COMMAND: ssh ${root}@${system} ${command}
RCP_COMMAND: scp ${files} ${root}@${system}:${destination}
Shell variables that will be set when the commands are envoked are
as follows:
root - root user. Normally 'root' but may be overridden using
the '-r' option.
system - The name/IP address of the remote firewall system.
command - For RSH_COMMAND, the command to be executed on the
firewall system.
files - For RCP_COMMAND, a space-separated list of files to
be copied to the remote firewall system.
destination - The directory on the remote system that the files
are to be copied into.
7) The accounting, masq, rules and tos files now have a 'MARK' column
similar to the column of the same name in the tcrules file. This
column allows filtering by MARK and CONNMARK value.
8) SOURCE and DEST are now reserved zone names to avoid problems with
bi-directional macro definitions which use these as names as key
words.
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
P R E R E Q U I S I T E S P R E R E Q U I S I T E S
---------------------------------------------------------------------------- ----------------------------------------------------------------------------