Update config files with cmd-owner info

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2940 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2025-01-23 22:18:57 +01:00 · 2005-10-31 21:23:16 +00:00 · 2005-10-31 21:23:16 +00:00 · c5c38c4a55
commit c5c38c4a55
parent 08993cfe08
7 changed files with 21 additions and 7 deletions
--- a/Shorewall/accounting
+++ b/Shorewall/accounting
@ -92,7 +92,9 @@
 #					#the 'kids' group
 #				!:kids	#program must not be run by a member
 #					#of the 'kids' group
-#				+upnpd	#program named upnpd
+#				+upnpd	#program named upnpd (This feature was
+#					#removed from Netfilter in kernel
+#					#version 2.6.14).
 #
 #	In all of the above columns except ACTION and CHAIN, the values "-",
 #	"any" and "all" may be used as wildcards
--- a/Shorewall/action.template
+++ b/Shorewall/action.template
@ -168,7 +168,7 @@
 #
 #	USER/GROUP	This column may only be non-empty if the SOURCE is
 #			the firewall itself.
-#			
+#
 #			The column may contain:
 #
 #	[!][<user name or number>][:<group name or number>][+<program name>]
@ -185,7 +185,9 @@
 #					#the 'kids' group
 #				!:kids	#program must not be run by a member
 #					#of the 'kids' group
-#				+upnpd	#program named upnpd
+#				+upnpd	#program named upnpd (This feature was
+#					#removed from Netfilter in kernel
+#					#version 2.6.14).
 #
 ###############################################################################
 #TARGET	SOURCE	DEST	PROTO	DEST	SOURCE	ORIGINAL	RATE	USER/
--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@ -8,6 +8,8 @@ Changes in 3.0.0 RC 3.

 4) Stop whining about ipt_owner messages under kernel 2.6.14.

+5) Update config files with cmd-owner info.
+
 Changes in 3.0.0 RC 2.

 1) Fix support for OpenVPN and tcp.
--- a/Shorewall/macro.template
+++ b/Shorewall/macro.template
@ -293,7 +293,9 @@
 #					#the 'kids' group
 #				!:kids	#program must not be run by a member
 #					#of the 'kids' group
-#				+upnpd	#program named 'upnpd'
+#				+upnpd	#program named upnpd (This feature was
+#					#removed from Netfilter in kernel
+#					#version 2.6.14).
 #
 # A few examples should help show how Macros work.
 #
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@ -14,7 +14,9 @@ Problems Corrected in 3.0.0 RC 3:

 3)  The test that Shorewall uses to detect the availability of the
    owner match capability has been changed to avoid the generation
-    of ipt_owner messages under kernel 2.6.14.
+    of ipt_owner messages under kernel 2.6.14. The affected configuration
+    files have been updated to warn that +<program name> is not supported
+    by kernel versions 2.6.14 and later.

 Migration Considerations:

--- a/Shorewall/rules
+++ b/Shorewall/rules
@ -378,7 +378,9 @@
 #					#the 'kids' group
 #				!:kids	#program must not be run by a member
 #					#of the 'kids' group
-#				+upnpd	#program named 'upnpd'
+#				+upnpd	#program named upnpd (This feature was
+#					#removed from Netfilter in kernel
+#					#version 2.6.14).
 #
 #	Example: Accept SMTP requests from the DMZ to the internet
 #
--- a/Shorewall/tcrules
+++ b/Shorewall/tcrules
@ -144,7 +144,9 @@
 #			The colon is optionnal when specifying only a user
 #			or a program name.
 #			Examples : john: , john , :users , john:users ,
-#				   +mozilla-bin
+#				   +mozilla-bin (Support for program names
+#				   was removed from Netfilter in Kernel
+#				   version 2.6.14).
 #
 #	TEST		Defines a test on the existing packet or connection
 #			mark. The rule will match only if the test returns