Update config files with cmd-owner info

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2940 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb

Shorewall/accounting

@@ -92,7 +92,9 @@
 #					#the 'kids' group
 #				!:kids	#program must not be run by a member
 #					#of the 'kids' group
-#				+upnpd	#program named upnpd
+#				+upnpd	#program named upnpd (This feature was
+#					#removed from Netfilter in kernel
+#					#version 2.6.14).
 #
 #	In all of the above columns except ACTION and CHAIN, the values "-",
 #	"any" and "all" may be used as wildcards

Shorewall/action.template

@@ -168,7 +168,7 @@
 #
 #	USER/GROUP	This column may only be non-empty if the SOURCE is
 #			the firewall itself.
-#			
+#
 #			The column may contain:
 #
 #	[!][<user name or number>][:<group name or number>][+<program name>]
@@ -185,7 +185,9 @@
 #					#the 'kids' group
 #				!:kids	#program must not be run by a member
 #					#of the 'kids' group
-#				+upnpd	#program named upnpd
+#				+upnpd	#program named upnpd (This feature was
+#					#removed from Netfilter in kernel
+#					#version 2.6.14).
 #
 ###############################################################################
 #TARGET	SOURCE	DEST	PROTO	DEST	SOURCE	ORIGINAL	RATE	USER/

Shorewall/changelog.txt

@@ -8,6 +8,8 @@ Changes in 3.0.0 RC 3.
 
 4) Stop whining about ipt_owner messages under kernel 2.6.14.
 
+5) Update config files with cmd-owner info.
+
 Changes in 3.0.0 RC 2.
 
 1) Fix support for OpenVPN and tcp.

Shorewall/macro.template

@@ -293,7 +293,9 @@
 #					#the 'kids' group
 #				!:kids	#program must not be run by a member
 #					#of the 'kids' group
-#				+upnpd	#program named 'upnpd'
+#				+upnpd	#program named upnpd (This feature was
+#					#removed from Netfilter in kernel
+#					#version 2.6.14).
 #
 # A few examples should help show how Macros work.
 #

Shorewall/releasenotes.txt

@@ -14,7 +14,9 @@ Problems Corrected in 3.0.0 RC 3:
 
 3)  The test that Shorewall uses to detect the availability of the
     owner match capability has been changed to avoid the generation
-    of ipt_owner messages under kernel 2.6.14.
+    of ipt_owner messages under kernel 2.6.14. The affected configuration
+    files have been updated to warn that +<program name> is not supported
+    by kernel versions 2.6.14 and later.
 
 Migration Considerations:
 

Shorewall/rules

@@ -378,7 +378,9 @@
 #					#the 'kids' group
 #				!:kids	#program must not be run by a member
 #					#of the 'kids' group
-#				+upnpd	#program named 'upnpd'
+#				+upnpd	#program named upnpd (This feature was
+#					#removed from Netfilter in kernel
+#					#version 2.6.14).
 #
 #	Example: Accept SMTP requests from the DMZ to the internet
 #

Shorewall/tcrules

@@ -144,7 +144,9 @@
 #			The colon is optionnal when specifying only a user
 #			or a program name.
 #			Examples : john: , john , :users , john:users ,
-#				   +mozilla-bin
+#				   +mozilla-bin (Support for program names
+#				   was removed from Netfilter in Kernel
+#				   version 2.6.14).
 #
 #	TEST		Defines a test on the existing packet or connection
 #			mark. The rule will match only if the test returns