diff --git a/Shorewall-common/changelog.txt b/Shorewall-common/changelog.txt index 22b64d24a..ca8f7f168 100644 --- a/Shorewall-common/changelog.txt +++ b/Shorewall-common/changelog.txt @@ -1,5 +1,16 @@ Changes in 4.0.0 Beta 6 +1) First step to adding compiler debugging facility. + +2) Assume that iptables-restore is in the same directory as $IPTABLES + +3) Fix buildports.pm to handle bogus entries in /etc/protocols and + /etc/services. + +4) Allow COMMENT in the accounting file. + +Changes in 4.0.0 Beta 6 + 1) Validate the DISPOSITION in /etc/shorewall/maclist entries. 2) Add versioning to capabilities files. @@ -8,11 +19,7 @@ Changes in 4.0.0 Beta 6 4) DYNAMIC_ZONES=Yes and bridges. -5) Implement VALIDATE_PORTS - -6) First step to adding compiler debugging facility. - -7) Assume that iptables-restore is in the same directory as $IPTABLES +5) Implement port validation. Changes in 4.0.0 Beta 5 diff --git a/Shorewall-common/releasenotes.txt b/Shorewall-common/releasenotes.txt index 8e9f6d6b3..407c40770 100644 --- a/Shorewall-common/releasenotes.txt +++ b/Shorewall-common/releasenotes.txt @@ -23,7 +23,9 @@ You must install Shorewall and at least one of the compiler packages Problems corrected in 4.0.0 Beta 7. -None. +1) Installation of Shorewall-perl when Shorewall is not yet installs + no longer suffers a failure in the generation of + /usr/share/shorewall-perl/Shorewall/Ports.pm. Other changes in Shorewall 4.0.0 Beta 7 @@ -41,6 +43,9 @@ Other changes in Shorewall 4.0.0 Beta 7 using the PATH setting and the iptables-restore and iptables-save programs from the same directory are used. +3) COMMENTs are now allowed in the accounting file under + Shorewall-perl + Migration Considerations: 1) You cannot simply upgrade your existing Shorewall package. You must diff --git a/Shorewall-perl/Shorewall/Accounting.pm b/Shorewall-perl/Shorewall/Accounting.pm index 0a6ad34fb..546d1a6e0 100644 --- a/Shorewall-perl/Shorewall/Accounting.pm +++ b/Shorewall-perl/Shorewall/Accounting.pm @@ -172,16 +172,22 @@ sub setup_accounting() { while ( read_a_line ) { - my ( $action, $chain, $source, $dest, $proto, $ports, $sports, $user, $mark ) = split_line 1, 9, 'Accounting File'; + my ( $action, $chain, $source, $dest, $proto, $ports, $sports, $user, $mark ) = split_line1 1, 9, 'Accounting File'; if ( $first_entry ) { progress_message2 "$doing $fn..."; $first_entry = 0; } - process_accounting_rule $action, $chain, $source, $dest, $proto, $ports, $sports, $user, $mark; + if ( $action eq 'COMMENT' ) { + process_comment; + } else { + process_accounting_rule $action, $chain, $source, $dest, $proto, $ports, $sports, $user, $mark; + } } + $comment = ''; + if ( @bridges ) { if ( $filter_table->{accounting} ) { for my $chain ( qw/INPUT FORWARD/ ) {