diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index f0aaa9b73..10dae8270 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -1,3 +1,7 @@ +Changes in Shorewall 4.4.11.4 + +1) Fix a couple of old optimization bugs. + Changes in Shorewall 4.4.11.3 1) Fix duplicate rule generation with 'any'. diff --git a/Shorewall/known_problems.txt b/Shorewall/known_problems.txt index 292d9b5e7..7748b1844 100644 --- a/Shorewall/known_problems.txt +++ b/Shorewall/known_problems.txt @@ -85,3 +85,14 @@ 11) AUTOMAKE=Yes is broken -- don't use it. Corrected in Shorewall 4.4.11.3. + +12) Under rare circumstances where COMMENT is used to attach comments + to rules, OPTIMIZE 8 through 15 can result in invalid + iptables-restore (ip6tables-restore) input. + + Workaround: Don't use optimizaiton levels greater than 7. + +2) Under rare circumstances unvolving exclusion, OPTIMIZE 8 through 15 + canresult in invalid iptables-restore (ip6tables-restore) input. + + Workaround: Don't use optimizaiton levels greater than 7. diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index af1dfe6c4..5892c0431 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -1,5 +1,5 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 4 . 1 1 . 3 + S H O R E W A L L 4 . 4 . 1 1 . 4 ---------------------------------------------------------------------------- I. RELEASE 4.4 HIGHLIGHTS @@ -218,6 +218,15 @@ VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- +4.4.11.4 + +1) Under rare circumstances where COMMENT is used to attach comments + to rules, OPTIMIZE 8 through 15 could result in invalid + iptables-restore (ip6tables-restore) input. + +2) Under rare circumstances unvolving exclusion, OPTIMIZE 8 through 15 + could result in invalid iptables-restore (ip6tables-restore) input. + 4.4.11.3 1) When 'any' was used in the rules SOURCE column, a duplicate rule