This is a minor release of Shorewall.

Problems Corrected:

1) TCP connection requests rejected out of the common chain are now
   properly rejected with TCP RST; previously, some of these requests
   were rejeced with an ICMP port-unreachable response.

2) 'traceroute -I' from behind the firewall previously timed out on the
   first hop (e.g., to the firewall). This has been worked around.

New Features:

1) Where an entry in the/etc/shorewall/hosts file specifies a
   particular host or network, Shorewall now creates an intermediate
   chain for handling input from the related zone. This can
   substantially reduce the number of rules traversed by connections
   requests from such zones.

2) Any file may include an INCLUDE directive. An INCLUDE directive
   consists of the word INCLUDE followed by a file name and causes the
   contents of the named file to be logically included into the file
   containing the INCLUDE. File names given in an INCLUDE directive
   are assumed to reside in /etc/shorewall or in an alternate
   configuration directory if one has been specified for the command. 

   Examples:
  shorewall/params.mgmt:
  MGMT_SERVERS=1.1.1.1,2.2.2.2,3.3.3.3
  TIME_SERVERS=4.4.4.4
  BACKUP_SERVERS=5.5.5.5
  ----- end params.mgmt -----


  shorewall/params:
  # Shorewall 1.3 /etc/shorewall/params
  [..]
  #######################################

  INCLUDE params.mgmt    
  
  # params unique to this host here
  #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
  ----- end params -----


  shorewall/rules.mgmt:
  ACCEPT net:$MGMT_SERVERS          $FW    tcp    22
  ACCEPT $FW          net:$TIME_SERVERS    udp    123
  ACCEPT $FW          net:$BACKUP_SERVERS  tcp    22
  ----- end rules.mgmt -----

  shorewall/rules:
  # Shorewall version 1.3 - Rules File
  [..]
  #######################################

  INCLUDE rules.mgmt     
  
  # rules unique to this host here
  #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
  ----- end rules -----