Changes in 3.2.0 Beta 5 1) Fix compilation problem on LEAF Bering. 2) Remove traffic shaping code from the 'firewall' script to avoid unmaintainable code duplication. 3) Fix DETECT_DNAT_IPADDRS=No bug. 4) Handle absense of mangle FORWARD chain. 5) Rename the rtrules file to route_rules. 6) Fix deletion of SNAT ip addresses. 7) Accomodate ancient kernel's with no FORWARD or POSTROUTING in mangle. Changes in 3.2.0 Beta 4 1) Fix 'routeback' with bridge ports. 2) Add support for explicit routing rules. 3) Fix mktempdir problem. 4) Implement HIGH_ROUTE_MARKS Changes in 3.2.0 Beta 3 1) Correct handling of verbosity in the 'try' command. 2) Add IMPLICIT_CONTINUE option to shorewall.conf. 3) Fix SAME/ADD_SNAT_ALIASES interaction. Changes in 3.2.0 Beta 2 1) Make "shorewall start -f" work correctly. 2) Remove SUBSYSLOCK code from default and debian footers. 3) Add 'refreshed' extension script. 4) Implement 'logdrop' and 'logreject' Changes in 3.1.x. and 3.2.x 1) Removal of dynamic zones. 2) Implement 'generate' command. 3) Implement 'super-quiet' mode using multiple -q options (e.g., -qq). 4) Add back dynamic zones. 5) Allow remote compiles. 6) Change output of 'generate' to always be the file name entered (do not prepend /var/lib/shorewall/) 7) Remove some restrictions on remote compiles. 8) Add error checking to generated script. 9) Merge Fabio Longerai's 'length' patch. 10) Add the "-p" option to the compile command. 11) Fix 'check' bug in setup_masq 12) Break compiler/firewall into two files 13) Make Shoreall quiet for a change. 14) Make "Compile-and-go" the only mode of operation. 15) Remove -p 16) Apply Tuomo's patches for IPSEC and Noecho. 17) Fix bridging 18) Fix QUEUE when used in the ESTABLISHED section. 19) Apply Ed Suominen's patch to tcrules. ------------------------------------------------------------------------------- 3.1.5 20) Speed up compilation by rewriting 'fix_bang()'. 21) Correct GATEWAY handling in the providers file. 22) Remove sub-zone exclusion from DNAT/REDIRECT. 23) Add compiled-program/library versioning scheme. ------------------------------------------------------------------------------- 3.1.6 24) Apply Steven Springl's help patch. 25) Fix 'allow/drop/reject' while Shorewall not running. 26) Implement bi-directional macros. 27) Fix TC bridge port handling. 28) Fix/document "check -e" 29) Automatically use capabilities file when non-root. 30) Correct typo in help file ("help drop"). 31) Added 'tcpsyn' ------------------------------------------------------------------------------- 3.1.7 32) Change 'tcpsyn' to 'tcp:syn' 33) Remove superfluous rules in MAC validation. 34) Correct Makefile. 35) Add -t option 36) Restore log messages. 37) Fix "shorewall capabilities" with VERBOSITY < 2. ------------------------------------------------------------------------------- 3.1.8 38) Remove compile-time running of extension scripts. 39) Correctly handle interfaces named 'inet'. 40) SUBSYSLOCK functionality restored. ------------------------------------------------------------------------------- 3.1.9 41) Fix Provider route generation when a specific gateway is specified. 42) Be sure that restore file name is preserved regardless of 'set --' in define_firewall().) 43) Add Simon's redhat prog files. 44) Add 'delete_nat' to compiled program. 45) Move 'shorecap' to /usr/share/shorewall 46) Add debian prog files. 47) Correct syntax error in validate_policy() ------------------------------------------------------------------------------- 3.2.0 Beta 1. 48) Streamlined some code in setup_tc1() 49) Process /etc/shorewall/params at run-time. 50) Add new modules to /etc/shorewall/modules. 51) Make default behavior of "compile" distribution-neutral.