Shorewall 2.0.2-Beta 1 ---------------------------------------------------------------------- Problems Corrected since 2.0.1 None. ----------------------------------------------------------------------- Issues when migrating from Shorewall 2.0.0 to Shorewall 2.0.1: 1) Dynamic Zone support. If you don't need to use the "shorewall add" and "shorewall delete" commands, you should set DYNAMIC_ZONES=No in /etc/shorewall/shorewall.conf . New Features: 1) The previous implementation of dynamic zones was difficult to maintain. I have changed the code to make dynamic zones optional under the control of the DYNAMIC_ZONES option in /etc/shorewall/shorewall.conf. 2) In earlier Shorewall 2.0 releases, Shorewall searches in order the following directories for configuration files. a) The directory specified in a 'try' command or specified using the -c option. b) /etc/shorewall c) /usr/share/shorewall In this release, the CONFIG_PATH option is added to shorewall.conf. CONFIG_PATH contains a list of directory names separated by colons (":"). If not set or set to a null value (e.g., CONFIG_PATH="") then "CONFIG_PATH=/etc/shorewall:/usr/share/shorewall" is assumed. Now Shorewall searches for shorewall.conf according to the old rules and for other configuration files as follows: a) The directory specified in a 'try' command or specified using the -c option. b) Each directory in $CONFIG_PATH is searched in sequence. In case it is not obvious, your CONFIG_PATH should include /usr/share/shorewall and your shorewall.conf file must be in the directory specified via -c or in a try command, in /etc/shorewall or in /usr/share/shorewall. 3) Previously, in /etc/shorewall/nat a Yes (or yes) in the LOCAL column would only take effect if the ALL INTERFACES column also contained Yes or yes. Now, the LOCAL columns contents are treated independently of the contents of the ALL INTERFACES column. 4) The folks at Mandrake have created yet another kernel module naming convention. As a consequence, beginning with this release, if MODULE_PREFIX isn't specified in shorewall.conf, then the default value is "o gz ko o.gz ko.gz". 5) An updated bogons file is included in this release.