shorewall_code/Shorewall-common/changelog.txt

173 lines
3.5 KiB
Plaintext

Changes in 4.1.8
1) Fix some parsing issues with absurd configurations.
2) Undo routing changes applied by "NULL_ROUTE_RFC1918=Yes".
3) Improvements in parsing.
4) Add the -p option to start and stop
Changes in 4.1.7
1) Fix port verification.
2) Fix number of columns calculation.
3) Allow user exits to detect gateway.
4) Add CONNBYTES column to tcrules.
5) Fix a couple of 4.1.6 bugs.
6) Add MANGLE_ENABLED option.
7) Fix priority mingling in tc filters.
8) Fix ":" parsing errors.
9) Add ORIGINAL DEST column to macros.
10) Add NULL_ROUTE_RFC1918 option.
11) Defer enabling of forwarding until rules are in place.
12) Merge Tuomo's SANE support patch.
13) Fix silly duplicate-rule error.
14) Fix IPSEC host entry with DYNAMIC_ZONES=Yes
15) Use the OPTIONS variable from /etc/default/shorewall[-lite] on Debian.
Changes in 4.1.6
1) Deprecate IMPLICIT_CONTINUE=Yes
2) Add REDIRECTED INTERFACES column to tcdevices.
3) Add L2TP tunnel support.
4) Add support for IFB devices -- phase I.
5) Add support for IFB devices -- phase II.
Changes in 4.1.5
1) More ruleset optimization.
2) Make LOG_MARTIANS=Yes the default.
3) Update modules file for 2.6.25.
4) Restore 3.4 code to work around busybox limination.
5) Add restriction handling in tcrules file.
6) Fix designator table in Tc.pm.
7) Generate an error when mac match is used in the POSTROUTING or
OUTPUT chains.
8) Add 'BROKEN_ROUTING' option.
9) Automatic macro comments.
10) But make automatic macro comments optional.
Changes in 4.1.4
1) Fix do_test() to accept 0 and to use the same mask as
Shorewall-shell
2) The compilation date recorded in the firewall.conf file produced by
Shorewall-perl was previously mangled.
3) Don't fully populate /etc/shorewall under Cygwin
4) Fix the DNAT/REDIRECT fiasco.
5) Allow interface lists in the masq and nat files.
6) Allow loose match of interface names used in masq, nat and netmap.
7) Allow loose match of interface names in match_source_dev().
8) Implement 'sourceonly' host entry option.
9) Make all non-firewall zones "complex".
Changes in 4.1.3
1) Fix NFLOG/ULOG upcasing problem.
2) Fix STARTUP_LOG without LOG_VERBOSITY.
3) Fix LOG_VERBOSITY without STARTUP_LOG.
4) Fall back to /bin/sh if SHOREWALL_SHELL isn't viable.
5) Fix mis-handling of <interface>:<mac>
6) Add better diagnostic when not running as root.
7) Detect lack of interfaces and IPv4 zones.
8) Classify marked traffic using tc filter rules.
9) Allow installation on Cygwin.
Changes in 4.1.2
1) Enhanced Operational Logging
2) Fix undefined value when config file missing.
3) Handle exit status 4 from iptables.
4) Fix formatting of macro headings (again).
5) Update sample shorewall.conf files with new options.
6) Correct Jabber macro names.
7) Tighten up HIGH_ROUTE_MARKS in the OUTPUT chain.
8) Add 'nomarks' OPTION to tcdevices.
9) Add COMMENTs to macros.
Changes in 4.1.1
1) Fix ULOG/NFLOG output.
2) Fix NFQUEUE(<queue-num>) in Policy file.
3) Allow specifying an address in the Providers file.
Changes in 4.1.0.
1) Add 'shared' provider option.
2) Allow refresh of entire table and refresh mangle by default.
3) Add NFLOG support.
4) Implement alternative syntax for params.
5) Add support for embedded shell and Perl scripts.
6) Add support for manual chains.
7) Don't require GATEWAY in tunnels file.
8) Fix HIGH_ROUTE_MARKS fsck-up.
9) Fix Makefiles for VARDIR
10) Add -t option to hits command.
11) Add DONT_LOAD option
12) Add support for --random.