mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-15 10:51:02 +01:00
97c6eae79e
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@372 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
36 lines
1.6 KiB
Plaintext
Executable File
36 lines
1.6 KiB
Plaintext
Executable File
This is a minor release of Shorewall that has a couple of new features.
|
|
|
|
New features include:
|
|
|
|
1) "shorewall refresh" now reloads the traffic shaping rules (tcrules
|
|
and tcstart).
|
|
|
|
2) "shorewall debug [re]start" now turns off debugging after an error
|
|
occurs. This places the point of the failure near the end of the
|
|
trace rather than up in the middle of it.
|
|
|
|
3) "shorewall [re]start" has been speeded up by more than 40% with
|
|
my configuration. Your milage may vary.
|
|
|
|
4) A "shorewall show classifiers" command has been added which shows
|
|
the current packet classification filters. The output from this
|
|
command is also added as a separate page in "shorewall monitor"
|
|
|
|
5) ULOG (must be all caps) is now accepted as a valid syslog level and
|
|
causes the subject packets to be logged using the ULOG target rather
|
|
than the LOG target. This allows you to run ulogd (available from
|
|
www.gnumonks.org/projects/ulogd) and log all Shorewall messages to
|
|
a separate log file.
|
|
|
|
6) If you are running a kernel that has a FORWARD chain in the mangle
|
|
table ("shorewall show mangle" will show you the chains in the
|
|
mangle table), you can set MARK_IN_FORWARD=Yes in
|
|
shorewall.conf. This allows for marking input packets based on their
|
|
destination even when you are using Masquerading or SNAT.
|
|
|
|
7) Since adding commands to files that don't already exist seems to be a
|
|
challenging notion for some users, I have cluttered up the
|
|
/etc/shorewall directory with empty 'init', 'start', 'stop' and
|
|
'stopped' files. If you already have a file with one of these names,
|
|
don't worry -- the upgrade process won't overwrite your file.
|