mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-11 08:51:13 +01:00
53 lines
1.6 KiB
Plaintext
53 lines
1.6 KiB
Plaintext
1) The IPv6 allowBcast built-in action generates an invalid ip6tables
|
|
rule. This defect is present in all versions of Shorewall that
|
|
support IPv6.
|
|
|
|
Fixed in Shorewall 4.4.10.1.
|
|
|
|
2) If IPSET=<pathname> is specified in shorewall.conf, then when an
|
|
ipset is used in a configuration file entry, the following fatal
|
|
compilation error occurs:
|
|
|
|
ERROR: ipset names in Shorewall configuration files require Ipset
|
|
Match in your kernel and iptables : /etc/shorewall/rules (line nn)
|
|
|
|
You can work around this problem by executing the following at a
|
|
root shell prompt:
|
|
|
|
shorewall show -f capabilities > /etc/shorewall/capabilities
|
|
|
|
Fixed in Shorewall 4.4.10.1. After installing this fix, if you
|
|
executed the above command to work around the problem, we recommend
|
|
that you remove /etc/shorewall/capabilities.
|
|
|
|
3) The new REQUIRE_INTERFACE option was not added to shorewall.conf
|
|
and shorewall6.conf.
|
|
|
|
You can simply add it if you need it.
|
|
|
|
Fixed in Shorewall 4.4.10.2.
|
|
|
|
4) Under Perl 5.12.1, a harmless Perl run-time diagnostic is
|
|
produced when options are omitted from shorewall.conf or
|
|
shorewall6.conf.
|
|
|
|
Example:
|
|
|
|
Use of uninitialized value
|
|
$Shorewall::Config::config{"REQUIRE_INTERFACE"} in lc at
|
|
/usr/share/shorewall/Shorewall/Config.pm line 1902.
|
|
|
|
Fixed in Shorewall 4.4.10.2.
|
|
|
|
5) On Debian and Debian-based systems, the start/stop priorities of
|
|
Shorewall products may be incorrect when the insserv package is
|
|
installed.
|
|
|
|
You may correct this problem by running insserv (as root).
|
|
|
|
Fixed in Shorewall 4.4.10.2.
|
|
|
|
|
|
|
|
|