mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-15 12:14:32 +01:00
7e8cc67013
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1361 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
45 lines
1.6 KiB
Plaintext
Executable File
45 lines
1.6 KiB
Plaintext
Executable File
Shorewall 2.0.3 Beta 1
|
|
|
|
----------------------------------------------------------------------
|
|
Problems Corrected since 2.0.2
|
|
|
|
1) The 'firewall' script is not purging temporary restore files in
|
|
/var/lib/shorewall. These files have names of the form
|
|
"restore-nnnnn".
|
|
|
|
2) The /var/lib/shorewall/restore script did not load the kernel
|
|
modules specified in /etc/shorewall/modules.
|
|
|
|
3) Specifying a null common action in /etc/shorewall/actions (e.g.,
|
|
:REJECT) results in a startup error.
|
|
|
|
4) If /var/lib/shorewall does not exist, shorewall start fails.
|
|
|
|
5) DNAT rules with a dynamic source zone don't work properly. When
|
|
used, these rules cause the rule to be checked against ALL input,
|
|
not just input from the designated zone.
|
|
|
|
6) The install.sh script reported installing some files in
|
|
/etc/shorewall when the files were actually installed in
|
|
/usr/share/shorewall.
|
|
|
|
-----------------------------------------------------------------------
|
|
Issues when migrating from Shorewall 2.0.2 to Shorewall 2.0.3:
|
|
|
|
None.
|
|
-----------------------------------------------------------------------
|
|
New Features:
|
|
|
|
1) "!" is now allowed in accounting rules.
|
|
|
|
2) Interface names appearing within the configuration are now
|
|
verified. Interface names must match the name of an entry in
|
|
/etc/shorewall/interfaces (or if bridging is enabled, they must
|
|
match the name of an entry in /etc/shorewall/interfaces or the name
|
|
of a bridge port appearing in /etc/shorewall/hosts).
|
|
|
|
3) A new 'rejectNonSyn' built-in standard action has been added. This
|
|
action responds to "New not SYN" packets with an RST.
|
|
|
|
|