2002-11-24 20:23:31 +01:00
|
|
|
This is a minor release of Shorewall that has a couple of new features.
|
2002-05-01 01:13:15 +02:00
|
|
|
|
2002-08-06 01:34:46 +02:00
|
|
|
New features include:
|
2002-05-01 01:13:15 +02:00
|
|
|
|
2002-12-10 21:42:19 +01:00
|
|
|
1) "shorewall refresh" now reloads the traffic shaping rules (tcrules
|
|
|
|
and tcstart).
|
2002-12-19 21:14:10 +01:00
|
|
|
|
2002-12-05 02:24:51 +01:00
|
|
|
2) "shorewall debug [re]start" now turns off debugging after an error
|
|
|
|
occurs. This places the point of the failure near the end of the
|
|
|
|
trace rather than up in the middle of it.
|
2002-12-19 21:14:10 +01:00
|
|
|
|
|
|
|
3) "shorewall [re]start" has been speeded up by more than 40% with
|
2002-12-05 02:24:51 +01:00
|
|
|
my configuration. Your milage may vary.
|
2002-11-24 20:23:31 +01:00
|
|
|
|
2002-12-10 21:42:19 +01:00
|
|
|
4) A "shorewall show classifiers" command has been added which shows
|
|
|
|
the current packet classification filters. The output from this
|
|
|
|
command is also added as a separate page in "shorewall monitor"
|
2002-12-13 05:35:04 +01:00
|
|
|
|
|
|
|
5) ULOG (must be all caps) is now accepted as a valid syslog level and
|
|
|
|
causes the subject packets to be logged using the ULOG target rather
|
|
|
|
than the LOG target. This allows you to run ulogd (available from
|
|
|
|
www.gnumonks.org/projects/ulogd) and log all Shorewall messages to
|
|
|
|
a separate log file.
|
2002-12-19 21:14:10 +01:00
|
|
|
|
|
|
|
6) If you are running a kernel that has a FORWARD chain in the mangle
|
|
|
|
table ("shorewall show mangle" will show you the chains in the
|
|
|
|
mangle table), you can set MARK_IN_FORWARD=Yes in
|
2002-12-21 03:40:25 +01:00
|
|
|
shorewall.conf. This allows for marking inbound packets based on
|
|
|
|
their destination even when you are using Masquerading or SNAT.
|
2002-12-19 21:14:10 +01:00
|
|
|
|
2002-12-21 02:28:11 +01:00
|
|
|
7) I have cluttered up the /etc/shorewall directory with empty 'init',
|
|
|
|
'start', 'stop' and 'stopped' files. If you already have a file with
|
|
|
|
one of these names, don't worry -- the upgrade process won't
|
|
|
|
overwrite your file.
|
2002-12-21 21:03:23 +01:00
|
|
|
|
|
|
|
8) I have added a new RFC1918_LOG_LEVEL variable to
|
|
|
|
shorewall.conf. This variable specifies the syslog level at which
|
|
|
|
packets are logged as a result of entries in the
|
|
|
|
/etc/shorewall/rfc1918 file. Previously, these packets were always
|
|
|
|
logged at the 'info' level.
|