shorewall_code/Shorewall-common/changelog.txt

Changes in Shorewall 4.2.7

1) Added /etc/shorewall/notrack.

2) Added new columns to the routestopped file.

3) Moved tunnel rules back to the front of the NEW section.

4) Handle long sport lists.

Changes in Shorewall 4.2.6

1) Added macro.BitTorrent32

2) Add COUNT action.

3) Add swping

4) Add RESTORE_DEFAULT_ROUTE option

5) Use dhcpcd's database to detect dynamic gateways.

6) Fix TCP_FLAGS_DISPOSITION=REJECT

7) Allow protocol and port inversion.

8) Don't check for "-m state" until after modules are loaded

9) Fix Shorewall6[-lite]/Makefile

10) Reorganized generated script to be more like 4.3.

11) Added 'restored' script.

12) Another ctorigdstport fix.

13) Allow 'here documents' in extension scripts

14) Another ctorigdst fix.

15) Add flow key support.

16) Fix 'show connections'.

Changes in Shorewall 4.2.5

1) Add 'fallback' providers option.

2) Support for xtables-addons IPP2P.

3) Slow down startup some more by adding more modules and modules
   search directories.

4) Fix 'shorewall6 debug start'

5) Added macro.Git.

6) Fix running of tcclear script.

7) Added macro.IRC.

8) Fix --ctorigport usage

Changes in Shorewall 4.2.4.6

1) Fix hosts exclusion in DNAT/REDIRECT.

2) Work around  http://rt.cpan.org/Public/Bug/Display.html?id=13851

Changes in Shorewall 4.2.4.5

1) Fix critical hosts handling in Shorewall6.

Changes in Shorewall 4.2.4.4

1) Fix exclusion yet another time.

Changes in Shorewall 4.2.4.3

1) Fix exclusion again

Changes in Shorewall 4.2.4.2

1) Fix 'refresh'

Changes in Shorewall 4.2.4.1

1) Fix 'shorewall6 restore' etc.

2) Fix init scripts.

Changes in Shorewall 4.2.4-RC3

1) Fix exclusion handling with certain hosts options.

2) Rework zone exclusion to more accurately model what the user specifies.

Changes in Shorewall 4.2.4-RC2

1) Update samples.

2) Remove special handling of 2000::/3 routes.

3) Fix handling of multi-zone interfaces.

Changes in Shorewall 4.2.4-RC1

1) Merge changes from 4.3.3 -- IPv6 support.

Changes in Shorewall 4.2.3

1) Verify User/Group names.

2) Don't allow compiled script named 'shorewall'.

3) Avoid problems when '$' appears on the first line of
/etc/shorewall/compile.

4) Add the output of "netstat -tunap" to dump

5) Allow '+' as an interface.

6) Change ipp2p detection to support latest version.

7) Fix NEW_CONNTRACK_MATCH.

8) Make use of --goto.

9) Allow ressetting individual chains.

10) Correct faulty optimization.

Changes in Shorewall 4.2.2

1) Insure that lines copied from a user file are newline-terminated.

2) Added macro.JAP.

3) Added macro.DAAP.

4) Added macro.DCC.

5) Added macro.GNUnet.

6) Prevent invalid rules when KLUDGEFREE is not set.

7) Separated detection of old conntrack syntax from new conntrack
   feature detection.

8) Fix nonat rules with destination IP address.

9) Correct NEW_CONNTRACK_MATCH with server port but no dest port.

Changes in Shorewall 4.2.1

1) Added CONNBYTES to tcrules manpage. Flesh out description of HELPER.

2) Fixed minor CONNBYTES editing issue.

3) Add CONNLIMIT to policy and rules.

4) Allow use of iptables-1.4.1.

5) Add time match support.

6) Applied Lennart Sorensen's patch for length match.

7) Take advantage of --ctorigdstport

8) Fix syntax error in 'export'

Initial release of Shorewall 4.2.0.