shorewall_code/Shorewall/known_problems.txt

1)  On systems running Upstart, shorewall-init cannot reliably secure
    the firewall before interfaces are brought up.

2) The 'local' option in /etc/shorewall6/providers produces an 'ip
   route add' command containing an IPv4 address.

3) When optimize level 4 is set, the optimizer mis-handles rules of the
   form:

	-A <chain1> -j <chain2> -m comment ...

   when such a rule is the only rule in a chain.

   Workarounds:

	1. Don't use optimization level 4; or
	2. Remove the comment from the rule.
Correct known problems 2010-12-30 21:01:46 +01:00			`1) On systems running Upstart, shorewall-init cannot reliably secure`
Update known problems 2010-12-30 20:47:25 +01:00			`the firewall before interfaces are brought up.`

Update release documents for IPv6 providers fix. Signed-off-by: Tom Eastep <teastep@shorewall.net> 2011-02-13 17:29:35 +01:00			`2) The 'local' option in /etc/shorewall6/providers produces an 'ip`
			`route add' command containing an IPv4 address.`

Correct typo Signed-off-by: Tom Eastep <teastep@shorewall.net> 2011-02-14 19:27:11 +01:00			`3) When optimize level 4 is set, the optimizer mis-handles rules of the`
Document fix to the optimizer Signed-off-by: Tom Eastep <teastep@shorewall.net> 2011-02-14 19:19:30 +01:00			`form:`

			`-A <chain1> -j <chain2> -m comment ...`

			`when such a rule is the only rule in a chain.`

			`Workarounds:`

			`1. Don't use optimization level 4; or`
			`2. Remove the comment from the rule.`

Update release documents for IPv6 providers fix. Signed-off-by: Tom Eastep <teastep@shorewall.net> 2011-02-13 17:29:35 +01:00