2002-05-18 15:45:23 +02:00
|
|
|
This is a major release of Shorewall.
|
2002-05-01 01:13:15 +02:00
|
|
|
|
|
|
|
|
In this release:
|
|
|
|
|
|
2002-05-18 15:45:23 +02:00
|
|
|
1. The rules syntax for port forwarding and port redirection has been
|
|
|
|
|
simplified.
|
|
|
|
|
|
|
|
|
|
2. Compatibility has been maintained with version 1.2 configurations so
|
|
|
|
|
that users may migrate their configuration at their convenience.
|
|
|
|
|
|
|
|
|
|
WARNING: Compatibility has NOT been maintained with the parameterized
|
|
|
|
|
sample configurations which were withdrawn on 4/8/2002. Users
|
|
|
|
|
still employing one of those samples must upgrade to the
|
|
|
|
|
latest samples before running Shorewall 1.3 (Beta or Release).
|
|
|
|
|
|
|
|
|
|
3. You may now exclude zone A from a DNAT or REDIRECT rule that applies
|
2002-05-30 14:55:47 +02:00
|
|
|
to zone B where zone A is a subzone of sone B.
|
|
|
|
|
|
|
|
|
|
4. The whitelist capability has been deimplemented. With recent changes
|
|
|
|
|
to the firewall structure and change 3. above, white lists are now
|
|
|
|
|
best implemented using zones as shown at:
|
|
|
|
|
|
|
|
|
|
http://www.shorewall.net/whitelisting_under_shorewall.htm
|
2002-05-18 15:45:23 +02:00
|
|
|
|
2002-05-30 14:55:47 +02:00
|
|
|
5. A 'filterping' interface option has been added to allow the
|
|
|
|
|
rules and policy files to control the handling of ICMP echo-request
|
|
|
|
|
(ping) requests that are addressed to the firewall.
|
|
|
|
|
|
|
|
|
|
|
2002-05-18 15:45:23 +02:00
|
|
|
|
2002-05-01 01:13:15 +02:00
|
|
|
|
