diff --git a/Shorewall-common/changelog.txt b/Shorewall-common/changelog.txt index 59db68732..d7fd7bc39 100644 --- a/Shorewall-common/changelog.txt +++ b/Shorewall-common/changelog.txt @@ -2,6 +2,8 @@ Changes in 4.1.5 1) More ruleset optimization. +2) Make LOG_MARTIANS=Yes the default. + Changes in 4.1.4 1) Fix do_test() to accept 0 and to use the same mask as diff --git a/Shorewall-common/lib.config b/Shorewall-common/lib.config index 3620b59b1..81dedf0b6 100644 --- a/Shorewall-common/lib.config +++ b/Shorewall-common/lib.config @@ -1916,7 +1916,7 @@ do_initialize() { ;; esac else - LOG_MARTIANS= + LOG_MARTIANS=yes fi [ -n "${BLACKLIST_DISPOSITION:=DROP}" ] diff --git a/Shorewall-common/releasenotes.txt b/Shorewall-common/releasenotes.txt index bb99cac46..a0d9cda93 100644 --- a/Shorewall-common/releasenotes.txt +++ b/Shorewall-common/releasenotes.txt @@ -34,6 +34,15 @@ Migration Issues. REDIRECT- DNAT- +4) The default value for LOG_MARTIANS is now 'On'. Previously, the + default value was 'Keep'. You can either: + + a) Accept the new default -- martians will be logged from all + interfaces except those with log_martians=0 in shorewall.conf. + + b) Explicitly set LOG_MARTIANS=keep to maintain compatibility with + prior versions of Shorewall. + Problems corrected in 4.1.5. None. @@ -45,6 +54,10 @@ New Features in 4.1.5. the effect of reducing the average number of rules that each packet must traverse. +4) The default value for LOG_MARTIANS is now 'On'. Previously, the + default value was 'Keep'. The shorewall.conf file has also been + updated to specify a value of 'On'. + New Features in Shorewall 4.1. 1) Shorewall 4.1 contains experimental support for multiple Internet diff --git a/Shorewall-common/shorewall.conf b/Shorewall-common/shorewall.conf index 35739e52d..b7326961d 100644 --- a/Shorewall-common/shorewall.conf +++ b/Shorewall-common/shorewall.conf @@ -62,7 +62,7 @@ RFC1918_LOG_LEVEL=info SMURF_LOG_LEVEL=info -LOG_MARTIANS=No +LOG_MARTIANS=On ############################################################################### # L O C A T I O N O F F I L E S A N D D I R E C T O R I E S diff --git a/Shorewall-perl/Shorewall/Config.pm b/Shorewall-perl/Shorewall/Config.pm index 547560081..5c995b3dd 100644 --- a/Shorewall-perl/Shorewall/Config.pm +++ b/Shorewall-perl/Shorewall/Config.pm @@ -1799,7 +1799,7 @@ sub get_configuration( $ ) { check_trivalue ( 'IP_FORWARDING', 'on' ); check_trivalue ( 'ROUTE_FILTER', '' ); - check_trivalue ( 'LOG_MARTIANS', '' ); + check_trivalue ( 'LOG_MARTIANS', 'on' ); default 'STARTUP_LOG' , '';