First cut at 4.4

This commit is contained in:
Tom Eastep 2009-06-12 15:51:43 -07:00
parent 96128196e3
commit 265e4fa546
20 changed files with 61 additions and 70 deletions

View File

@ -28,7 +28,7 @@
# shown below. Simply run this script to revert to your prior version of # shown below. Simply run this script to revert to your prior version of
# Shoreline Firewall. # Shoreline Firewall.
VERSION=4.3.13 VERSION=4.4.0-Beta1
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -22,7 +22,7 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# #
VERSION=4.3.13 VERSION=4.4.0-Beta1
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -1,6 +1,6 @@
%define name shorewall-lite %define name shorewall-lite
%define version 4.3.13 %define version 4.4.0
%define release 0base %define release 0Beta1
Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems. Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems.
Name: %{name} Name: %{name}
@ -98,6 +98,8 @@ fi
%doc COPYING changelog.txt releasenotes.txt %doc COPYING changelog.txt releasenotes.txt
%changelog %changelog
* Fri Jun 12 2009 Tom Eastep tom@shorewall.net
- Updated to 4.4.0-0Beta1
* Sun Jun 07 2009 Tom Eastep tom@shorewall.net * Sun Jun 07 2009 Tom Eastep tom@shorewall.net
- Updated to 4.3.13-0base - Updated to 4.3.13-0base
* Fri Jun 05 2009 Tom Eastep tom@shorewall.net * Fri Jun 05 2009 Tom Eastep tom@shorewall.net

View File

@ -26,7 +26,7 @@
# You may only use this script to uninstall the version # You may only use this script to uninstall the version
# shown below. Simply run this script to remove Shorewall Firewall # shown below. Simply run this script to remove Shorewall Firewall
VERSION=4.3.13 VERSION=4.4.0-Beta1
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -325,7 +325,7 @@ sub initialize( $ ) {
TC_SCRIPT => '', TC_SCRIPT => '',
EXPORT => 0, EXPORT => 0,
UNTRACKED => 0, UNTRACKED => 0,
VERSION => "4.3.13", VERSION => "4.4.0-Beta1",
CAPVERSION => 40309 , CAPVERSION => 40309 ,
); );

View File

@ -1,4 +1,4 @@
Changes in Shorewall 4.3.13 Changes in Shorewall 4.4.0-Beta1
1) Correct typo in Shorewall6 two-interface sample shorewall.conf. 1) Correct typo in Shorewall6 two-interface sample shorewall.conf.

View File

@ -22,7 +22,7 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# #
VERSION=4.3.13 VERSION=4.4.0-Beta1
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -1 +1 @@
There are no known problems in Shorewall version 4.3.13 There are no known problems in Shorewall version 4.4.0-Beta1

View File

@ -1,10 +1,7 @@
Shorewall 4.3.13 Shorewall 4.4.0 Beta 1
Shorewall 4.3 is the development thread for Shorewall 4.4 which will be
released late in 2009.
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
R E L E A S E 4 . 3 H I G H L I G H T S R E L E A S E 4 . 4 H I G H L I G H T S
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
1) Support for Shorewall-shell has been discontinued. Shorewall-perl 1) Support for Shorewall-shell has been discontinued. Shorewall-perl
@ -22,7 +19,7 @@ released late in 2009.
4) The Shorewall documentation and man pages have been purged of 4) The Shorewall documentation and man pages have been purged of
information about earlier Shorewall releases. The documentation information about earlier Shorewall releases. The documentation
describes only the behavior of Shorewall 4.3 and later versions. describes only the behavior of Shorewall 4.4 and later versions.
5) The interfaces file OPTIONs have been extended to largely remove the 5) The interfaces file OPTIONs have been extended to largely remove the
need for the hosts file. need for the hosts file.
@ -56,7 +53,7 @@ released late in 2009.
the last 'start', 'restart' or 'restore' command. the last 'start', 'restart' or 'restore' command.
2) The old macro parameter syntax (e.g., SSH/ACCEPT) is now deprecated 2) The old macro parameter syntax (e.g., SSH/ACCEPT) is now deprecated
in favor of the new syntax (e.g., SSH(ACCEPT)). The 4.3 documentation in favor of the new syntax (e.g., SSH(ACCEPT)). The 4.4 documentation
uses the new syntax exclusively, although the old syntax uses the new syntax exclusively, although the old syntax
continues to be supported. continues to be supported.
@ -89,7 +86,7 @@ released late in 2009.
to renumber the class IDs for devices 10 and greater. to renumber the class IDs for devices 10 and greater.
6) Jozsef Kadlecsik has removed the set binding capability from ipset 6) Jozsef Kadlecsik has removed the set binding capability from ipset
3.1. As a consequence, Shorewall 4.3 no longer supports set 3.1. As a consequence, Shorewall 4.4 no longer supports set
binding. binding.
9) Support for the 'norfc1918' interface and host option has been 9) Support for the 'norfc1918' interface and host option has been
@ -105,7 +102,7 @@ released late in 2009.
using NULL_ROUTE_RFC1918=Yes instead. using NULL_ROUTE_RFC1918=Yes instead.
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
P R O B L E M S C O R R E C T E D I N 4 . 3 . 13 P R O B L E M S C O R R E C T E D I N 4 . 4 . 0 Beta 1
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
1) A typo in the IPv6 two-interface Sample shorewall6.conf file has 1) A typo in the IPv6 two-interface Sample shorewall6.conf file has
@ -121,17 +118,17 @@ released late in 2009.
None. None.
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
N E W F E A T U R E S I N 4 . 3 . 13 N E W F E A T U R E S I N 4 . 4 . 0 Beta 1
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
None. None.
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
N E W F E A T U R E S IN 4 . 3 N E W F E A T U R E S IN 4 . 4
---------------------------------------------------------------------------- ----------------------------------------------------------------------------
1) The Shorewall packaging has been completely revamped in Shorewall 1) The Shorewall packaging has been completely revamped in Shorewall
4.3. 4.4.
The new packages are: The new packages are:
@ -451,7 +448,7 @@ None.
b) Define a tcrule for each host to mark to classify the packets b) Define a tcrule for each host to mark to classify the packets
accordingly. accordingly.
Beginning with Shorewall 4.3.9, this process is made easier IF YOU Beginning with Shorewall 4.4, this process is made easier IF YOU
ARE WILLING TO INSTALL xtables-addons. The feature requires IPMARK ARE WILLING TO INSTALL xtables-addons. The feature requires IPMARK
support in iptables[6] and your kernel. That support is available support in iptables[6] and your kernel. That support is available
in xtables-addons. in xtables-addons.
@ -573,7 +570,7 @@ None.
The WIDE_TC_MARKS option in shorewall.conf selects which The WIDE_TC_MARKS option in shorewall.conf selects which
construction to use. WIDE_TC_MARKS=No (the default) produces construction to use. WIDE_TC_MARKS=No (the default) produces
pre-4.3.9 behavior. WIDE_TC_MARKS=Yes produces the new behavior. pre-4.4 behavior. WIDE_TC_MARKS=Yes produces the new behavior.
In addition to determining the method of constructing class Ids, In addition to determining the method of constructing class Ids,
WIDE_TC_MARKS=Yes provides for larger mark values for traffic WIDE_TC_MARKS=Yes provides for larger mark values for traffic

View File

@ -1,6 +1,6 @@
%define name shorewall %define name shorewall
%define version 4.3.13 %define version 4.4.0
%define release 0base %define release 0Beta1
Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. Summary: Shoreline Firewall is an iptables-based firewall for Linux systems.
Name: %{name} Name: %{name}
@ -104,6 +104,8 @@ fi
%doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples %doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples
%changelog %changelog
* Fri Jun 12 2009 Tom Eastep tom@shorewall.net
- Updated to 4.4.0-0Beta1
* Sun Jun 07 2009 Tom Eastep tom@shorewall.net * Sun Jun 07 2009 Tom Eastep tom@shorewall.net
- Updated to 4.3.13-0base - Updated to 4.3.13-0base
* Fri Jun 05 2009 Tom Eastep tom@shorewall.net * Fri Jun 05 2009 Tom Eastep tom@shorewall.net

View File

@ -26,7 +26,7 @@
# You may only use this script to uninstall the version # You may only use this script to uninstall the version
# shown below. Simply run this script to remove Shorewall Firewall # shown below. Simply run this script to remove Shorewall Firewall
VERSION=4.3.13 VERSION=4.4.0-Beta1
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -28,7 +28,7 @@
# shown below. Simply run this script to revert to your prior version of # shown below. Simply run this script to revert to your prior version of
# Shoreline Firewall. # Shoreline Firewall.
VERSION=4.3.13 VERSION=4.4.0-Beta1
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -22,7 +22,7 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# #
VERSION=4.3.13 VERSION=4.4.0-Beta1
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -1,6 +1,6 @@
%define name shorewall6-lite %define name shorewall6-lite
%define version 4.3.13 %define version 4.4.0
%define release 0base %define release 0Beta1
Summary: Shoreline Firewall 6 Lite is an ip6tables-based firewall for Linux systems. Summary: Shoreline Firewall 6 Lite is an ip6tables-based firewall for Linux systems.
Name: %{name} Name: %{name}
@ -89,6 +89,8 @@ fi
%doc COPYING changelog.txt releasenotes.txt %doc COPYING changelog.txt releasenotes.txt
%changelog %changelog
* Fri Jun 12 2009 Tom Eastep tom@shorewall.net
- Updated to 4.4.0-0Beta1
* Sun Jun 07 2009 Tom Eastep tom@shorewall.net * Sun Jun 07 2009 Tom Eastep tom@shorewall.net
- Updated to 4.3.13-0base - Updated to 4.3.13-0base
* Fri Jun 05 2009 Tom Eastep tom@shorewall.net * Fri Jun 05 2009 Tom Eastep tom@shorewall.net

View File

@ -26,7 +26,7 @@
# You may only use this script to uninstall the version # You may only use this script to uninstall the version
# shown below. Simply run this script to remove Shorewall Firewall # shown below. Simply run this script to remove Shorewall Firewall
VERSION=4.3.13 VERSION=4.4.0-Beta1
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -28,7 +28,7 @@
# shown below. Simply run this script to revert to your prior version of # shown below. Simply run this script to revert to your prior version of
# Shoreline Firewall. # Shoreline Firewall.
VERSION=4.3.13 VERSION=4.4.0-Beta1
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -22,7 +22,7 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
# #
VERSION=4.3.13 VERSION=4.4.0-Beta1
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -1,6 +1,6 @@
%define name shorewall6 %define name shorewall6
%define version 4.3.13 %define version 4.4.0
%define release 0base %define release 0Beta1
Summary: Shoreline Firewall 6 is an ip6tables-based firewall for Linux systems. Summary: Shoreline Firewall 6 is an ip6tables-based firewall for Linux systems.
Name: %{name} Name: %{name}
@ -93,6 +93,8 @@ fi
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn ipv6 Samples6 %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn ipv6 Samples6
%changelog %changelog
* Fri Jun 12 2009 Tom Eastep tom@shorewall.net
- Updated to 4.4.0-0Beta1
* Sun Jun 07 2009 Tom Eastep tom@shorewall.net * Sun Jun 07 2009 Tom Eastep tom@shorewall.net
- Updated to 4.3.13-0base - Updated to 4.3.13-0base
* Fri Jun 05 2009 Tom Eastep tom@shorewall.net * Fri Jun 05 2009 Tom Eastep tom@shorewall.net

View File

@ -26,7 +26,7 @@
# You may only use this script to uninstall the version # You may only use this script to uninstall the version
# shown below. Simply run this script to remove Shorewall Firewall # shown below. Simply run this script to remove Shorewall Firewall
VERSION=4.3.13 VERSION=4.4.0-Beta1
usage() # $1 = exit status usage() # $1 = exit status
{ {

View File

@ -124,7 +124,6 @@ LITE6RPMNAME=
TARBALL6= TARBALL6=
LITE6TARBALL= LITE6TARBALL=
USEGIT=
################################################################################ ################################################################################
# F U N C T I O N S # F U N C T I O N S
################################################################################ ################################################################################
@ -204,12 +203,8 @@ usage()
do_export() do_export()
{ {
if [ -n "$USEGIT" ]; then progress_message "Exporting $1 from Git..." && do_or_die "git --git-dir=$GIT/.git archive --format=tar HEAD $1 | tar -xf - >> $LOGFILE 2>&1"
progress_message "Exporting $1 from Git..." && do_or_die "git --git-dir=$GIT/.git archive --format=tar HEAD $1 | tar -xf - >> $LOGFILE 2>&1" [ $1 = $2 ] || do_or_die "mv -f $1 $2 >> $LOGFILE 2>&1"
[ $1 = $2 ] || do_or_die "mv -f $1 $2 >> $LOGFILE 2>&1"
else
progress_message "Exporting $1 from SVN..." && do_or_die "svn export --non-interactive --force ${SVN}/$1 $2 >> $LOGFILE 2>&1"
fi
} }
do_signit() do_signit()
@ -366,35 +361,20 @@ touch $LOGFILE
progress_message "Build of Shorewall $VERSION on $(date)" progress_message "Build of Shorewall $VERSION on $(date)"
case $VERSION in case $VERSION in
4.3.*) 4.4.*)
USEGIT=Yes
XMLPROJ="docs-4.3" XMLPROJ="docs-4.3"
if [ -n "$USEGIT" ]; then SVNBRANCH="Shorewall"
SVNBRANCH="Shorewall" SVN6BRANCH="Shorewall6"
SVN6BRANCH="Shorewall6" LITESVNBRANCH="Shorewall-lite"
LITESVNBRANCH="Shorewall-lite" LITE6SVNBRANCH="Shorewall6-lite"
LITE6SVNBRANCH="Shorewall6-lite" DOCTAG="docs"
DOCTAG="docs" SAMPLESTAG="Samples"
SAMPLESTAG="Samples" SAMPLES6TAG="Samples6"
SAMPLES6TAG="Samples6" MANPAGETAG=manpages
MANPAGETAG=manpages MANPAGE6TAG=manpages6
MANPAGE6TAG=manpages6 LITEMANPAGETAG=manpages-lite
LITEMANPAGETAG=manpages-lite LITE6MANPAGETAG=manpages6-lite
LITE6MANPAGETAG=manpages6-lite
else
SVNBRANCH="trunk/Shorewall"
SVN6BRANCH="trunk/Shorewall6"
LITESVNBRANCH="trunk/Shorewall-lite"
LITE6SVNBRANCH="trunk/Shorewall6-lite"
DOCTAG="trunk/docs"
SAMPLESTAG="trunk/Samples"
SAMPLES6TAG="trunk/Samples6"
MANPAGETAG=trunk/manpages
MANPAGE6TAG=trunk/manpages6
LITEMANPAGETAG=trunk/manpages-lite
LITE6MANPAGETAG=trunk/manpages6-lite
fi
;; ;;
*) *)
echo "Unsupported Version: $VERSION" echo "Unsupported Version: $VERSION"
@ -418,6 +398,12 @@ LITETARBALL=shorewall-lite-${VERSION}.tgz
LITE6TARBALL=shorewall6-lite-${VERSION}.tgz LITE6TARBALL=shorewall6-lite-${VERSION}.tgz
case $VERSION in case $VERSION in
*Beta*|*RC*)
BASEVERSION=${VERSION%-*}
RPMNAME=shorewall-${BASEVERSION}-0${VERSION#*-}.noarch.rpm
RPM6NAME=shorewall6-${BASEVERSION}-0${VERSION#*-}.noarch.rpm
LITERPMNAME=shorewall-lite-${BASEVERSION}-0${VERSION#*-}.noarch.rpm
LITE6RPMNAME=shorewall6-lite-${BASEVERSION}-0${VERSION#*-}.noarch.rpm
*) *)
# #
# Normal Release # Normal Release