From 305e97d154bea66477d4ea52f5a2a04f29fac84e Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Tue, 8 Dec 2009 08:45:10 -0800 Subject: [PATCH] Update for 4.4.4.3, if needed --- Shorewall-lite/fallback.sh | 2 +- Shorewall-lite/install.sh | 2 +- Shorewall-lite/shorewall-lite.spec | 4 +++- Shorewall-lite/uninstall.sh | 2 +- Shorewall/Perl/Shorewall/Config.pm | 2 +- Shorewall/changelog.txt | 20 ++++++++++++++------ Shorewall/install.sh | 2 +- Shorewall/known_problems.txt | 5 ++--- Shorewall/releasenotes.txt | 14 +++++++++----- Shorewall/shorewall.spec | 4 +++- Shorewall/uninstall.sh | 2 +- Shorewall6-lite/fallback.sh | 2 +- Shorewall6-lite/install.sh | 2 +- Shorewall6-lite/shorewall6-lite.spec | 4 +++- Shorewall6-lite/uninstall.sh | 2 +- Shorewall6/fallback.sh | 2 +- Shorewall6/install.sh | 2 +- Shorewall6/shorewall6.spec | 4 +++- Shorewall6/uninstall.sh | 2 +- 19 files changed, 49 insertions(+), 30 deletions(-) diff --git a/Shorewall-lite/fallback.sh b/Shorewall-lite/fallback.sh index edc645d29..0385c13d9 100755 --- a/Shorewall-lite/fallback.sh +++ b/Shorewall-lite/fallback.sh @@ -28,7 +28,7 @@ # shown below. Simply run this script to revert to your prior version of # Shoreline Firewall. -VERSION=4.4.4.2 +VERSION=4.4.4.3 usage() # $1 = exit status { diff --git a/Shorewall-lite/install.sh b/Shorewall-lite/install.sh index fe73a1c61..aa3382413 100755 --- a/Shorewall-lite/install.sh +++ b/Shorewall-lite/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.4.2 +VERSION=4.4.4.3 usage() # $1 = exit status { diff --git a/Shorewall-lite/shorewall-lite.spec b/Shorewall-lite/shorewall-lite.spec index fc6298eb7..83f7afc5f 100644 --- a/Shorewall-lite/shorewall-lite.spec +++ b/Shorewall-lite/shorewall-lite.spec @@ -1,6 +1,6 @@ %define name shorewall-lite %define version 4.4.4 -%define release 2 +%define release 3 Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems. Name: %{name} @@ -100,6 +100,8 @@ fi %doc COPYING changelog.txt releasenotes.txt %changelog +* Tue Dec 08 2009 Tom Eastep tom@shorewall.net +- Updated to 4.4.4-3 * Sun Dec 06 2009 Tom Eastep tom@shorewall.net - Updated to 4.4.4-2 * Sat Nov 21 2009 Tom Eastep tom@shorewall.net diff --git a/Shorewall-lite/uninstall.sh b/Shorewall-lite/uninstall.sh index a490362b8..a4becbd81 100755 --- a/Shorewall-lite/uninstall.sh +++ b/Shorewall-lite/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.4.2 +VERSION=4.4.4.3 usage() # $1 = exit status { diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index c65adf484..41cf83bd1 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -327,7 +327,7 @@ sub initialize( $ ) { TC_SCRIPT => '', EXPORT => 0, UNTRACKED => 0, - VERSION => "4.4.4.2", + VERSION => "4.4.4.3", CAPVERSION => 40402 , ); diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index 27208780f..a065d80fc 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -1,15 +1,23 @@ +Changes in Shorewall 4.4.4.3 + +1) Fix DONT_LOAD vs 'reload -c' + +Changes in Shorewall 4.4.4.2 + +1) Disallow port 0 + +2) Improve IPv6 address validation and range checking. + +3) Correct Shorewall6 capabilities detection. + +4) Correct handling of DNS names in IPv6. + Changes in Shorewall 4.4.4.1 1) Fix 15-port change. 2) Fix handling of interfaces with the 'bridge' option. -3) Disallow port 0 - -4) Improve IPv6 address validation and range checking. - -5) Correct Shorewall6 capabilities detection. - Changes in Shorewall 4.4.4 1) Change STARTUP_LOG and LOG_VERBOSITY in default shorewall6.conf. diff --git a/Shorewall/install.sh b/Shorewall/install.sh index c34b75212..e676d66ef 100755 --- a/Shorewall/install.sh +++ b/Shorewall/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.4.2 +VERSION=4.4.4.3 usage() # $1 = exit status { diff --git a/Shorewall/known_problems.txt b/Shorewall/known_problems.txt index 91cbf876a..4e8f31e3b 100644 --- a/Shorewall/known_problems.txt +++ b/Shorewall/known_problems.txt @@ -37,9 +37,8 @@ 7) The command 'shorewall reload -c ' ignores the setting of DONT_LOAD, causing unwanted modules to be loaded. - This problem can be worked around on the firewall system by copying - /usr/share/shorewall-lite/modules to /etc/shorewall-lite/ and then - removing the unwanted modules from the copied file. + This defect is corrected in Shorewall 4.4.4.3. + diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 87683687e..9f734d6d7 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -169,6 +169,14 @@ Shorewall 4.4.4 Patch Release 2 now, if the zone has :0.0.0.0/0 (even with exclusions), then it may have no additional members in /etc/shorewall/hosts. +--------------------------------------------------------------------------- + P R O B L E M S C O R R E C T E D I N 4 . 4 . 4 . 3 +---------------------------------------------------------------------------- + +1) The command 'shorewall reload -c ' ignored the DONT_LOAD + setting with the result that unwanted modules could be loaded. The + 'reload' command without the '-c' option worked correctly. + --------------------------------------------------------------------------- P R O B L E M S C O R R E C T E D I N 4 . 4 . 4 . 2 ---------------------------------------------------------------------------- @@ -183,11 +191,7 @@ Shorewall 4.4.4 Patch Release 2 that iptables-restore errors could occur. Port 0 is now flagged as an error. ----------------------------------------------------------------------------- - P R O B L E M S C O R R E C T E D I N 4 . 4 . 4 . 2 ----------------------------------------------------------------------------- - -1) The Shorewall6-lite shorecap program was including the wrong +4) The Shorewall6-lite shorecap program was including the wrong library. Also, Shorewall6 is determining the availablity of the mangle table before it ensures that ip6tables is installed. diff --git a/Shorewall/shorewall.spec b/Shorewall/shorewall.spec index ade079805..8290964ca 100644 --- a/Shorewall/shorewall.spec +++ b/Shorewall/shorewall.spec @@ -1,6 +1,6 @@ %define name shorewall %define version 4.4.4 -%define release 2 +%define release 3 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. Name: %{name} @@ -106,6 +106,8 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples %changelog +* Tue Dec 08 2009 Tom Eastep tom@shorewall.net +- Updated to 4.4.4-3 * Sun Dec 06 2009 Tom Eastep tom@shorewall.net - Updated to 4.4.4-2 * Sat Nov 21 2009 Tom Eastep tom@shorewall.net diff --git a/Shorewall/uninstall.sh b/Shorewall/uninstall.sh index b9ede100e..5de880119 100755 --- a/Shorewall/uninstall.sh +++ b/Shorewall/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.4.2 +VERSION=4.4.4.3 usage() # $1 = exit status { diff --git a/Shorewall6-lite/fallback.sh b/Shorewall6-lite/fallback.sh index edc645d29..0385c13d9 100755 --- a/Shorewall6-lite/fallback.sh +++ b/Shorewall6-lite/fallback.sh @@ -28,7 +28,7 @@ # shown below. Simply run this script to revert to your prior version of # Shoreline Firewall. -VERSION=4.4.4.2 +VERSION=4.4.4.3 usage() # $1 = exit status { diff --git a/Shorewall6-lite/install.sh b/Shorewall6-lite/install.sh index 9b0b593cf..11c9b821d 100755 --- a/Shorewall6-lite/install.sh +++ b/Shorewall6-lite/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.4.2 +VERSION=4.4.4.3 usage() # $1 = exit status { diff --git a/Shorewall6-lite/shorewall6-lite.spec b/Shorewall6-lite/shorewall6-lite.spec index c44ebdf17..0a27ff17e 100644 --- a/Shorewall6-lite/shorewall6-lite.spec +++ b/Shorewall6-lite/shorewall6-lite.spec @@ -1,6 +1,6 @@ %define name shorewall6-lite %define version 4.4.4 -%define release 2 +%define release 3 Summary: Shoreline Firewall 6 Lite is an ip6tables-based firewall for Linux systems. Name: %{name} @@ -91,6 +91,8 @@ fi %doc COPYING changelog.txt releasenotes.txt %changelog +* Tue Dec 08 2009 Tom Eastep tom@shorewall.net +- Updated to 4.4.4-3 * Sun Dec 06 2009 Tom Eastep tom@shorewall.net - Updated to 4.4.4-2 * Sat Nov 21 2009 Tom Eastep tom@shorewall.net diff --git a/Shorewall6-lite/uninstall.sh b/Shorewall6-lite/uninstall.sh index 13cd80695..af35c0157 100755 --- a/Shorewall6-lite/uninstall.sh +++ b/Shorewall6-lite/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.4.2 +VERSION=4.4.4.3 usage() # $1 = exit status { diff --git a/Shorewall6/fallback.sh b/Shorewall6/fallback.sh index 5be428620..16477299e 100755 --- a/Shorewall6/fallback.sh +++ b/Shorewall6/fallback.sh @@ -28,7 +28,7 @@ # shown below. Simply run this script to revert to your prior version of # Shoreline Firewall. -VERSION=4.4.4.2 +VERSION=4.4.4.3 usage() # $1 = exit status { diff --git a/Shorewall6/install.sh b/Shorewall6/install.sh index d7beff140..ae760db69 100755 --- a/Shorewall6/install.sh +++ b/Shorewall6/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.4.2 +VERSION=4.4.4.3 usage() # $1 = exit status { diff --git a/Shorewall6/shorewall6.spec b/Shorewall6/shorewall6.spec index 6f2cd3bef..128b965cc 100644 --- a/Shorewall6/shorewall6.spec +++ b/Shorewall6/shorewall6.spec @@ -1,6 +1,6 @@ %define name shorewall6 %define version 4.4.4 -%define release 2 +%define release 3 Summary: Shoreline Firewall 6 is an ip6tables-based firewall for Linux systems. Name: %{name} @@ -95,6 +95,8 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn ipv6 Samples6 %changelog +* Tue Dec 08 2009 Tom Eastep tom@shorewall.net +- Updated to 4.4.4-3 * Sun Dec 06 2009 Tom Eastep tom@shorewall.net - Updated to 4.4.4-2 * Sat Nov 21 2009 Tom Eastep tom@shorewall.net diff --git a/Shorewall6/uninstall.sh b/Shorewall6/uninstall.sh index 566514198..c354dddc6 100755 --- a/Shorewall6/uninstall.sh +++ b/Shorewall6/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.4.2 +VERSION=4.4.4.3 usage() # $1 = exit status {