holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Update softdoc for IMPLICIT_CONTINUE fix

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@5436 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2007-02-23 17:28:49 +00:00
parent 61528abab6
commit 3cc365f54d
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Shorewall/releasenotes.txt
View File

@ -40,6 +40,12 @@ Problems Corrected in 3.4.0 Final
3) If a 'start' or restart' command failed during the compile phase, 3) If a 'start' or restart' command failed during the compile phase,
/sbin/shorewall erroneously returned an exit status of 0. /sbin/shorewall erroneously returned an exit status of 0.
4) If IMPLICIT_CONTINUE=Yes was in effect, then sub-zones received the
implicit CONTINUE policy for their intra-zone traffic (rather than
the implicit ACCEPT policy for such traffic). This could cause
intra-zone traffic to be rejected by rules for one of the
parent zones.
Other Changes in 3.4.0 Final Other Changes in 3.4.0 Final
1) A warning is now issued when 'loose' and 'balance' are specified together 1) A warning is now issued when 'loose' and 'balance' are specified together
@ -48,7 +54,9 @@ Other Changes in 3.4.0 Final
2) If the 'setkey' program is installed, then the IPSEC SPD and SAD 2) If the 'setkey' program is installed, then the IPSEC SPD and SAD
are displayed in the output of "shorewall[-lite] dump. All key are displayed in the output of "shorewall[-lite] dump. All key
information (E: and A: lines) is suppressed in the command output. information (E: and A: lines) is suppressed in the command output
so that the output of "dump" cannot be used to breach IPSEC
security.
Migration Considerations: Migration Considerations: