From 49944c7d9a351740a4aec8d201bd7a53f0afe1ef Mon Sep 17 00:00:00 2001 From: teastep Date: Sun, 16 Jun 2002 14:26:31 +0000 Subject: [PATCH] Update changelog and release notes git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@75 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall/changelog.txt | 10 +++++++++- Shorewall/fallback.sh | 14 +++++++++----- Shorewall/releasenotes.txt | 16 ++++++++++++++-- Shorewall/shorewall.spec | 7 +++++-- 4 files changed, 37 insertions(+), 10 deletions(-) diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index b33e1b54c..d4c555118 100755 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -1,9 +1,17 @@ -Changes since 1.3.0 +Changes since 1.3.1 1. Corrected double-counting of SYN packets. 2. Added IANA reserved addresses to the rfc1918 file. 3. Added MULTIPORT support. 4. Added "logwatch" command to /sbin/shorewall. +5. Added "drop", "reject", "allow" and "save" commands to +/sbin/shorewall +6. Moved the "firewall", "version" and "functions" files to +/var/lib/shorewall. +7. Include workaround for ICMP kernel bug in the firewall script. +8. Fixed a bug in find_interfaces_by_option() whereby that +function was only returning the first inteface with the passed option. + diff --git a/Shorewall/fallback.sh b/Shorewall/fallback.sh index d965af188..6f9640afc 100755 --- a/Shorewall/fallback.sh +++ b/Shorewall/fallback.sh @@ -49,7 +49,8 @@ restore_file() # $1 = file to restore fi } -if [ ! -f /var/lib/shorewall/version-${VERSION}.bkout ]; then +if [ ! -f /var/lib/shorewall/version-${VERSION}.bkout -a \ + ! -f /etc/shorewall/version-${VERSION}.bkout ]; then echo "Shorewall Version $VERSION is not installed" exit 1 fi @@ -106,10 +107,13 @@ restore_file /etc/shorewall/whitelist restore_file /etc/shorewall/rfc1918 -restore_file /etc/shorewall/version -restore_file /var/lib/shorewall/version - -oldversion="`cat /var/lib/shorewall/version`" +if [ -f /var/lib/shorewall/version-${VERSION}.bkout ]; then + restore_file /var/shorewall/version + oldversion="`cat /var/lib/shorewall/version`" +else + restore_file /etc/shorewall/version + oldversion="`cat /etc/shorewall/version`" +fi echo "Shorewall Restored to Version $oldversion" diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 854f1aa40..aec1a7ba8 100755 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -5,9 +5,21 @@ In this release: 1. A new "logwatch" command has been added to the /sbin/shorewall program. 2. Shorewall can now take advantage of the Netfilter 'multiport' match - function. + function (kernel configuration option CONFIG_IP_NF_MATCH_MULTIPORT). -3. +3. Dynamic blacklisting is now supported through the use of three new + commands in /sbin/shorewall: + + deny - drop packets from one or more hosts. + reject - reject packets from one or more hosts. + allow - reverse the effect of a prior 'deny' or 'reject' command. + save - save the current dynamic blacklisting settings so that they + will be applied the next time that Shorewall is started. + +4. The 'firewall', 'version' and 'functions' files have been moved from + /etc/shorewall to /var/lib/shorewall. + + diff --git a/Shorewall/shorewall.spec b/Shorewall/shorewall.spec index 818d01d7a..d42dfd45d 100644 --- a/Shorewall/shorewall.spec +++ b/Shorewall/shorewall.spec @@ -1,6 +1,6 @@ %define name shorewall -%define version 1.3 -%define release 2 +%define version 1.3.2 +%define release 1 %define prefix /usr Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. @@ -79,6 +79,9 @@ if [ $1 = 0 ]; then if [ -x /sbin/insserv ]; then /sbin/insserv -r /etc/init.d/s %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel %changelog +* Sat Jun 15 2002 Tom Eastep +- Changed version and release for new convention +- Moved version,firewall and functions to /var/lib/shorewall * Sun Jun 02 2002 Tom Eastep - Changed version to 1.3.2 * Fri May 31 2002 Tom Eastep