From 7630bace2845cd901719255e8fe931c2fad14b49 Mon Sep 17 00:00:00 2001 From: teastep Date: Mon, 24 Oct 2005 19:43:53 +0000 Subject: [PATCH] Remove ROUTE target detections/reporting git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@2923 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall/changelog.txt | 4 ++++ Shorewall/functions | 3 --- Shorewall/releasenotes.txt | 31 +++++++++---------------------- 3 files changed, 13 insertions(+), 25 deletions(-) diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index 4e8f187aa..a6adb969b 100755 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -1,3 +1,7 @@ +Changes in 3.0.0 RC 3. + +1) ROUTE target removed from capabilities. + Changes in 3.0.0 RC 2. 1) Fix support for OpenVPN and tcp. diff --git a/Shorewall/functions b/Shorewall/functions index 727662771..51df1213d 100755 --- a/Shorewall/functions +++ b/Shorewall/functions @@ -893,7 +893,6 @@ determine_capabilities() { RECENT_MATCH= OWNER_MATCH= IPSET_MATCH= - ROUTE_TARGET= XMARK= CONNMARK= CONNMARK_MATCH= @@ -914,7 +913,6 @@ determine_capabilities() { qt $IPTABLES -A fooX1234 -p tcp -m ipp2p --ipp2p -j ACCEPT && IPP2P_MATCH=Yes qt $IPTABLES -t mangle -N fooX1234 - qt $IPTABLES -t mangle -A fooX1234 -j ROUTE --oif eth0 && ROUTE_TARGET=Yes qt $IPTABLES -t mangle -A fooX1234 -j MARK --or-mark 2 && XMARK=Yes qt $IPTABLES -t mangle -A fooX1234 -j CONNMARK --save-mark && CONNMARK=Yes qt $IPTABLES -t mangle -A fooX1234 -j CLASSIFY --set-class 1:1 && CLASSIFY_TARGET=Yes @@ -965,7 +963,6 @@ report_capabilities() { report_capability "Recent Match" $RECENT_MATCH report_capability "Owner Match" $OWNER_MATCH report_capability "Ipset Match" $IPSET_MATCH - report_capability "ROUTE Target" $ROUTE_TARGET report_capability "Extended MARK Target" $XMARK report_capability "CONNMARK Target" $CONNMARK report_capability "Connmark Match" $CONNMARK_MATCH diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 6e1ea46a8..a80a38ed2 100755 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -1,26 +1,10 @@ -Shorewall 3.0.0 RC 2. +Shorewall 3.0.0 RC 3. -Problems Corrected in 3.0.0 RC 2: +Problems Corrected in 3.0.0 RC 3: -1) Support for OpenVPN TCP tunnels was released in Shorewall 2.2.0 but the - implementation was incomplete. It has now been completed and is - documented in the /etc/shorewall/tunnels file. - -2) When running on older kernels, the following message could be issued - during "shorewall start": - - /usr/share/shorewall/firewall: line 1: \ - /proc/sys/net/ipv4/conf/all/arp_ignore: No such file or directory - -3) The /etc/shorewall/interfaces now clarifies that multiple interfaces - to a zone are supported. - -New Features in Shorewall 3.0.0 RC 2: - -1) The sample configurations are now packaged with the product. They are - in the Samples directory on the tarball and are in the RPM they are - in the Samples sub-directory of the Shorewall documentation - directory. +1) Shorewall no longer has any functionality that is dependent on the + Netfilter ROUTE target so detection and reporting of that target + has been removed. Migration Considerations: @@ -572,4 +556,7 @@ New Features in Shorewall 3.0.* the REJECT target may not be used in the PREROUTING chain, the settings MACLIST_DISPOSITION=REJECT and MACLIST_TABLE=mangle are incompatible. - +28) The sample configurations are now packaged with the product. They are + in the Samples directory on the tarball and are in the RPM they are + in the Samples sub-directory of the Shorewall documentation + directory.