From 8f0fa05eb10a5fccf125f1259c2304ec0d629ab4 Mon Sep 17 00:00:00 2001 From: Tom Eastep Date: Mon, 28 Dec 2009 10:45:14 -0800 Subject: [PATCH] Prepare 4.4.5.5 --- Shorewall-lite/fallback.sh | 2 +- Shorewall-lite/install.sh | 2 +- Shorewall-lite/shorewall-lite.spec | 4 +++- Shorewall-lite/uninstall.sh | 2 +- Shorewall/Perl/Shorewall/Config.pm | 2 +- Shorewall/changelog.txt | 4 ++++ Shorewall/install.sh | 2 +- Shorewall/known_problems.txt | 8 ++++++++ Shorewall/releasenotes.txt | 9 ++++++++- Shorewall/shorewall.spec | 4 +++- Shorewall/uninstall.sh | 2 +- Shorewall6-lite/fallback.sh | 2 +- Shorewall6-lite/install.sh | 2 +- Shorewall6-lite/shorewall6-lite.spec | 4 +++- Shorewall6-lite/uninstall.sh | 2 +- Shorewall6/fallback.sh | 2 +- Shorewall6/install.sh | 2 +- Shorewall6/shorewall6.spec | 4 +++- Shorewall6/uninstall.sh | 2 +- 19 files changed, 44 insertions(+), 17 deletions(-) diff --git a/Shorewall-lite/fallback.sh b/Shorewall-lite/fallback.sh index 9838b8ee9..26b8cc081 100755 --- a/Shorewall-lite/fallback.sh +++ b/Shorewall-lite/fallback.sh @@ -28,7 +28,7 @@ # shown below. Simply run this script to revert to your prior version of # Shoreline Firewall. -VERSION=4.4.5.4 +VERSION=4.4.5.5 usage() # $1 = exit status { diff --git a/Shorewall-lite/install.sh b/Shorewall-lite/install.sh index 1053fd51a..dea50113a 100755 --- a/Shorewall-lite/install.sh +++ b/Shorewall-lite/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.5.4 +VERSION=4.4.5.5 usage() # $1 = exit status { diff --git a/Shorewall-lite/shorewall-lite.spec b/Shorewall-lite/shorewall-lite.spec index cb4d7bb56..d3fb99703 100644 --- a/Shorewall-lite/shorewall-lite.spec +++ b/Shorewall-lite/shorewall-lite.spec @@ -1,6 +1,6 @@ %define name shorewall-lite %define version 4.4.5 -%define release 4 +%define release 5 Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems. Name: %{name} @@ -100,6 +100,8 @@ fi %doc COPYING changelog.txt releasenotes.txt %changelog +* Mon Dec 28 2009 Tom Eastep tom@shorewall.net +- Updated to 4.4.5-5 * Thu Dec 24 2009 Tom Eastep tom@shorewall.net - Updated to 4.4.5-4 * Thu Dec 24 2009 Tom Eastep tom@shorewall.net diff --git a/Shorewall-lite/uninstall.sh b/Shorewall-lite/uninstall.sh index c8bcbae95..217d00f31 100755 --- a/Shorewall-lite/uninstall.sh +++ b/Shorewall-lite/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.5.4 +VERSION=4.4.5.5 usage() # $1 = exit status { diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm index b9e301af7..6e02a19a0 100644 --- a/Shorewall/Perl/Shorewall/Config.pm +++ b/Shorewall/Perl/Shorewall/Config.pm @@ -328,7 +328,7 @@ sub initialize( $ ) { TC_SCRIPT => '', EXPORT => 0, UNTRACKED => 0, - VERSION => "4.4.5.4", + VERSION => "4.4.5.5", CAPVERSION => 40406 , ); diff --git a/Shorewall/changelog.txt b/Shorewall/changelog.txt index 656374826..86ed455eb 100644 --- a/Shorewall/changelog.txt +++ b/Shorewall/changelog.txt @@ -1,3 +1,7 @@ +Changes in Shorewall 4.4.5.5 + +1) Prevent jump to non-existant chain. + Changes in Shorewall 4.4.5.4 1) Fix breakage in Shorewall6 'forward' interface option. diff --git a/Shorewall/install.sh b/Shorewall/install.sh index 7832cd52a..95babe82d 100755 --- a/Shorewall/install.sh +++ b/Shorewall/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.5.4 +VERSION=4.4.5.5 usage() # $1 = exit status { diff --git a/Shorewall/known_problems.txt b/Shorewall/known_problems.txt index 78cf1c34b..5fbb15bdc 100644 --- a/Shorewall/known_problems.txt +++ b/Shorewall/known_problems.txt @@ -46,3 +46,11 @@ Corrected in 4.4.5.4. +6) Under rare and not fully-understood circumstances, the Netfilter + ruleset generated by Shorewall can include jumps to non-exitent + chains. This problem was apparently introduced between 4.4.0 and + 4.4.5. + + Corrected in 4.4.5.5. + + diff --git a/Shorewall/releasenotes.txt b/Shorewall/releasenotes.txt index 9105fabc6..e94d82f3f 100644 --- a/Shorewall/releasenotes.txt +++ b/Shorewall/releasenotes.txt @@ -1,4 +1,4 @@ -Shorewall 4.4.5 Patch Release 4. +Shorewall 4.4.5 Patch Release 5. ---------------------------------------------------------------------------- R E L E A S E 4 . 4 H I G H L I G H T S @@ -169,6 +169,13 @@ Shorewall 4.4.5 Patch Release 4. now, if the zone has :0.0.0.0/0 (even with exclusions), then it may have no additional members in /etc/shorewall/hosts. +---------------------------------------------------------------------------- + P R O B L E M S C O R R E C T E D I N 4 . 4 . 5 . 5 +---------------------------------------------------------------------------- + +1) Under rare circumstances, the Netfilter ruleset generated by + Shorewall could include jumps to non-exitent chains. + ---------------------------------------------------------------------------- P R O B L E M S C O R R E C T E D I N 4 . 4 . 5 . 4 ---------------------------------------------------------------------------- diff --git a/Shorewall/shorewall.spec b/Shorewall/shorewall.spec index 6944b6820..2a137de08 100644 --- a/Shorewall/shorewall.spec +++ b/Shorewall/shorewall.spec @@ -1,6 +1,6 @@ %define name shorewall %define version 4.4.5 -%define release 4 +%define release 5 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. Name: %{name} @@ -106,6 +106,8 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples %changelog +* Mon Dec 28 2009 Tom Eastep tom@shorewall.net +- Updated to 4.4.5-5 * Thu Dec 24 2009 Tom Eastep tom@shorewall.net - Updated to 4.4.5-4 * Thu Dec 24 2009 Tom Eastep tom@shorewall.net diff --git a/Shorewall/uninstall.sh b/Shorewall/uninstall.sh index 77eb21d7d..16d451302 100755 --- a/Shorewall/uninstall.sh +++ b/Shorewall/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.5.4 +VERSION=4.4.5.5 usage() # $1 = exit status { diff --git a/Shorewall6-lite/fallback.sh b/Shorewall6-lite/fallback.sh index 9838b8ee9..26b8cc081 100755 --- a/Shorewall6-lite/fallback.sh +++ b/Shorewall6-lite/fallback.sh @@ -28,7 +28,7 @@ # shown below. Simply run this script to revert to your prior version of # Shoreline Firewall. -VERSION=4.4.5.4 +VERSION=4.4.5.5 usage() # $1 = exit status { diff --git a/Shorewall6-lite/install.sh b/Shorewall6-lite/install.sh index 59efbacb2..21b4a7410 100755 --- a/Shorewall6-lite/install.sh +++ b/Shorewall6-lite/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.5.4 +VERSION=4.4.5.5 usage() # $1 = exit status { diff --git a/Shorewall6-lite/shorewall6-lite.spec b/Shorewall6-lite/shorewall6-lite.spec index 37caa265d..6aabb6bbb 100644 --- a/Shorewall6-lite/shorewall6-lite.spec +++ b/Shorewall6-lite/shorewall6-lite.spec @@ -1,6 +1,6 @@ %define name shorewall6-lite %define version 4.4.5 -%define release 4 +%define release 5 Summary: Shoreline Firewall 6 Lite is an ip6tables-based firewall for Linux systems. Name: %{name} @@ -91,6 +91,8 @@ fi %doc COPYING changelog.txt releasenotes.txt %changelog +* Mon Dec 28 2009 Tom Eastep tom@shorewall.net +- Updated to 4.4.5-5 * Thu Dec 24 2009 Tom Eastep tom@shorewall.net - Updated to 4.4.5-4 * Thu Dec 24 2009 Tom Eastep tom@shorewall.net diff --git a/Shorewall6-lite/uninstall.sh b/Shorewall6-lite/uninstall.sh index e74508fcf..db354bb30 100755 --- a/Shorewall6-lite/uninstall.sh +++ b/Shorewall6-lite/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.5.4 +VERSION=4.4.5.5 usage() # $1 = exit status { diff --git a/Shorewall6/fallback.sh b/Shorewall6/fallback.sh index cd058ea02..126401757 100755 --- a/Shorewall6/fallback.sh +++ b/Shorewall6/fallback.sh @@ -28,7 +28,7 @@ # shown below. Simply run this script to revert to your prior version of # Shoreline Firewall. -VERSION=4.4.5.4 +VERSION=4.4.5.5 usage() # $1 = exit status { diff --git a/Shorewall6/install.sh b/Shorewall6/install.sh index 1ee341598..a18f64c8d 100755 --- a/Shorewall6/install.sh +++ b/Shorewall6/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.4.5.4 +VERSION=4.4.5.5 usage() # $1 = exit status { diff --git a/Shorewall6/shorewall6.spec b/Shorewall6/shorewall6.spec index 6ed938673..674349556 100644 --- a/Shorewall6/shorewall6.spec +++ b/Shorewall6/shorewall6.spec @@ -1,6 +1,6 @@ %define name shorewall6 %define version 4.4.5 -%define release 4 +%define release 5 Summary: Shoreline Firewall 6 is an ip6tables-based firewall for Linux systems. Name: %{name} @@ -95,6 +95,8 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn ipv6 Samples6 %changelog +* Mon Dec 28 2009 Tom Eastep tom@shorewall.net +- Updated to 4.4.5-5 * Thu Dec 24 2009 Tom Eastep tom@shorewall.net - Updated to 4.4.5-4 * Thu Dec 24 2009 Tom Eastep tom@shorewall.net diff --git a/Shorewall6/uninstall.sh b/Shorewall6/uninstall.sh index f95c16d5e..f096ca51d 100755 --- a/Shorewall6/uninstall.sh +++ b/Shorewall6/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.4.5.4 +VERSION=4.4.5.5 usage() # $1 = exit status {