diff --git a/Shorewall-common/changelog.txt b/Shorewall-common/changelog.txt index 2811eb1cc..48928ba53 100644 --- a/Shorewall-common/changelog.txt +++ b/Shorewall-common/changelog.txt @@ -1,235 +1 @@ -Changes in 4.2.0-RC4 - -1) Fix bashism in handling of options in Debian init script. - -2) Fix invalid syntax in common install.sh. - -Changes in 4.2.0-RC3 - -1) Fix handling of 'all-' in Shorewall-shell. - -2) Fix bashism in handling of options in Debian init script. - -Changes in 4.2.0-RC2 - -1) Don't clear 'balance' when 'loose' and USE_DEFAULT_RT. - -2) Fix conditional track marking. - -Changes in 4.2.0-RC1 - -1) Add NONAT option to entries in /etc/shorewall/masq. - -Changes in 4.2.0-Beta3 - -1) Fix ip_forwarding vs the 'restore' command. - -2) Don't assume -f in /etc/init.d/shorewall-lite - -3) Implement USE_DEFAULT_RT - -4) Add -f option to the restart command. - -5) Fix COPY column. - -6) Add macro.RNDC. - -Changes in 4.2.0-Beta2 - -1) Only issue a warning on RFC 1918 violation. - -2) Implement 'save' user exit. - -3) HELPER column in tcrules. - -4) De-implement DYNAMIC_ZONES=Yes in Shorewall-perl. - -5) Allow !+setname. - -6) Add macro.Mail. - -Changes in 4.2.0-Beta1 - -1) Fix handling of firewall marks. - -2) Allow upper-case A-F in hex representation of MARK in tcclasses. - -3) De-implement DYNAMIC_ZONES=Yes in Shorewall-perl and fix it in - Shorewall-shell. - -Changes in 4.1.8 - -1) Fix some parsing issues with absurd configurations. - -2) Undo routing changes applied by "NULL_ROUTE_RFC1918=Yes". - -3) Improvements in parsing. - -4) Add the -p option to start and stop - -5) Allow installers to run under Cygwin without extra parameters. - -6) Add -p option to 'start' and 'restart' commands. - -Changes in 4.1.7 - -1) Fix port verification. - -2) Fix number of columns calculation. - -3) Allow user exits to detect gateway. - -4) Add CONNBYTES column to tcrules. - -5) Fix a couple of 4.1.6 bugs. - -6) Add MANGLE_ENABLED option. - -7) Fix priority mingling in tc filters. - -8) Fix ":" parsing errors. - -9) Add ORIGINAL DEST column to macros. - -10) Add NULL_ROUTE_RFC1918 option. - -11) Defer enabling of forwarding until rules are in place. - -12) Merge Tuomo's SANE support patch. - -13) Fix silly duplicate-rule error. - -14) Fix IPSEC host entry with DYNAMIC_ZONES=Yes - -15) Use the OPTIONS variable from /etc/default/shorewall[-lite] on Debian. - -Changes in 4.1.6 - -1) Deprecate IMPLICIT_CONTINUE=Yes - -2) Add REDIRECTED INTERFACES column to tcdevices. - -3) Add L2TP tunnel support. - -4) Add support for IFB devices -- phase I. - -5) Add support for IFB devices -- phase II. - -Changes in 4.1.5 - -1) More ruleset optimization. - -2) Make LOG_MARTIANS=Yes the default. - -3) Update modules file for 2.6.25. - -4) Restore 3.4 code to work around busybox limination. - -5) Add restriction handling in tcrules file. - -6) Fix designator table in Tc.pm. - -7) Generate an error when mac match is used in the POSTROUTING or - OUTPUT chains. - -8) Add 'BROKEN_ROUTING' option. - -9) Automatic macro comments. - -10) But make automatic macro comments optional. - -Changes in 4.1.4 - -1) Fix do_test() to accept 0 and to use the same mask as - Shorewall-shell - -2) The compilation date recorded in the firewall.conf file produced by - Shorewall-perl was previously mangled. - -3) Don't fully populate /etc/shorewall under Cygwin - -4) Fix the DNAT/REDIRECT fiasco. - -5) Allow interface lists in the masq and nat files. - -6) Allow loose match of interface names used in masq, nat and netmap. - -7) Allow loose match of interface names in match_source_dev(). - -8) Implement 'sourceonly' host entry option. - -9) Make all non-firewall zones "complex". - -Changes in 4.1.3 - -1) Fix NFLOG/ULOG upcasing problem. - -2) Fix STARTUP_LOG without LOG_VERBOSITY. - -3) Fix LOG_VERBOSITY without STARTUP_LOG. - -4) Fall back to /bin/sh if SHOREWALL_SHELL isn't viable. - -5) Fix mis-handling of : - -6) Add better diagnostic when not running as root. - -7) Detect lack of interfaces and IPv4 zones. - -8) Classify marked traffic using tc filter rules. - -9) Allow installation on Cygwin. - -Changes in 4.1.2 - -1) Enhanced Operational Logging - -2) Fix undefined value when config file missing. - -3) Handle exit status 4 from iptables. - -4) Fix formatting of macro headings (again). - -5) Update sample shorewall.conf files with new options. - -6) Correct Jabber macro names. - -7) Tighten up HIGH_ROUTE_MARKS in the OUTPUT chain. - -8) Add 'nomarks' OPTION to tcdevices. - -9) Add COMMENTs to macros. - -Changes in 4.1.1 - -1) Fix ULOG/NFLOG output. - -2) Fix NFQUEUE() in Policy file. - -3) Allow specifying an address in the Providers file. - -Changes in 4.1.0. - -1) Add 'shared' provider option. - -2) Allow refresh of entire table and refresh mangle by default. - -3) Add NFLOG support. - -4) Implement alternative syntax for params. - -5) Add support for embedded shell and Perl scripts. - -6) Add support for manual chains. - -7) Don't require GATEWAY in tunnels file. - -8) Fix HIGH_ROUTE_MARKS fsck-up. - -9) Fix Makefiles for VARDIR - -10) Add -t option to hits command. - -11) Add DONT_LOAD option - -12) Add support for --random. +Initial release of Shorewall 4.2.0. diff --git a/Shorewall-common/releasenotes.txt b/Shorewall-common/releasenotes.txt index 30230988e..c07fb7f5c 100644 --- a/Shorewall-common/releasenotes.txt +++ b/Shorewall-common/releasenotes.txt @@ -1,4 +1,4 @@ -Shorewall 4.2.0 RC 4. +Shorewall 4.2.0 ---------------------------------------------------------------------------- R E L E A S E 4 . 2 H I G H L I G H T S @@ -78,15 +78,6 @@ Migration Issues. 7) DYNAMIC_ZONES=Yes is no longer supported by Shorewall-perl. Use ipset-based zones instead. -Problems corrected in Shorewall 4.2.0-RC4 - -1) A bashism has been corrected in the init script shipped for Debian - and Debian-like distributions which prevented the proper options - from being passed to /sbin/shorewall or /sbin/shorewall-lite in - some cases. - -2) The install.sh script in shorewall-common contained a syntax error. - New Features in Shorewall 4.2. 1) Shorewall 4.2 contains support for multiple Internet providers