holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Final 1.3.5 changes

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@145 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2002-07-22 01:51:19 +00:00
parent 90e2520f1c
commit a3ad85d24e
3 changed files with 17 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
Shorewall/changelog.txt
View File

@ -1,9 +1,8 @@
Changes since 1.3.3 Changes since 1.3.4
1. DETECT_IPADDRS Parameter Added. 1. Empty source and destination qualifiers are now detected in the
rules file.
2. Renamed DETECT_IPADDRS to DETECT_DNAT_IPADDRS 2. Added MERGE_HOSTS variable in shorewall.conf to provide saner
behavior of the /etc/shorewall/hosts file.
3. Correct policy file zone validateion during [re]start.
4. Add 'routestopped' file.

21
Shorewall/releasenotes.txt
View File

@ -2,22 +2,9 @@ This is a minor release of Shorewall.
In this release: In this release:
1. A new /etc/shorewall/routestopped file has been added. This file is 1. Empty source and destination qualifiers are now detected in the
intended to eventually replace the routestopped option in the rules file.
/etc/shorewall/interface and /etc/ shorewall/hosts files. This new
file makes remote firewall administration easier by allowing any IP
or subnet to be enabled while Shorewall is stopped.
2. An /etc/shorewall/stopped extension script has been added. This 2. Added MERGE_HOSTS variable in shorewall.conf to provide saner
script is invoked after Shorewall has stopped. behavior of the /etc/shorewall/hosts file.
3. A DETECT_DNAT_ADDRS option has been added to
/etc/shoreall/shorewall.conf. When this option is selected, DNAT
rules only apply when the destination address is the external
interface's primary IP address.
4. The QuickStart Guide has been broken into three guides and has been
almost entirely rewritten.
5. The Samples have been updated to reflect the new capabilities in
this release.

13
Shorewall/shorewall.conf
View File

@ -18,7 +18,7 @@ FW=fw
# Set this to the name of the lock file expected by your init scripts. For # Set this to the name of the lock file expected by your init scripts. For
# RedHat, this should be /var/lock/subsys/shorewall. On Debian, it # RedHat, this should be /var/lock/subsys/shorewall. On Debian, it
# should be /var/state/shorewall. If your init scripts don't use lock files, # should be /var/state/shorewall. If your init scripts don't use lock files,
# set -this to "". # set this to "".
# #
SUBSYSLOCK=/var/lock/subsys/shorewall SUBSYSLOCK=/var/lock/subsys/shorewall
@ -274,17 +274,20 @@ DETECT_DNAT_IPADDRS=No
# #
# Interfaces: # Interfaces:
# #
# loc eth2 # net eth0
# loc eth1
# - ppp+ # - ppp+
# #
# Hosts: # Hosts:
# #
# loc ppp+:192.168.1.0/24 # loc ppp+:192.168.1.0/24
# wrk ppp+:!192.168.1.0/24
# #
# With MERGE_HOSTS=No or unspecified, the contents of the 'loc' zone # With MERGE_HOSTS=No, the contents of the 'loc' zone would be just
# would be just ppp+:192.168.1.0/24. With MERGE_HOSTS=Yes, the # ppp+:192.168.1.0/24. With MERGE_HOSTS=Yes, the contents would be
# contents would be ppp+:192.168.1.0 and eth2:0.0.0.0/0 # ppp+:192.168.1.0 and eth1:0.0.0.0/0
# #
# If this variable is not set or is set to the empty value, "No" is assumed.
MERGE_HOSTS=Yes MERGE_HOSTS=Yes