holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Merge branch '4.4.20'

Browse Source
This commit is contained in:
Tom Eastep 2011-06-02 11:44:15 -07:00
commit aa86b65ec3
5 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Shorewall/Perl/Shorewall/Tc.pm
View File

@ -1604,6 +1604,7 @@ sub process_secmark_rule() {
O => 'tcout' , ); O => 'tcout' , );
my %state = ( N => 'NEW' , my %state = ( N => 'NEW' ,
I => 'INVALID',
NI => 'NEW,INVALID', NI => 'NEW,INVALID',
E => 'ESTABLISHED' , E => 'ESTABLISHED' ,
ER => 'ESTABLISHED,RELATED', ER => 'ESTABLISHED,RELATED',

2
Shorewall/changelog.txt
View File

@ -2,7 +2,7 @@ Changes in Shorewall 4.4.20 Final
1) Set /proc/sys/net/bridge/bridge_nf_call_ip6?tables. 1) Set /proc/sys/net/bridge/bridge_nf_call_ip6?tables.
2) Add 'NI' STATE in secmarks. 2) Add 'I' and 'NI' STATEs in secmarks.
Changes in Shorewall 4.4.20 RC 1 Changes in Shorewall 4.4.20 RC 1

3
Shorewall/releasenotes.txt
View File

@ -253,7 +253,8 @@ VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
versions are available in the configfiles directory within the versions are available in the configfiles directory within the
tarball. tarball.
11) The STATE subcolumn of the secmarks file now allow the value 'NI' 11) The STATE subcolumn of the secmarks file now allows the values 'I'
which will match packets in the INVALID state, and 'NI'
which will match packets in either NEW or INVALID state. which will match packets in either NEW or INVALID state.
---------------------------------------------------------------------------- ----------------------------------------------------------------------------

4
manpages/shorewall-secmarks.xml
View File

@ -90,7 +90,7 @@
<varlistentry> <varlistentry>
<term><emphasis role="bold">CHAIN:STATE - <term><emphasis role="bold">CHAIN:STATE -
{P|I|F|O|T}[:{N|NI|E|ER}]</emphasis></term> {P|I|F|O|T}[:{N|I|NI|E|ER}]</emphasis></term>
<listitem> <listitem>
<para>This column determines the CHAIN where the SElinux context is <para>This column determines the CHAIN where the SElinux context is
@ -115,6 +115,8 @@
<simplelist> <simplelist>
<member>:N - NEW connection</member> <member>:N - NEW connection</member>
<member>:I - INVALID connection</member>
<member>:NI - NEW or INVALID connection</member> <member>:NI - NEW or INVALID connection</member>
<member>:E - ESTABLISHED connection</member> <member>:E - ESTABLISHED connection</member>

4
manpages6/shorewall6-secmarks.xml
View File

@ -90,7 +90,7 @@
<varlistentry> <varlistentry>
<term><emphasis role="bold">CHAIN - <term><emphasis role="bold">CHAIN -
{P|I|F|O|T}[:{N|NI|E|ER}]</emphasis></term> {P|I|F|O|T}[:{N|I|NI|E|ER}]</emphasis></term>
<listitem> <listitem>
<simplelist> <simplelist>
@ -112,6 +112,8 @@
<simplelist> <simplelist>
<member>:N - NEW connection</member> <member>:N - NEW connection</member>
<member>:I - INVALID connection</member>
<member>:NI - New or INVALID connection</member> <member>:NI - New or INVALID connection</member>
<member>:E - ESTABLISHED connection</member> <member>:E - ESTABLISHED connection</member>