holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Document optimization 2 fix.

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2010-04-22 11:51:17 -07:00
parent 4c6df657da
commit b9c303cf92
3 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Shorewall/changelog.txt
View File

@ -1,3 +1,7 @@
Changes in Shorewall 4.4.8.4
1) Restore lone ACCEPT rule to the OUTPUT chain under OPTIMIZE 2.
Changes in Shorewall 4.4.8.3
1) Make wildcard interfaces play well with optimize 4.

23
Shorewall/known_problems.txt
View File

@ -1,3 +1,5 @@
Known problems in Shorewall 4.4.8
1) Logical interface names in the EXTERNAL column of
/etc/shorewall/proxyarp were previously not mapped to their
corresponding physical interface names. This could cause 'start' or
@ -37,3 +39,24 @@
Corrected in Shorewall 4.4.8.2
6) Wildcard interface names (those ending in '+') can result in
iptables-restore failure with optimize 4.
Corrected in Shorewall 4.4.8.3
7) Invalid iptables-restore input involving the 'tcpre'
mangle chain is possible with optimize 4.
Corrected in Shorewall 4.4.8.3
8) A couple of fixes to the 4.4.8.2 change for startup log naming are
included. The main symptom occurred on Debian systems where perl
reported that /etc/shorewall.conf did not exist.
Corrected in Shorewall 4.4.8.3
9) If OPTIMIZE 2 and there are no OUTPUT rules and the only effective
output policy is $FW->all ACCEPT, then the OUTPUT chain is empty
and no packets can be sent.
Corrected in Shorewall 4.4.8.4

7
Shorewall/releasenotes.txt
View File

@ -1,5 +1,5 @@
----------------------------------------------------------------------------
S H O R E W A L L 4 . 4 . 8 . 3
S H O R E W A L L 4 . 4 . 8 . 4
----------------------------------------------------------------------------
I. RELEASE 4.4 HIGHLIGHTS
@ -217,6 +217,11 @@ VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
----------------------------------------------------------------------------
I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
4.4.8.4
1) If OPTIMIZE 2 and there were no OUTPUT rules and the only effective
output policy was $FW->all ACCEPT, then the OUTPUT chain was empty
and no packets could be sent.
4.4.8.3