forked from extern/shorewall_code
Document known/corrected problems.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
3964f3f152
commit
c77bae3761
@ -1,3 +1,7 @@
|
||||
Changes in Shorewall 4.4.12.3
|
||||
|
||||
1) Correct SAME
|
||||
|
||||
Changes in Shorewall 4.4.12.2
|
||||
|
||||
1) Add tweak to 4.4.12.1 optimization fix.
|
||||
|
@ -35,3 +35,18 @@
|
||||
generate valid but incorrect iptables (ip6tables) input.
|
||||
|
||||
Corrected in Shorewall 4.4.12.2 -- these rules are now disallowed.
|
||||
|
||||
9) When a comma-separated list of 'src' and/or 'dst' was specified in
|
||||
an ipset invocation (e.g., "+fooset[src,src]), all but the first 'src'
|
||||
or 'dst' was previously ignored when generating the resulting
|
||||
iptables rule.
|
||||
|
||||
Workaround: If you simply need src,src or dst,dst, you can use the
|
||||
alternative syntax. Instead of +fooset[src,src], use +fooset[2] in
|
||||
the SOURCE column or +fooset[2] in the DEST column.
|
||||
|
||||
10) Since Shorewall 4.4.9, the SAME target in tcrules has generated
|
||||
invalid iptables-restore (ip6tables-restore) input.
|
||||
|
||||
Workaround: None Available. Will be corrected in Shorewall 4.4.13.
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
----------------------------------------------------------------------------
|
||||
S H O R E W A L L 4 . 4 . 1 2 . 2
|
||||
S H O R E W A L L 4 . 4 . 1 2 . 3
|
||||
----------------------------------------------------------------------------
|
||||
|
||||
I. RELEASE 4.4 HIGHLIGHTS
|
||||
@ -224,6 +224,13 @@ VI. PROBLEMS CORRECTED AND NEW FEATURES IN PRIOR RELEASES
|
||||
I I I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
|
||||
----------------------------------------------------------------------------
|
||||
|
||||
4.4.12.3
|
||||
|
||||
1) When a comma-separated list of 'src' and/or 'dst' was specified in
|
||||
an ipset invocation (e.g., "+fooset[src,src]), all but the first 'src'
|
||||
or 'dst' was previously ignored when generating the resulting
|
||||
iptables rule.
|
||||
|
||||
4.4.12.2
|
||||
|
||||
1) Earlier releases allowed CONTINUE rules with exclusion. These rules
|
||||
|
Loading…
Reference in New Issue
Block a user