From e322b27ddad84e63cfd5a599091b1905b6f2f87c Mon Sep 17 00:00:00 2001 From: teastep Date: Sat, 31 Jan 2004 19:08:27 +0000 Subject: [PATCH] Shorewall 2.0.0 Alpha 1 git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1111 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall2/releasenotes.txt | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) diff --git a/Shorewall2/releasenotes.txt b/Shorewall2/releasenotes.txt index 5b99fadb0..cbb0e2343 100755 --- a/Shorewall2/releasenotes.txt +++ b/Shorewall2/releasenotes.txt @@ -148,8 +148,24 @@ Issues when migrating from Shorewall to Shorewall2: Now, action files created by copying /etc/shorewall2/action.template may now specify a USER and or GROUP name/id in the final column just - like in the rules file. It is thus possible to create actions that - ACCEPT traffic from a list of users and/or groups. + like in the rules file (see below). It is thus possible to create + actions that control traffic from a list of users and/or groups. + + The last column in /etc/shorewall2/rules is now labeled /USER/GROUP + and may contain: + + [!][:] + [!][:] + [!]: + [!]: + [!]: + [!]: + [!]: + [!]: + +7) It is no longer possible to specify rate limiting in the ACTION + column of /etc/shorewall2/rules -- you must use the RATE LIMIT + column. New Features: @@ -160,4 +176,11 @@ New Features: option causes smurfs (packets with a broadcast address as their source) to be dropped and optionally logged (based on the setting of a new SMURF_LOG_LEVEL option in shorewall.conf). + +3) fw->fw traffic may now be controlled by Shorewall. There is no need + to define the loopback interface in /etc/shorewall2/interfaces; you + simply add a fw->fw policy and fw->fw rules. If you have neither a + fw->fw policy nor fw->fw rules, all fw->fw traffic is allowed. + +