This is a minor release of Shorewall. Problems Corrected: 1) There were several cases where Shorewall would fail to remove a temporary directory from /tmp. These cases have been corrected. 2) The rules for allowing all traffic via the loopback interface have been moved to before the rule that drops status=INVALID packets. This insures that all loopback traffic is allowed even if Netfilter connection tracking is confused. New Features: 1) IPV6-IPV4 (6to4) tunnels are now supported in the /etc/shorewall/tunnels file. 2) Shorewall can now be easily integrated with fireparse (http://www.fireparse.com) by setting LOGMARKER="fp=" in /etc/shorewall/shorewall.conf. Note: You may not use ULOG with fireparse unless you modify fireparse. 3) If you are running iptables 1.2.7a and kernel 2.4.20, then Shorewall will return reject replies as follows: a) tcp - RST b) udp - ICMP port unreachable c) icmp - ICMP host unreachable d) Otherwise - ICMP host prohibited If you are running earlier software, Shorewall will follow it's traditional convention: a) tcp - RST b) Otherwise - ICMP port unreachable 4) UDP Port 135 is now silently dropped in the common.def chain.