forked from extern/shorewall_code
3ede79187f
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1593 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
63 lines
1.4 KiB
Plaintext
63 lines
1.4 KiB
Plaintext
Changes since 2.0.3
|
|
|
|
1) Fix security vulnerability involving temporary files/directories.
|
|
|
|
2) Hack security fix so that it works under Slackware.
|
|
|
|
3) Correct mktempfile() for case where mktemp isn't installed.
|
|
|
|
4) Implement 'dropInvalid' builtin action.
|
|
|
|
5) Fix logging nat rules.
|
|
|
|
6) Fix COMMAND typos.
|
|
|
|
7) Add PKTTYPE option.
|
|
|
|
8) Enhancements to /etc/shorewall/masq
|
|
|
|
8) Allow overriding ADD_IP_ALIASES=Yes
|
|
|
|
9) Fix syntax error in setup_nat()
|
|
|
|
10) Port "shorewall status" changes from 2.0.7.
|
|
|
|
11) All config files are now empty.
|
|
|
|
12) Port blacklisting fix from 2.0.7
|
|
|
|
13) Pass rule chain and display chain separately to log_rule_limit.
|
|
Prep work for action logging.
|
|
|
|
14) Show the iptables/ip/tc command that failed when failure is fatal.
|
|
|
|
15) Implement STARTUP_ENABLED.
|
|
|
|
16) Added DNAT ONLY column to /etc/shorewall/nat.
|
|
|
|
17) Removed SNAT from ORIGINAL DESTINATION column.
|
|
|
|
18) Removed DNAT ONLY column.
|
|
|
|
19) Added IPSEC column to /etc/shorewall/masq.
|
|
|
|
20) No longer enforce source port 500 for ISAKMP.
|
|
|
|
21) Apply policy to interface/host options.
|
|
|
|
22) Fix policy and maclist.
|
|
|
|
23) Implement additional IPSEC options for zones and masq entries.
|
|
|
|
24) Deprecate the -c option in /sbin/shorewall.
|
|
|
|
25) Allow distinct input and output IPSEC parameters.
|
|
|
|
26) Allow source port remapping in /etc/shorewall/masq.
|
|
|
|
27) Include params file on 'restore'
|
|
|
|
28) Apply Richard Musil's patch.
|
|
|
|
29) Correct parsing of PROTO column in setup_tc1().
|