forked from extern/shorewall_code
50c1896c37
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@8622 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
212 lines
4.3 KiB
Plaintext
212 lines
4.3 KiB
Plaintext
Changes in 4.2.0-Beta3
|
|
|
|
1) Fix ip_forwarding vs the 'restore' command.
|
|
|
|
2) Don't assume -f in /etc/init.d/shorewall-lite
|
|
|
|
3) Implement USE_DEFAULT_RT
|
|
|
|
4) Add -f option to the restart command.
|
|
|
|
5) Fix COPY column.
|
|
|
|
Changes in 4.2.0-Beta2
|
|
|
|
1) Only issue a warning on RFC 1918 violation.
|
|
|
|
2) Implement 'save' user exit.
|
|
|
|
3) HELPER column in tcrules.
|
|
|
|
4) De-implement DYNAMIC_ZONES=Yes in Shorewall-perl.
|
|
|
|
5) Allow !+setname.
|
|
|
|
6) Add macro.Mail.
|
|
|
|
Changes in 4.2.0-Beta1
|
|
|
|
1) Fix handling of firewall marks.
|
|
|
|
2) Allow upper-case A-F in hex representation of MARK in tcclasses.
|
|
|
|
3) De-implement DYNAMIC_ZONES=Yes in Shorewall-perl and fix it in
|
|
Shorewall-shell.
|
|
|
|
Changes in 4.1.8
|
|
|
|
1) Fix some parsing issues with absurd configurations.
|
|
|
|
2) Undo routing changes applied by "NULL_ROUTE_RFC1918=Yes".
|
|
|
|
3) Improvements in parsing.
|
|
|
|
4) Add the -p option to start and stop
|
|
|
|
5) Allow installers to run under Cygwin without extra parameters.
|
|
|
|
6) Add -p option to 'start' and 'restart' commands.
|
|
|
|
Changes in 4.1.7
|
|
|
|
1) Fix port verification.
|
|
|
|
2) Fix number of columns calculation.
|
|
|
|
3) Allow user exits to detect gateway.
|
|
|
|
4) Add CONNBYTES column to tcrules.
|
|
|
|
5) Fix a couple of 4.1.6 bugs.
|
|
|
|
6) Add MANGLE_ENABLED option.
|
|
|
|
7) Fix priority mingling in tc filters.
|
|
|
|
8) Fix ":" parsing errors.
|
|
|
|
9) Add ORIGINAL DEST column to macros.
|
|
|
|
10) Add NULL_ROUTE_RFC1918 option.
|
|
|
|
11) Defer enabling of forwarding until rules are in place.
|
|
|
|
12) Merge Tuomo's SANE support patch.
|
|
|
|
13) Fix silly duplicate-rule error.
|
|
|
|
14) Fix IPSEC host entry with DYNAMIC_ZONES=Yes
|
|
|
|
15) Use the OPTIONS variable from /etc/default/shorewall[-lite] on Debian.
|
|
|
|
Changes in 4.1.6
|
|
|
|
1) Deprecate IMPLICIT_CONTINUE=Yes
|
|
|
|
2) Add REDIRECTED INTERFACES column to tcdevices.
|
|
|
|
3) Add L2TP tunnel support.
|
|
|
|
4) Add support for IFB devices -- phase I.
|
|
|
|
5) Add support for IFB devices -- phase II.
|
|
|
|
Changes in 4.1.5
|
|
|
|
1) More ruleset optimization.
|
|
|
|
2) Make LOG_MARTIANS=Yes the default.
|
|
|
|
3) Update modules file for 2.6.25.
|
|
|
|
4) Restore 3.4 code to work around busybox limination.
|
|
|
|
5) Add restriction handling in tcrules file.
|
|
|
|
6) Fix designator table in Tc.pm.
|
|
|
|
7) Generate an error when mac match is used in the POSTROUTING or
|
|
OUTPUT chains.
|
|
|
|
8) Add 'BROKEN_ROUTING' option.
|
|
|
|
9) Automatic macro comments.
|
|
|
|
10) But make automatic macro comments optional.
|
|
|
|
Changes in 4.1.4
|
|
|
|
1) Fix do_test() to accept 0 and to use the same mask as
|
|
Shorewall-shell
|
|
|
|
2) The compilation date recorded in the firewall.conf file produced by
|
|
Shorewall-perl was previously mangled.
|
|
|
|
3) Don't fully populate /etc/shorewall under Cygwin
|
|
|
|
4) Fix the DNAT/REDIRECT fiasco.
|
|
|
|
5) Allow interface lists in the masq and nat files.
|
|
|
|
6) Allow loose match of interface names used in masq, nat and netmap.
|
|
|
|
7) Allow loose match of interface names in match_source_dev().
|
|
|
|
8) Implement 'sourceonly' host entry option.
|
|
|
|
9) Make all non-firewall zones "complex".
|
|
|
|
Changes in 4.1.3
|
|
|
|
1) Fix NFLOG/ULOG upcasing problem.
|
|
|
|
2) Fix STARTUP_LOG without LOG_VERBOSITY.
|
|
|
|
3) Fix LOG_VERBOSITY without STARTUP_LOG.
|
|
|
|
4) Fall back to /bin/sh if SHOREWALL_SHELL isn't viable.
|
|
|
|
5) Fix mis-handling of <interface>:<mac>
|
|
|
|
6) Add better diagnostic when not running as root.
|
|
|
|
7) Detect lack of interfaces and IPv4 zones.
|
|
|
|
8) Classify marked traffic using tc filter rules.
|
|
|
|
9) Allow installation on Cygwin.
|
|
|
|
Changes in 4.1.2
|
|
|
|
1) Enhanced Operational Logging
|
|
|
|
2) Fix undefined value when config file missing.
|
|
|
|
3) Handle exit status 4 from iptables.
|
|
|
|
4) Fix formatting of macro headings (again).
|
|
|
|
5) Update sample shorewall.conf files with new options.
|
|
|
|
6) Correct Jabber macro names.
|
|
|
|
7) Tighten up HIGH_ROUTE_MARKS in the OUTPUT chain.
|
|
|
|
8) Add 'nomarks' OPTION to tcdevices.
|
|
|
|
9) Add COMMENTs to macros.
|
|
|
|
Changes in 4.1.1
|
|
|
|
1) Fix ULOG/NFLOG output.
|
|
|
|
2) Fix NFQUEUE(<queue-num>) in Policy file.
|
|
|
|
3) Allow specifying an address in the Providers file.
|
|
|
|
Changes in 4.1.0.
|
|
|
|
1) Add 'shared' provider option.
|
|
|
|
2) Allow refresh of entire table and refresh mangle by default.
|
|
|
|
3) Add NFLOG support.
|
|
|
|
4) Implement alternative syntax for params.
|
|
|
|
5) Add support for embedded shell and Perl scripts.
|
|
|
|
6) Add support for manual chains.
|
|
|
|
7) Don't require GATEWAY in tunnels file.
|
|
|
|
8) Fix HIGH_ROUTE_MARKS fsck-up.
|
|
|
|
9) Fix Makefiles for VARDIR
|
|
|
|
10) Add -t option to hits command.
|
|
|
|
11) Add DONT_LOAD option
|
|
|
|
12) Add support for --random.
|