forked from extern/shorewall_code
753cf160e4
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@616 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
28 lines
930 B
Plaintext
Executable File
28 lines
930 B
Plaintext
Executable File
This is a minor release of Shorewall.
|
|
|
|
Problems Corrected:
|
|
|
|
1) A problem seen on RH7.3 systems where Shorewall encountered start
|
|
errors when started using the "service" mechanism has been worked
|
|
around.
|
|
|
|
New Features:
|
|
|
|
1) A 'newnotsyn' interface option has been added. This option may be
|
|
specified in /etc/shorewall/interfaces and overrides the setting
|
|
NEWNOTSYN=No for packets arriving on the associated interface.
|
|
|
|
2) The means for specifying a range of IP addresses in
|
|
/etc/shorewall/masq to use for SNAT is now
|
|
documented. ADD_SNAT_ALIASES=Yes is enabled for address ranges.
|
|
|
|
3) Shorewall can now add IP addresses to subnets other than the first
|
|
one on an interface.
|
|
|
|
4) DNAT[-] rules may now be used to round-robin over a set of
|
|
servers. Up to 256 servers may be specified in a range of addresses
|
|
given as <first address>-<last address>.
|
|
|
|
Example:
|
|
|
|
DNAT net loc:192.168.10.2-192.168.10.5 tcp 80 |