forked from extern/shorewall_code
26 lines
852 B
Plaintext
26 lines
852 B
Plaintext
1) On systems running Upstart, shorewall-init cannot reliably start the
|
|
firewall before interfaces are brought up.
|
|
|
|
2) The date/time formatting in the STARTUP_LOG is not uniform.
|
|
|
|
Fixed in 4.4.13.1
|
|
|
|
3) The blacklisting change in 4.4.13 broke blacklisting in some simple
|
|
configurations with the effect that blacklisting was not enabled.
|
|
|
|
Fixed in 4.4.13.1
|
|
|
|
The issue may also be worked around is follows.
|
|
|
|
If you currently have an entry similar to this in
|
|
/etc/shorewall/interfaces:
|
|
|
|
#ZONE INTERFACE BROADCAST OPTIONS
|
|
net eth0 detect blacklist,...
|
|
|
|
then remove the 'blacklist' option from that entry and change the
|
|
'net' entry in /etc/shorewall/zones as follows:
|
|
|
|
#ZONE TYPE OPTIONS IN_OPTIONS
|
|
net ipv4 - blacklist
|