forked from extern/shorewall_code
01a78306cf
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@312 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
28 lines
1.2 KiB
Plaintext
Executable File
28 lines
1.2 KiB
Plaintext
Executable File
This is a minor release of Shorewall that has a number of new features..
|
|
|
|
New features include:
|
|
|
|
1) You may now define the contents of a zone dynamically with the
|
|
"shorewall add" and "shorewall delete" commands. These commands
|
|
are expected to be used primarily within FreeS/Wan updown scripts.
|
|
|
|
2) Shorewall can now do MAC verification on ethernet segments. You can
|
|
specify the set of allowed MAC addresses on the segment and you can
|
|
optionally tie each MAC address to an IP address.
|
|
|
|
3) PPTP Servers and Clients running on the firewall system may now be
|
|
defined in the /etc/shorewall/tunnels file.
|
|
|
|
4) A new 'ipsecnat' tunnel type is supported for use when the remote
|
|
IPSEC endpoint is behind a NAT gateway.
|
|
|
|
5) The PATH used by Shorewall may now be specified in
|
|
/etc/shorewall/shorewall.conf.
|
|
|
|
6) The main firewall script is now /usr/lib/shorewall/firewall. The
|
|
script in /etc/init.d/shorewall is very small and uses
|
|
/sbin/shorewall to do the real work. This change makes custom
|
|
distributions such as for Debian and for Gentoo easier to manage
|
|
since it is /etc/init.d/shorewall that tends to have
|
|
distribution-dependent code.
|