[Shorewall-users] Shorewall 5.1.11 Beta 2

Fri, 05 Jan 2018 11:26:43 -0800 

Shorewall 5.1.11 Beta 2 is now available for testing.

Problems Corrected since Beta 1:

1)  This release contains defect repair from releases through 5.1.10.2.

2)  Previously, when DYNAMIC_BLACKLIST=ipsec..., the CLI required the
    firewall to be started in order to run the 'allow' command. Now,
    the command only requires that the dynamic blacklist ipset
    exists.

3)  Previously, if an address variable was used in the stoppedrules
    file, the 'clear' command could fail in two different ways,
    depending on whether the related interface was optional or not.

    If the interface was optional, the failure message was similar to
    the following:

       $ shorewall clear
       Clearing Shorewall....
       Preparing iptables-restore input...
       /var/lib/shorewall/firewall: 3064: [: !=: unexpected operator
       Running /sbin/iptables-restore...
       IPv4 Forwarding Enabled
       done.

    If the interface was not optional, the result was similar to:

       $ shorewall debug clear
       Clearing Shorewall....
       Preparing iptables-restore input...
       Running debug_restore_input...
       Bad argument `6'
       Try `iptables -h' or 'iptables --help' for more information.
          ERROR: Command "/sbin/iptables --wait -t filter -A INPUT -s
          172.17.211.254 -d  -p 6 --dport 22 -i enp2s0 -j ACCEPT"
          Failed
      Terminated

    This problem has been corrected.

4)  Previously, the 'clear' command enabled forwarding
    unconditionally. Beginning with this release, 'clear' will
    conditionally enable/disable forwarding in the same manner as
    'stop'.

Thank you for testing,

-Tom
-- 
Tom Eastep        \   Q: What do you get when you cross a mobster with
Shoreline,         \     an international standard?
Washington, USA     \ A: Someone who makes you an offer you can't
http://shorewall.org \   understand
                      \_______________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to