Shorewall 5.1.11 Beta 2 is now available for testing. Problems Corrected since Beta 1:
1) This release contains defect repair from releases through 5.1.10.2. 2) Previously, when DYNAMIC_BLACKLIST=ipsec..., the CLI required the firewall to be started in order to run the 'allow' command. Now, the command only requires that the dynamic blacklist ipset exists. 3) Previously, if an address variable was used in the stoppedrules file, the 'clear' command could fail in two different ways, depending on whether the related interface was optional or not. If the interface was optional, the failure message was similar to the following: $ shorewall clear Clearing Shorewall.... Preparing iptables-restore input... /var/lib/shorewall/firewall: 3064: [: !=: unexpected operator Running /sbin/iptables-restore... IPv4 Forwarding Enabled done. If the interface was not optional, the result was similar to: $ shorewall debug clear Clearing Shorewall.... Preparing iptables-restore input... Running debug_restore_input... Bad argument `6' Try `iptables -h' or 'iptables --help' for more information. ERROR: Command "/sbin/iptables --wait -t filter -A INPUT -s 172.17.211.254 -d -p 6 --dport 22 -i enp2s0 -j ACCEPT" Failed Terminated This problem has been corrected. 4) Previously, the 'clear' command enabled forwarding unconditionally. Beginning with this release, 'clear' will conditionally enable/disable forwarding in the same manner as 'stop'. Thank you for testing, -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users