Shorewall 4.5.9 Beta 2 is now available for testing. Problems Corrected:
1) This release contains all defect repair from Shorewall 4.5.8.2.
2) A typo has been corrected in the shorewallrc.default file.
3) Beginning with Shorewall 4.5.7.2, Shorewall unconditionally
restores the provider mark as the first rule in the mangle table
OUTPUT and PREROUTING chains. Previously, the provider mark was
restored only if it was non-zero.
It has become clear that some users need it one way while others
need it the other way. To resolve this issue, a RESTORE_ROUTEMARKS
option has been added to shorewall.conf and shorewall6.conf. When
this option is set to Yes (the default), the 4.5.7.2 approach is
used (always restore the mark, even if it is zero); when it is set
to No, the pre-4.5.7.2 behavior is retained.
New Features:
1) Prior to this release, if a dynamic zone was associated with more
than one interface, then Shorewall created a separate ipset for
each interface. This meant that multiple 'add' and 'delete'
commands might be required to change the zone composition.
This release introduces a 'dynamic_shared' zone option. When that
option is specified, a single ipset is generated regardless of the
number of entries the zone has in the hosts file.
The 'dynamic_shared' option may only be specified in the OPTIONS
column of the zones file.
The syntax of the 'add' and 'delete' commands is changed for zones
having the 'dynamic_shared' option:
add <zone> <address>[,<address> ... ]
delete <zone> <address>[,<address> ... ]
Example:
shorewall add direct 172.20.1.99
The syntax for 'add' and 'delete' for zones not having the
'dynamic_shared' option is unchanged.
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
