[Shorewall-devel] Shorewall 5.1.11 Beta 1

Sat, 30 Dec 2017 10:11:39 -0800 

Shorewall 5.1.11 Beta 1 is now available for testing.

Problems Corrected:

1)  This release contains defect repair from releases through 5.1.10.1.

2)  Previously, AUTOMAKE=Yes ran 'find' in each directory in
    CONFIG_PATH with unlimited depth searching for files newer than the
    current firewall script. Given that the compiler only searches the
    immediate contents of each directory, the unlimited depth search
    was inefficient overkill. Now, 'find' is run with a maximum depth
    of 1, so that only the directories themselves are searched for a
    match.

New Features:

1)  Previously, the 'show' command was not available to non-root
    users. Beginning with this release, non-root users may now
    run the following 'show' commands:

        show action <action>
        show actions
        show ip
        show macro <macro>
        show macros
        show routing

2)  When a RATE is specified on a policy, the rate is enforced in a
    chain whose name begins with '@' (e.g., @net-dmz). Previously, log
    messages in the chain omitted the '@', leading to possible
    confusion. Beginning with this release, the log message will
    reflect the chain's actual name (including the '@').

3)  To improve efficiency, TCP CT entries in the conntrack file and
    TCP entries in the rules file that specify a HELPER will now
    assume that 'tcp:syn' had been specified. That way, the generated
    ip[6]tables rule will only match on the first packet of the
    three-way handshake. See shorewall-conntrack(5) for additional
    information.

Thank you for testing,

-Tom
-- 
Tom Eastep        \   Q: What do you get when you cross a mobster with
Shoreline,         \     an international standard?
Washington, USA     \ A: Someone who makes you an offer you can't
http://shorewall.org \   understand
                      \_______________________________________________

Attachment: signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-devel

Reply via email to