Shorewall 5.2.6 RC 1 is now available for testing. Problems Corrected:
2) A bug in iptables (see https://git.netfilter.org/iptables/commit/?id=d1555a0906e35ba8d170613d5a43da64e527dbe1) prevents the '--queue-cpu-fanout' option from being applied unless that option is the last one specified. Unfortunately, Shorewall places the '--queue-bypass' option last if that option is also specified. This release works around this issue by ensuring that the '--queue-cpu-fanout' option appears last. New Features: 1) To emphasize that it specifies destination ports, the PORT column in the snat file has been renamed DPORT. Beginning with this release, both 'port' and 'dport' are accepted in the alternative input format. 2) The snat file now supports ?FORMAT 2, which adds an SPORT (source port) column immediately to the right of the DPORT (destination port) column. Thank you for testing, -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster Shoreline, \ with an international standard? Washington, USA \ A: Someone who makes you an offer you http://shorewall.org \ can't understand \________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-devel mailing list Shorewall-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-devel
