КРУТЬ!!!
Юзай пренепременно!
Shorewall 4.4.7.5 is now available for download.
>
>
> ----------------------------------------------------------------------------
> P R O B L E M S C O R R E C T E D I N 4 . 4 . 7 . 5
>
> ----------------------------------------------------------------------------
>
> 1) A CONTINUE rule specifying a log level would cause the compiler to
> generate an incorrect rule sequence. The packet would be logged
> but the CONTINUE action would not occur.
>
> 2) If multiple entries were present in /etc/shorewall/tcdevices and
> globally unique class numbers were not explicitly specified in
> /etc/shorewall/tcclasses, then 'shorewall start' would fail with a
> diagnostic such as:
>
> Setting up Traffic Control...
> RTNETLINK answers: File exists
> ERROR: Command "tc qdisc add dev eth1 parent 2:2 handle 2: sfq
> quantum 1500 limit 127 perturb 10" Failed
> Processing /etc/shorewall/stop ...
>
> 3) Previously, when a low per-IP rate limit (such as 1/hour) was
> specified, the effective enforced rate was much higher
> (approximately 6/min). The Shorewall compiler now configures the
> hashlimit table idle timeout based on the rate units (min, hour,
> ...) so that the rate is more accurately enforced.
>
> As part of this change, a unique hashlimit table name is assigned
> to each per-IP rate limiting rule that does not specify a table name
> in the rule. The assigned names are of the form 'shorewallN' where
> N is an integer. Previously, all such rules shared a single
> 'shorewall' table which lead to unexpected results.
>
> 4) All prior versions of Shorewall-perl mishandle per-IP rate limiting
> ACCEPT+ rules. The effective rate and burst are 1/2 of the values
> given in the rule. This problem has been corrected so that the
> specified rate is now the effective rate.
>
> -Tom
> --
> Tom Eastep \ When I die, I want to go like my Grandfather who
> Shoreline, \ died peacefully in his sleep. Not screaming like
> Washington, USA \ all of the passengers in his car
> http://shorewall.net \________________________________________________
>
>
>
> ------------------------------------------------------------------------------
> Download Intel® Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> Shorewall-announce mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-announce
>
>
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
