I had not planned on another Beta, but the work that I've been doing with Simple Traffic Shaping has been so promising that I want to get it into the 4.4.13 release.
New Features:
1) The OPTIONS column in the blacklists file may now be a comma-
separated list of 'to' and 'from'. Duplicates are ignored with a
warning message.
2) There is now an OUT-BANDWIDTH column in
/etc/shorewall/tcinterfaces.
The format of this column is:
<rate>[:[<burst>][:[<latency>][:[<peak>][:[<minburst>]]]]]
These terms are described in tc-tbf(8). Shorewall supplies default
values as follows:
<burst> = 10kb
<latency> = 200ms
The remaining options are defaulted by tc.
3) The IN-BANDWIDTH column in both /etc/shorewall/tcdevices and
/etc/shorewall/tcinterfaces now accepts an optional burst parameter.
<rate>[:<burst>]
The default burst is 10kb. A larger burst can help make the <rate>
more accurate; often for fast lines, the enforced rate is well
below the specified <rate>.
Problems Corrected:
1) Avoid an Internal Error when a 'to' blacklist entry occurs and
there are no type-2 blacklisted interfaces.
2) When a comma-separated list of 'src' and/or 'dst' was specified in
an ipset invocation (e.g., "+fooset[src,src]), all but the first
'src' or 'dst' was previously ignored when generating the resulting
iptables rule.
3) Beginning with Shorewall 4.4.9, the SAME target in tcrules has
generated invalid iptables (ip6tables) input. That target now
generates correct input.
4) Ipsets associated with 'dynamic' zones were being created during
'restart' but not during 'start'.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
