As often happens, immediately after I released 4.4.19, several problem
reports came it reporting issues from prior releases. This patch release
corrects the following problems:
1) A duplicate ACCEPT rule in the INPUT chain has been eliminated when
the firewall is stopped.
2) A defect introduced in Shorewall 4.4.17 broke the ability to
specify ':<low port>-<high port>' in the ADDRESS column of
/etc/shorewall/masq.
3) Several long-standing defects having to do with default route
save/restore have been corrected in the Multi-ISP implementation.
a) Shorewall previously interpreted all 'nexthop' routes as
default routes when analyzing the pre-start routing
configuration. This could lead to unwanted default routes when
the firewall was started or stopped.
b) The default route with metric 0 was usually not restored
during 'stop' processing.
c) If there were multiple default routes in the main table prior
to 'shorewall start' and USE_DEFAULT_RT was set, only the
first one with metric 0 was deleted.
4) A couple of issues with the Shorewall install script have been
corrected.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Benefiting from Server Virtualization: Beyond Initial Workload
Consolidation -- Increasing the use of server virtualization is a top
priority.Virtualization can reduce costs, simplify management, and improve
application availability and disaster protection. Learn more about boosting
the value of server virtualization. http://p.sf.net/sfu/vmware-sfdev2dev
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
