On Mon, 26 Aug 2013 12:59:25 -0700
Tom Eastep <[email protected]> wrote:
> Shorewall 4.5.20 is now available for download.
>
> ----------------------------------------------------------------------------
> I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A
> S E
> ----------------------------------------------------------------------------
>
> 1) On some distributions, the shorewall-lite and shorewall6-lite
> uninstallers could fail with a syntax error.
>
> 2) A typographical error in the usage text produced by the -h command
> in the compiled firewall script has been corrected.
>
> 3) The handling of INITSOURCE is now uniform between the standard and
> the -lite installers.
>
> 4) Previously, when SYSCONFFILE was specified in shorewallrc, the
> installers would always install default.debian rather than the
> named file. That has been corrected.
>
> ----------------------------------------------------------------------------
> I I. K N O W N P R O B L E M S R E M A I N I N G
> ----------------------------------------------------------------------------
>
> 1) On systems running Upstart, shorewall-init cannot reliably secure
> the firewall before interfaces are brought up.
>
> ----------------------------------------------------------------------------
> I I I. N E W F E A T U R E S I N T H I S R E L E A S E
> ----------------------------------------------------------------------------
>
> 1) A new TRACK_RULES option has been added to shorewall[6].conf. When
> set to 'Yes', this option causes most rules to be tagged with a
> comment which gives the configuration file name and line number
> that caused the rule to be generated. These comments replace any
> comments added via AUTOCOMMENT=Yes and ?COMMENT entries.
>
> Setting this option to 'Yes' requires the 'Comments' capability in
> your kernel and ip[6]tables.
>
> 2) You may now specify 'OPTIMIZE=All' in shorewall[6].conf to enable
> all optimizations. If new optimization levels are added in the
> future, OPTIMIZE=All will automatically enable those
> optimizations.
>
> For completeness, 'OPTIMIZE=None' disables all optimizations.
>
> 3) 'list' and 'ls' are now documented alternatives for 'show' in the
> CLI programs. /sbin/shorewall and /sbin/shorewall6 now accept 'ck'
> as an abbreviation for 'check' and 'co' as an abbreviation for
> 'compile'.
>
> 4) Beginning with this release, if /etc/os-release exists during
> installation, then the ID setting in that file will be used to
> determine which Linux distribution is running on the system.
>
> 5) The 'status' command now obeys the effective VERBOSITY and will
> produce no output when the effective VERBOSITY is less than 1.
>
> 6) The CLI exit status codes are now documented in the manpages
> (shorewall(8), shorewall6(8), etc.).
>
> 7) Beginning with this release, the shorewallrc file supports a
> SERVICEFILE variable. SERVICEFILE is only relevant when SERVERD is
> non-empty, in which case it names the file to be installed as the
> product's .service file. If SERVERD is specified but SERVICEFILE
> is not, the assumed value of SERVERFILE is $PRODUCT.service.
>
> 8) The ${SBINDIR}/shorewall-init utility will now compile
> configurations if needed
>
> Thank you for using Shorewall,
> -Tom
--
"A. Because it breaks the logical order of conversation.
Q. Why is top posting bad?"
------------------------------------------------------------------------------
Introducing Performance Central, a new site from SourceForge and
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
