Revisions of shorewall
Dominique Leuenberger (dimstar_suse)
accepted
request 596753
from
Bruno Friedmann (bruno_friedmann)
(revision 103)
- Changes in 5.1.12.3 Problems Corrected: When 'reset' and 'dst' were specified to the IfEvent action, the action would incorrectly attempt to reset the event for the SOURCE IP address rather than the DEST address. That has been corrected. (forwarded request 596669 from bruno_friedmann)
Dominique Leuenberger (dimstar_suse)
accepted
request 587570
from
Bruno Friedmann (bruno_friedmann)
(revision 102)
Dominique Leuenberger (dimstar_suse)
accepted
request 542468
from
Bruno Friedmann (bruno_friedmann)
(revision 101)
Dominique Leuenberger (dimstar_suse)
accepted
request 518886
from
Bruno Friedmann (bruno_friedmann)
(revision 100)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 516780
from
Bruno Friedmann (bruno_friedmann)
(revision 99)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 509976
from
Bruno Friedmann (bruno_friedmann)
(revision 98)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 507225
from
Bruno Friedmann (bruno_friedmann)
(revision 97)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 504332
from
Bruno Friedmann (bruno_friedmann)
(revision 96)
- Bugfix and enhancement release 5.1.4.2 complete changelog is available http://shorewall.net/pub/shorewall/5.1/shorewall-5.1.4/releasenotes.txt - Main changes All IPv6 standard actions have been deleted and their logic has been added to their IPv4 counterparts who can now handle both address families. Previously, ?error and ?require messages as well as verbose ?info and ?warning messages (those that report the file and line numbers) generated from an action file would report the action file name and line number rather than the file and line number where the action was invoked. The file and line number where the action was invoked were listed second. Beginning with this release, the invoking file and line number are listed first and the action file and line number are not reported. This allows for creation of clearer messages. IPv6 UPnP support (including MINIUPNPD) is now available. A PERL_HASH_SEED option has been added to allow the Perl hash seed to be specified. See shorewall.conf(5) and perlsec(1) for details. (forwarded request 503677 from bruno_friedmann)
Yuchen Lin (maxlin_factory)
accepted
request 482804
from
Bruno Friedmann (bruno_friedmann)
(revision 95)
- Bugfix release 5.1.3.2 Previously, if a Shorewall Variable (e.g., @chain) was the target of a conditional ?RESET directive (one that was enclosed in ?if. ?else...?endif logic), the compiler could incorrectly use an existing chain created from the action rather than creating a new (and different) chain. That has been corrected. Previously, if alternate input format specified a column that had already been specified, the contents of that column were silently overwritten. Now, a warning message is issued stating that the prior value has been replaced by the newer value. (forwarded request 482666 from bruno_friedmann)
Dominique Leuenberger (dimstar_suse)
accepted
request 481217
from
Bruno Friedmann (bruno_friedmann)
(revision 94)
Update to bugfix release.
Dominique Leuenberger (dimstar_suse)
accepted
request 479770
from
Bruno Friedmann (bruno_friedmann)
(revision 93)
- Upgrade to last stable 5.1.3 For details see changelog.txt and releasenotes.txt containing all informations for a correct upgrade path. - Packaging Redone patches for var-fillup + shorewall-fillup-install.patch + shorewall-init-fillup-install.patch + shorewall-lite-fillup-install.patch - Upgrade to stable 5.1.1 For details see changelog.txt and releasenotes.txt containing all informations for a correct upgrade path. - Packaging: + use proper %{} syntax + Adjust year copyright + Remove attr on sbindir symlink + Move Samples and Contrib to doc package (forwarded request 479769 from bruno_friedmann)
Dominique Leuenberger (dimstar_suse)
accepted
request 447292
from
Bruno Friedmann (bruno_friedmann)
(revision 92)
1
Dominique Leuenberger (dimstar_suse)
accepted
request 371244
from
Jan Engelhardt (jengelh)
(revision 91)
Update to last bugfix 4.x series Thanks for your consideration. Maintainer status is accepted since togan has disappear Will serve as maintenance sr for Leap + Factory submission (forwarded request 367131 from bruno_friedmann)
Dominique Leuenberger (dimstar_suse)
accepted
request 331030
from
Togan Muftuoglu (toganm)
(revision 90)
- Update to version 4.6.13 For more details see changelog.txt and realeasenotes.txt * The 'rules' file manpages have been corrected regarding the packets that are processed by rules in the NEW section. * Parsing of IPv6 address ranges has been corrected. Previously, use of ranges resulted in 'Invalid IPv6 Address' errors. * The shorewall6-hosts man page has been corrected to show the proper contents of the HOST(S) column. * Previously, INLINE statements in the mangle file were not recognized if a chain designator (:F, :P, etc.) followingowed INLINE(...). As a consequence, additional matches following a semicolon were interpreted as column/value pairs unless INLINE_MATCHES=Yes, resulting in compilation failure. * Inline matches on IP[6]TABLE rules could be ignored if INLINE_MATCHES=No. They are now recognized. * Specifying an action with a logging level in one of the _DEFAULT options in shorewall[6].conf (e.g., REJECT_DEFAULT=Reject:info) produced a compilation error: ERROR: Invalid value (:info) for first Reject parameter /usr/share/shorewall/action.Rejectect (line 52) That has been corrected. Note, however, that specifying logging with a default action tends to defeat one of the main purposes of default actions which is to suppress logging. * Previously, it was necessary to set TC_EXPERT=Yes to have full access to the user mark in fw marks. That has been corrected so that any place that a mark or mask can be specified, both the TC mark and the User mark are accessible. (forwarded request 331029 from toganm)
Stephan Kulow (coolo)
accepted
request 316608
from
Togan Muftuoglu (toganm)
(revision 89)
- Update to version 4.6.11 For more details see changelog.txt and releasenotes.txt * Previously, when the -c option was given to the 'compile' command, the progress message "Compiling..." was issued before it was determined if compilation was necessary. Now, that message is suppressed when re-compilation is not required. * Previously, when the -c option was given to the 'compile' command, the 'postcompile' extension script was executed even when there was no (re-)compilation. Now, the 'postcompile' script is only invoked when a new script is generated. * If CONFDIR was other than /etc, then ordinary users would not receive a clear error message when they attempted to execute one of the commands that change the firewall state. * Previously, IPv4 DHCP client broadcasts were blocked by the 'rpfilter' interface option. That has been corrected. * The 'update' command incorrectly added the INLINE_MATCHES option to shorewall6.conf with a default value of 'Yes'. This caused 'start' to fail with invalid ip6tables rules when the alternate input format using ';' is used. Note: This last issue is not documented in the release notes included with the release. (forwarded request 316607 from toganm)
Dominique Leuenberger (dimstar_suse)
accepted
request 313364
from
Factory Maintainer (factory-maintainer)
(revision 88)
Automatic submission by obs-autosubmit
Stephan Kulow (coolo)
accepted
request 305795
from
Togan Muftuoglu (toganm)
(revision 87)
- Update to version 4.6.9 For more details see changelog.txt and releasenotes.txt * This release contains defect repair from Shorewall 4.6.8.1 and earlier releases. * The means for preventing loading of helper modules has been clarified in the documentation. * The SetEvent and ResetEvent actions previously set/reset the event even if the packet did not match the other specified columns. This has been corrected. * Previously, the 'show capabilities' command was ignoring the HELPERS setting. This resulted in unwanted modules being autoloaded and, when the -f option was given, an incorrect capabilities file was generated. * Previously, when 'wait' was specified for an interface, the generated script erroneously checked for required interfaces on all commands rather than just start, restart and restore. (forwarded request 305794 from toganm)
Dominique Leuenberger (dimstar_suse)
accepted
request 296593
from
Togan Muftuoglu (toganm)
(revision 86)
- Update to version 4.6.8.1 For more details see changnlog.txt and releasenotes.txt * Previously, when servicd was installed and there were one or more required interfaces, the firewall would fail to start at boot.This has been corrected by Tuomo Soini. * Some startup logic in lib.cli has been deleted. A bug prevented the code from working as intended, so there is no loss of functionality resulting from deletion of the code. (forwarded request 296592 from toganm)
Displaying revisions 21 - 40 of 125