openSUSE Build Service

Overview Repositories Revisions Requests Users Attributes Meta

Revisions of shorewall

buildservice-autocommit accepted request 235533 from

Togan Muftuoglu (toganm) over 10 years ago (revision 149)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 235532 from

Togan Muftuoglu (toganm) over 10 years ago (revision 148)

- Update to version 4.6.0.2 For more details see changelog.txt and
  releasenotes.txt
  * The 'upgrade -A' command now converts the tcrules file to a
    mangle file. Previously, that didn't happen.
  * The install components now support RHEL7.
  * Whitespace issues in the skeleton configuration files have been
    corrected (Tuomo Soini).
  * FAQ 2e has been added which describes additional steps required
    to achieve hairpin NAT on a bridge where the modified packets are
    to go out the same bridge port as they entered.
  * shorewall-masq(5) has been corrected to include the word SOURCE
    on the description of that column. Previously, the description
    read '(formerly called SUBNET)'.
  * The output of 'shorewall show filters' once again shows ingress
    (policing) filters. This works around undocumented changes to
    the behavior of the 'tc' utility. 
- removed backported CHECKSUM.patch

buildservice-autocommit accepted request 234821 from

Togan Muftuoglu (toganm) over 10 years ago (revision 147)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 234820 from

Togan Muftuoglu (toganm) over 10 years ago (revision 146)

- Update to version 4.6.0. For more details see changelog.txt and
  releasenotes.txt. Since this is a major release for those who are
  migrating from previous version, it is important to read the
  above mentioned notes.
  * This release includes all defect repair from releases up through
    4.5.21.9.
- Backported CHECKSUM.patch

buildservice-autocommit accepted request 228396 from

Togan Muftuoglu (toganm) over 10 years ago (revision 145)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 228395 from

Togan Muftuoglu (toganm) over 10 years ago (revision 144)

- Update to version 4.5.21.9 For more details see changelog.txt and
  releasenotes.txt
  * The output of 'shorewall show capabilities' always showed the
    'Recent match --reap option' as 'Not Available'. 'shorewall
    show -fcapabilities' correctly reported the capability.
  * When a rules file section other than NEW began with a ?COMMENT
    directive, the comment would erroneously appear in the rule
    which jumps to the section chain as well as in the rules directly
    related to the following entries.
  * Rule comments were omitted from the compiler's 'trace' output
    in some cases.
  * When FASTACCEPT=Yes, ESTABLISHED,RELATED accept rules were
    incorrectly omitted from an interfaces's _in and _fwd chains
    when 'rpfilter' was specified in the interfaces's entry in
    /etc/shorewall[6]/interfaces.

buildservice-autocommit accepted request 226842 from

Togan Muftuoglu (toganm) over 10 years ago (revision 143)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 226841 from

Togan Muftuoglu (toganm) over 10 years ago (revision 142)

- Update to version 4.5.21.8 For more details see changelog.txt and
  releasenotes.txt
  * If an rtrules entry duplicated a Shorewall-generated route rule but
    had a lower priority than the generated one has (20000), then a
    disable/enable sequence on the provider would result in
    duplicate rules with priority 20000.
  *  When 'shorewall[6] debug [re]start' was run, any error messages
    generated because of ip[6]tables command errors would not
    include '-t table'. 
- Remove 0001-fix-release-version.patch

buildservice-autocommit accepted request 225410 from

Togan Muftuoglu (toganm) over 10 years ago (revision 141)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 225409 from

Togan Muftuoglu (toganm) over 10 years ago (revision 140)

- Update to version 4.5.21.7 For more details see changelog.txt and
  releasenotes.txt
  * The help text for the 'dump' command has been updated to
    include all valid options.
  * The behavior of ADMINISABSENTMINDED=No is corrected.
    Previously, 'shorewall stop' would not block existing connections
    regardless of the setting of this option. Beginning with this
    release, the behavior of ADMINISABSENTMINDED=No depends on whether
    the  routestopped or the stoppedrules file defines the allow
    connections while the firewall is stopped.
    If there are entries in /etc/shorewall[6]/routestopped or if
    there are no entries in /etc/shorewall[6]/stoppedrules, then the
    behavior of ADMINISABSENTMINDED=No is as documented (existing
    connections are blocked unles they are allowed by
    /etc/shorewall[6]/routestopped).  If there are no entries in
    /etc/shorewall[6]/stoppedrules, then the behavior is as if
    ADMINISABSENTMINDED=Yes and a warning message is generated. 
- Add 0001-fix-release-version.patch to correct version info of the
  releasenotes.txt

buildservice-autocommit accepted request 220674 from

Togan Muftuoglu (toganm) almost 11 years ago (revision 139)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 220673 from

Togan Muftuoglu (toganm) almost 11 years ago (revision 138)

- Update to version 4.5.21.6 For more details see changelog.txt and
  releasenotes.txt
  * When a non-terminating target specified logging, the compiler
    would erroneously generate a 'goto' (-g) iptables command rather
    than a 'jump' (-j) command. This caused the wrong set of rules
    to be traversed, usually the catchall 'REJECT' or 'DROP' rule
    at theend of the INPUT or FORWARD chain.
    The compiler now generates a 'jump' rule in these cases.
   * When an interface containing a period (such as a VLAN
     interfaceterface) was used in an 'add' or 'delete' command,
     the wrong ipset name was generated, resulting in failure of
     the command.

buildservice-autocommit accepted request 214540 from

Togan Muftuoglu (toganm) almost 11 years ago (revision 137)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 214539 from

Togan Muftuoglu (toganm) almost 11 years ago (revision 136)

- Update to version 4.5.21.5 For more details see changelog.txt and
  releasenotes.txt
  * A number of minor updates have been made to the documentation
    and manpages.
  * The 'postcompile' extension script is now documented at
    http://www.shorewall.org/shorewall_extension_scripts.htm
  * The 'add' command previously failed if 'IPSET=' appeared in the
    shorewall.conf file. This has been corrected.

buildservice-autocommit accepted request 208195 from

Togan Muftuoglu (toganm) about 11 years ago (revision 135)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 208194 from

Togan Muftuoglu (toganm) about 11 years ago (revision 134)

- Update to version 4.5.21.4 For more details see changelog.txt and
  releasenotes.txt
  * The Broadcast actions have been corrected:
    - --dst-type BROADCAST has been removed from the IPv6 version
    - A superfluous DROP rule in the IPv4 version has been
      suppressed.
  * Previously, if an HFSC class was specified with dmax but not
     umax, then the firewall would fail to start with the messages:
      Nov 14 13:42:42 Setting up Traffic Control...
      HFSC: Illegal "umax"
      HFSC: Illegal "sc"
      ERROR: Command "tc class add dev eth1 parent 1:1 classid
      1:110  hfsc sc umax b dmax 150ms rate 1575kbit ul rate 3150kbit"
      Failed
    That problem has been corrected.
  * The tcrules file now supports DROP entries to allow early
    dropping of DOS packets.

buildservice-autocommit accepted request 204238 from

Togan Muftuoglu (toganm) about 11 years ago (revision 133)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 204237 from

Togan Muftuoglu (toganm) about 11 years ago (revision 132)

- Update to version 4.5.21.2 For more details see changelog.txt and
  releasenotes.txt
  * Previously, the AutoBL action would fail if the kernel and
    iptables did not support the Recent Match '--reap' option. A new
    REAP_OPTION  capability has been added to work around this issue.
  * The Shorewall-core installer no longer reports an error from
    'cp' stating that it could not stat the shorewallrc file.
  * When a non-root user attempts to execute 'version -a', the CLI
    no longer attempts to get the version of the compiled
    firewall. Previously, the command issued the following
    diagnostic when run by non-root:
     /sbin/shorewall: /var/lib/shorewallhorewall/firewall:
     Permission denied
  * Shorewall no longer uses 'fgrep' thus allowing for use on
    systems without that utility. All uses of 'fgrep' have been
    replaced by 'grep -F'.
  * Placing |<mark> in the ACTION column of the tcrules file no
    longer raises a fatal compilation error.

buildservice-autocommit accepted request 202676 from

Togan Muftuoglu (toganm) about 11 years ago (revision 131)

baserev update by copy to link target

Togan Muftuoglu (toganm) accepted request 202675 from

Togan Muftuoglu (toganm) about 11 years ago (revision 130)

- Update to version 4.5.21.1 For more details see changelog.txt and
  releasenotes.txt
  * Problems with the Shorewall Init installer (install.sh) were
    corrected. These problems affected initial Gentoo and Debian
    installs.
  * A problem that prevented multiple ICMP/ICMP6 types to be
    specified in a rule has been corrected.
  * Previously, an attempt to specify RAS or Q.931 in the HELPER
    column  was rejected with an error.
  * The 'nohostroute' provider option was not honored in the
    default table when USE_DEFAULT_RT=Yes.

Displaying revisions 141 - 160 of 289

Places

Revisions of shorewall

Places