Overview
Request 95241 accepted
- Update to 4.4.26 For more details see changelog.txt and
releasenotes.txt
* This release includes all corrections included in 4.4.25.1
through .3.
* In 4.4.25, ACCEPT behaved in the BLACKLIST section the same way
as in the other rules file sections. This could lead to
connections being accepted inadvertently.
Now, ACCEPT behaves like WHITELIST; that is, it exempts the
packet from the remaining rules in the BLACKLIST section.
* Previously, Shorewall did not detect the ULOG and NFLOG
capabilities. This lead to run-time failures during 'start' and
'restart' as well as confusing error messages during
compilation when ULOG or NFLOG was used when the LOG target was
not available.
ULOG and NFLOG are now detected capabilities so, if you use a
capabilities file, you will need to regenerate it in order to
use these log levels.
* The SAME tcrules target was broken in Shorewall 4.4.22. It now
works correctly again.
* Previously, 'shorewall6 update' did not update shorewall6.conf.
The command now works as expected.
* In earlier releases, the compiler was attempting to process the
params file before it was aware of the setting of CONFIG_PATH.
This could cause the params file to be missed if it was not located
in /etc/shorewall[6] or in the directory named in the start
(restart,compile,check,...) command.
Now, /sbin/shorewall[6] passes $CONFIG_PATH to the compiler
(/usr/share/shorewall/compiler.pl) in the new '--config_path'
option.
- Created by toganm
- In state accepted
-
Package maintainers:
bruno_friedmann and
polslinux
Request History
toganm created request
- Update to 4.4.26 For more details see changelog.txt and
releasenotes.txt
* This release includes all corrections included in 4.4.25.1
through .3.
* In 4.4.25, ACCEPT behaved in the BLACKLIST section the same way
as in the other rules file sections. This could lead to
connections being accepted inadvertently.
Now, ACCEPT behaves like WHITELIST; that is, it exempts the
packet from the remaining rules in the BLACKLIST section.
* Previously, Shorewall did not detect the ULOG and NFLOG
capabilities. This lead to run-time failures during 'start' and
'restart' as well as confusing error messages during
compilation when ULOG or NFLOG was used when the LOG target was
not available.
ULOG and NFLOG are now detected capabilities so, if you use a
capabilities file, you will need to regenerate it in order to
use these log levels.
* The SAME tcrules target was broken in Shorewall 4.4.22. It now
works correctly again.
* Previously, 'shorewall6 update' did not update shorewall6.conf.
The command now works as expected.
* In earlier releases, the compiler was attempting to process the
params file before it was aware of the setting of CONFIG_PATH.
This could cause the params file to be missed if it was not located
in /etc/shorewall[6] or in the directory named in the start
(restart,compile,check,...) command.
Now, /sbin/shorewall[6] passes $CONFIG_PATH to the compiler
(/usr/share/shorewall/compiler.pl) in the new '--config_path'
option.
toganm accepted request
reviewed ok.
