[Shorewall-users] Snapshot 1.4.6_20030727
teastep at shorewall.net
Sun Jul 27 19:01:56 PDT 2003
Problems Corrected since version 1.4.6:
1) Corrected problem in 1.4.6 where the MANGLE_ENABLED variable was
being tested before it was set.
2) Corrected handling of MAC addresses in the SOURCE column of the
tcrules file. Previously, these addresses resulted in an invalid
1) Once you have installed this version of Shorewall, you must
restart Shorewall before you may use the 'drop', 'reject', 'allow'
or 'save' commands.
2) To maintain strict compatibility with previous versions, current
uses of "shorewall drop" and "shorewall reject" should be replaced
with "shorewall dropall" and "shorewall rejectall".
1) Shorewall now creates a dynamic blacklisting chain for each interface
defined in /etc/shorewall/interfaces. The 'drop' and 'reject'
commands use the routing table to determine which of these chains is
to be used for blacklisting the specified IP address(es).
Two new commands ('dropall' and 'rejectall') have been introduced
that do what 'drop' and 'reject' used to do; namely, when an address
is blacklisted using these new commands, it will be blacklisted on
all of your firewall's interfaces.
2) Thanks to Steve Herber, the help command can now give
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-users