Shorewall 5.1.3 Beta 2 is now available for testing.

Problems Corrected Since Beta 1:

1) Defect repair from 5.1.2.2 and 5.1.2.3 has been merged.

2) 2) The documentation for 'reload' has been corrected:

- A command synopsis has been added in shorewall(8).
- The command synopsis in the 'help' output has been corrected.

3) 'Multicast' has been removed from the IPv6 sample shorewall.conf
policy action settings. The Multicast standard action only applies
to IPv4.

4) The CONFIG_PATH setting has been corrected in the IPv6 Universal
sample configuration.

New Features:

1) The PROTO columns may now specify tcp:!syn (6:!syn) which matches
TCP packets with the SYN flag reset or one or more of ACK, RST or
FIN set. The dropNotSyn and rejNotSyn actions have been modified to
use this feature.

2) The sample .conf files now quote the setting of LOG_LEVEL and
the instances of $LOG_LEVEL. This is necessary if the LOG_LEVEL
setting contains parentheses (e.g., LOG_LEVEL="NFLOG(0,64,1)").
This is necessary because the .conf files are processed by the
shell.

Thank you for testing,

- -Tom
- --
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.net \________________________________________________