Tom Eastep
2017-05-07 09:31:47 UTC
Shorewal 5.1.4 is now available for download.
Problems Corrected:
1) This release contains defect repair through Shorewall 5.1.3.1.
2) Previously, if a Shorewall Variable ( e.g., @chain ) was the target
of a conditional ?RESET directive (one that was enclosed in ?if...
?else...?endif logic), the compiler could incorrectly use an
existing chain created from the action rather than creating a new
(and different) chain. That has been corrected.
3) Previously, if alternate input format specified a column that had
already been specified, the contents of that column were silently
overwritten. Now, a warning message is issued stating that the
prior value has been replaced by the newer value.
4) Previously, a string-valued interface option, such as
'physical', could be given an empty value (e.g., "physical=,"), and
the compiler would fail to flag it. Now, this usage raises an
error.
5) Previously, the 'tunnel-src' and 'tunnel-dst' zone options would
generate an error under Shorewall6. That has been corrected.
6) A number of small documentation corrections have been made.
New Features:
1) All IPv6 standard actions have been deleted and their logic
has been added to their IPv4 counterparts who can now handle
both address families.
2) Previously, ?error and ?require messages as well as verbose ?info
and ?warning messages (those that report the file and line numbers)
generated from an action file would report the action file name and
line number rather than the file and line number where the action
was invoked. The file and line number where the action was invoked
were listed second. Beginning with this release, the invoking file
and line number are listed first and the action file and line number
are not reported. This allows for creation of clearer messages.
Example:
Previously, when an invalid value was passed for the 'bricks'
parameter to the GlusterFS action on line 45 of the rules file, a
message such as the following was issued (folded to 76 columns):
ERROR: Invalid value for Bricks (2000)
/usr/share/shorewall/action.GlusterFS (line 15)
from /etc/shorewall/rules (line 45)
Note that the message seems to imply that the error is in
action.GlusterFS rather than in the rules file.
Beginning with this release, the message will be:
ERROR: Invalid value (2000) for the GlusterFS Bricks argument
/etc/shorewall/rules (line 45)
Note: This change only affects actions, including inline actions.
Macros will continue to report the old way.
3) IPv6 UPnP support (including MINIUPNPD) is now available.
4) A PERL_HASH_SEED option has been added to allow the Perl hash seed
to be specified. See shorewall.conf(5) and perlsec(1) for details.
Thank you for using Shorewall.
- -Tom
- --
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't understand
\______________________________________________________
Problems Corrected:
1) This release contains defect repair through Shorewall 5.1.3.1.
2) Previously, if a Shorewall Variable ( e.g., @chain ) was the target
of a conditional ?RESET directive (one that was enclosed in ?if...
?else...?endif logic), the compiler could incorrectly use an
existing chain created from the action rather than creating a new
(and different) chain. That has been corrected.
3) Previously, if alternate input format specified a column that had
already been specified, the contents of that column were silently
overwritten. Now, a warning message is issued stating that the
prior value has been replaced by the newer value.
4) Previously, a string-valued interface option, such as
'physical', could be given an empty value (e.g., "physical=,"), and
the compiler would fail to flag it. Now, this usage raises an
error.
5) Previously, the 'tunnel-src' and 'tunnel-dst' zone options would
generate an error under Shorewall6. That has been corrected.
6) A number of small documentation corrections have been made.
New Features:
1) All IPv6 standard actions have been deleted and their logic
has been added to their IPv4 counterparts who can now handle
both address families.
2) Previously, ?error and ?require messages as well as verbose ?info
and ?warning messages (those that report the file and line numbers)
generated from an action file would report the action file name and
line number rather than the file and line number where the action
was invoked. The file and line number where the action was invoked
were listed second. Beginning with this release, the invoking file
and line number are listed first and the action file and line number
are not reported. This allows for creation of clearer messages.
Example:
Previously, when an invalid value was passed for the 'bricks'
parameter to the GlusterFS action on line 45 of the rules file, a
message such as the following was issued (folded to 76 columns):
ERROR: Invalid value for Bricks (2000)
/usr/share/shorewall/action.GlusterFS (line 15)
from /etc/shorewall/rules (line 45)
Note that the message seems to imply that the error is in
action.GlusterFS rather than in the rules file.
Beginning with this release, the message will be:
ERROR: Invalid value (2000) for the GlusterFS Bricks argument
/etc/shorewall/rules (line 45)
Note: This change only affects actions, including inline actions.
Macros will continue to report the old way.
3) IPv6 UPnP support (including MINIUPNPD) is now available.
4) A PERL_HASH_SEED option has been added to allow the Perl hash seed
to be specified. See shorewall.conf(5) and perlsec(1) for details.
Thank you for using Shorewall.
- -Tom
- --
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't understand
\______________________________________________________