Tom Eastep
2017-06-13 15:31:10 UTC
Shorewall 5.1.5 Beta 1 is now available for testing.
Problems Corrected:
1) This release contains defect repair through Shorewall 5.1.4.2.
New Feature:
1) In order to allow Shorewall[6]-lite users to change port numbers in
rules without recompilation and re-exporting, Shorewall now
supports Run-time Port Variables. These variables have the format
%{variable} and may appear any place that a port number or service
name may appear.
Example using both Run-time Address and Run-time Port Variables:
/etc/shorewall/init:
SERVER_PORT=4126
SERVER_ADDRESS=192.0.44.12
/etc/shorewall/rules:
ACCEPT net dmz:%{SERVER_ADDRESS} tcp %{SERVER_PORT}
Rather than assigning a numerical literal to SERVER_PORT in the
init extension script as shown above, the variable could be
assigned a dynamic value based on a database lookup.
Important
If no value is assigned to a Run-time Port Variable in the init
extension script, then the value 255 is assumed.
Thank you for testing,
- -Tom
- --
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.org \ understand
\_______________________________________________
Problems Corrected:
1) This release contains defect repair through Shorewall 5.1.4.2.
New Feature:
1) In order to allow Shorewall[6]-lite users to change port numbers in
rules without recompilation and re-exporting, Shorewall now
supports Run-time Port Variables. These variables have the format
%{variable} and may appear any place that a port number or service
name may appear.
Example using both Run-time Address and Run-time Port Variables:
/etc/shorewall/init:
SERVER_PORT=4126
SERVER_ADDRESS=192.0.44.12
/etc/shorewall/rules:
ACCEPT net dmz:%{SERVER_ADDRESS} tcp %{SERVER_PORT}
Rather than assigning a numerical literal to SERVER_PORT in the
init extension script as shown above, the variable could be
assigned a dynamic value based on a database lookup.
Important
If no value is assigned to a Run-time Port Variable in the init
extension script, then the value 255 is assumed.
Thank you for testing,
- -Tom
- --
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.org \ understand
\_______________________________________________