Tom Eastep
2016-10-26 15:33:56 UTC
Shorewall 5.0.14 Beta 1 is now available for testing.
Problems Corrected:
1) This release includes defect repair up through Shorewall 5.0.13.4.
New Features:
1) /etc/shorewall[6]/masq has been superseded by
/etc/shorewall[6]/snat. The new 'snat' file is similar to most of
the other configuration files in that the first column specifies
the ACTION to be performed, the second contains the SOURCE and so
on.
The 'shorewall[6] update' command will convert an existing masq
file into the equivalent 'snat' file and will rename masq to
masq.bak.
See shorewall[6]-snat(5) for details.
2) Actions (both inline and regular) are now supported out of the new
snat file. Like other actions, these 'SNAT actions' must be
declared in the /etc/shorewall[6]/actions file where the new 'nat'
option must be specified.
Like other actions, the action rules are placed in a file named
action.<action>. Those rules have the same format as those in the
snat file with two restrictions:
1. The '+' is not allowed in the ACTION column to specify that the
rules should be applied before one-to-one NAT. It must rather be
specified when the action is invoked.
2. Interface names are not permitted in the DEST column, so all of
the rules apply to the interface(es) specified when the action
was invoked.
See http://www.shorewall.org/Actions.html#idp66163888 for
additional information.
Thank you for testing,
- -Tom
- --
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
Problems Corrected:
1) This release includes defect repair up through Shorewall 5.0.13.4.
New Features:
1) /etc/shorewall[6]/masq has been superseded by
/etc/shorewall[6]/snat. The new 'snat' file is similar to most of
the other configuration files in that the first column specifies
the ACTION to be performed, the second contains the SOURCE and so
on.
The 'shorewall[6] update' command will convert an existing masq
file into the equivalent 'snat' file and will rename masq to
masq.bak.
See shorewall[6]-snat(5) for details.
2) Actions (both inline and regular) are now supported out of the new
snat file. Like other actions, these 'SNAT actions' must be
declared in the /etc/shorewall[6]/actions file where the new 'nat'
option must be specified.
Like other actions, the action rules are placed in a file named
action.<action>. Those rules have the same format as those in the
snat file with two restrictions:
1. The '+' is not allowed in the ACTION column to specify that the
rules should be applied before one-to-one NAT. It must rather be
specified when the action is invoked.
2. Interface names are not permitted in the DEST column, so all of
the rules apply to the interface(es) specified when the action
was invoked.
See http://www.shorewall.org/Actions.html#idp66163888 for
additional information.
Thank you for testing,
- -Tom
- --
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________