Problems Corrected in version 2.0.8 1) User/group restricted rules now work in actions. ----------------------------------------------------------------------- Problems Corrected in version 2.0.9 1) Previously, an empty PROTO column or a value of "all" in that column would cause errors when processing the /etc/shorewall/tcrules file. New Fewatures in version 2.0.9 1) The "shorewall status" command now includes the output of "brctl show" if the bridge tools are installed. ----------------------------------------------------------------------- Problems corrected in version 2.0.10 1) The GATEWAY column was previously ignored in 'pptpserver' entries in /etc/shorewall/tunnels. 2) When log rule numbers are included in the LOGFORMAT, duplicate rule numbers could previously be generated. 3) The /etc/shorewall/tcrules file now includes a note to the effect that rule evaluation continues after a match. 4) The error message produced if Shorewall couldn't obtain the routes through an interface named in the SUBNET column of /etc/shorewall/masq was less than helpful since it didn't include the interface name. ----------------------------------------------------------------------- New Features in 2.0.10 The "shorewall status" command has been enhanced to include the values of key /proc settings: Example from a two-interface firewall: /proc /proc/sys/net/ipv4/ip_forward = 1 /proc/sys/net/ipv4/conf/all/proxy_arp = 0 /proc/sys/net/ipv4/conf/all/arp_filter = 0 /proc/sys/net/ipv4/conf/all/rp_filter = 0 /proc/sys/net/ipv4/conf/default/proxy_arp = 0 /proc/sys/net/ipv4/conf/default/arp_filter = 0 /proc/sys/net/ipv4/conf/default/rp_filter = 0 /proc/sys/net/ipv4/conf/eth0/proxy_arp = 0 /proc/sys/net/ipv4/conf/eth0/arp_filter = 0 /proc/sys/net/ipv4/conf/eth0/rp_filter = 0 /proc/sys/net/ipv4/conf/eth1/proxy_arp = 0 /proc/sys/net/ipv4/conf/eth1/arp_filter = 0 /proc/sys/net/ipv4/conf/eth1/rp_filter = 0 /proc/sys/net/ipv4/conf/lo/proxy_arp = 0 /proc/sys/net/ipv4/conf/lo/arp_filter = 0 /proc/sys/net/ipv4/conf/lo/rp_filter = 0 ----------------------------------------------------------------------- Problems corrected in 2.0.11 1) The INSTALL file now include special instructions for Slackware users. 2) The bogons file has been updated. 3) Service names are replaced by port numbers in /etc/shorewall/tos. 4) A typo in the install.sh file that caused an error during a new install has been corrected. ----------------------------------------------------------------------- New Features in 2.0.11 1) The AllowNNTP action now allows NNTP over SSL/TLS (NTTPS). Reproducible: Always Steps to Reproduce: 1. 2. 3.
Shorewall 2.0.12 stable is out. The current 2.0.10 ~x86 ebuild works fine with just its package name changed.
2.0.13 is out and fixes a bug from 2.0.12: Problems Corrected: 1. A typo in /usr/share/shorewall/firewall caused the "shorewall add" to issue an error message: /usr/share/shorewall/firewall: line 1: match_destination_hosts: command not found
The ebuild for version 2.0.10 still works fine for 2.0.13 too.
in portage, sorry for the delay
