commit shorewall for openSUSE:Factory
Hello community, here is the log from the commit of package shorewall for openSUSE:Factory checked in at 2015-01-24 22:21:07 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/shorewall (Old) and /work/SRC/openSUSE:Factory/.shorewall.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "shorewall" Changes: -------- --- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-01-20 12:37:07.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-01-24 22:21:14.000000000 +0100 @@ -1,0 +2,20 @@ +Sat Jan 24 08:23:16 UTC 2015 - toganm@opensuse.org + +- Update to version 4.6.6.1 For more details see changelog.txt and + releasenotes.txt + + * Previously the SAVE and RESTORE actions were erroneously disallowed + in the INPUT chain within the mangle file. + * The manpage descriptions of the mangle SAVE and RESTORE actions + incorrectly required a slash (/) prior to the mask value. + * Race conditions could previously occur between the 'start' + command and the 'enable' and 'disable' commands. + * The 'update' command incorrectly added the INLINE_MATCHES + option to shorewall.conf with a default value of 'Yes'. This + caused 'start' to fail with invalid iptables rules when the + alternate input format using ';' is used. + * Previously the LOCKFILE setting was not propagated to the + generated script. So when the script was run directly, the script + unconditionally used ${VARDIR}/lock. + +------------------------------------------------------------------- Old: ---- shorewall-4.6.6.tar.bz2 shorewall-core-4.6.6.tar.bz2 shorewall-docs-html-4.6.6.tar.bz2 shorewall-init-4.6.6.tar.bz2 shorewall-lite-4.6.6.tar.bz2 shorewall6-4.6.6.tar.bz2 shorewall6-lite-4.6.6.tar.bz2 New: ---- shorewall-4.6.6.1.tar.bz2 shorewall-core-4.6.6.1.tar.bz2 shorewall-docs-html-4.6.6.1.tar.bz2 shorewall-init-4.6.6.1.tar.bz2 shorewall-lite-4.6.6.1.tar.bz2 shorewall6-4.6.6.1.tar.bz2 shorewall6-lite-4.6.6.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ shorewall.spec ++++++ --- /var/tmp/diff_new_pack.F8dfoh/_old 2015-01-24 22:21:15.000000000 +0100 +++ /var/tmp/diff_new_pack.F8dfoh/_new 2015-01-24 22:21:15.000000000 +0100 @@ -20,7 +20,7 @@ %define have_systemd 1 Name: shorewall -Version: 4.6.6 +Version: 4.6.6.1 Release: 0 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems License: GPL-2.0 ++++++ shorewall-4.6.6.tar.bz2 -> shorewall-4.6.6.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/Perl/Shorewall/Config.pm new/shorewall-4.6.6.1/Perl/Shorewall/Config.pm --- old/shorewall-4.6.6/Perl/Shorewall/Config.pm 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-4.6.6.1/Perl/Shorewall/Config.pm 2015-01-23 17:49:49.000000000 +0100 @@ -301,7 +301,7 @@ # # Config options and global settings that are to be copied to output script # -our @propagateconfig = qw/ DISABLE_IPV6 MODULESDIR MODULE_SUFFIX LOAD_HELPERS_ONLY SUBSYSLOCK LOG_VERBOSITY/; +our @propagateconfig = qw/ DISABLE_IPV6 MODULESDIR MODULE_SUFFIX LOAD_HELPERS_ONLY LOCKFILE SUBSYSLOCK LOG_VERBOSITY/; # # From parsing the capabilities file or detecting capabilities # @@ -713,7 +713,7 @@ TC_SCRIPT => '', EXPORT => 0, KLUDGEFREE => '', - VERSION => "4.6.6", + VERSION => "4.6.6.1", CAPVERSION => 40606 , ); # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/Perl/Shorewall/Tc.pm new/shorewall-4.6.6.1/Perl/Shorewall/Tc.pm --- old/shorewall-4.6.6/Perl/Shorewall/Tc.pm 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-4.6.6.1/Perl/Shorewall/Tc.pm 2015-01-23 17:49:49.000000000 +0100 @@ -564,7 +564,7 @@ RESTORE => { defaultchain => 0, - allowedchains => PREROUTING | FORWARD | OUTPUT | POSTROUTING, + allowedchains => PREROUTING | INPUT | FORWARD | OUTPUT | POSTROUTING, minparams => 0, maxparams => 1, function => sub () { @@ -593,7 +593,7 @@ SAVE => { defaultchain => 0, - allowedchains => PREROUTING | FORWARD | OUTPUT | POSTROUTING, + allowedchains => PREROUTING | INPUT | FORWARD | OUTPUT | POSTROUTING, minparams => 0, maxparams => 1, function => sub () { @@ -1055,7 +1055,7 @@ my ( $originalmark, $source, $dest, $protos, $ports, $sports, $user, $testval, $length, $tos , $connbytes, $helper, $headers, $probability , $dscp , $state, $time ); if ( $family == F_IPV4 ) { ( $originalmark, $source, $dest, $protos, $ports, $sports, $user, $testval, $length, $tos , $connbytes, $helper, $probability, $dscp, $state, $time ) = - split_line2( 'tcrules file', + split_line2( 'mangle file', { mark => 0, action => 0, source => 1, @@ -1080,7 +1080,7 @@ $headers = '-'; } else { ( $originalmark, $source, $dest, $protos, $ports, $sports, $user, $testval, $length, $tos , $connbytes, $helper, $headers, $probability, $dscp, $state, $time ) = - split_line2( 'tcrules file', + split_line2( 'mangle file', { mark => 0, action => 0, source => 1, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/Perl/prog.footer new/shorewall-4.6.6.1/Perl/prog.footer --- old/shorewall-4.6.6/Perl/prog.footer 2015-01-13 16:05:15.000000000 +0100 +++ new/shorewall-4.6.6.1/Perl/prog.footer 2015-01-23 17:18:30.000000000 +0100 @@ -373,20 +373,24 @@ [ $# -eq 1 ] && exit 0 shift [ $# -ne 1 ] && usage 2 + mutex_on if product_is_started; then detect_configuration enable_provider $1 fi + mutex_off status=0 ;; disable) [ $# -eq 1 ] && exit 0 shift [ $# -ne 1 ] && usage 2 + mutex_on if product_is_started; then detect_configuration disable_provider $1 fi + mutex_off status=0 ;; run) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/changelog.txt new/shorewall-4.6.6.1/changelog.txt --- old/shorewall-4.6.6/changelog.txt 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-4.6.6.1/changelog.txt 2015-01-23 17:49:48.000000000 +0100 @@ -1,3 +1,19 @@ +Changes in 4.6.6.1 + +1) Update release documents. + +2) Allow SAVE and RESTORE in the INPUT chain. + +3) Correct manpage descriptions of mangle SAVE and RESTORE + +4) Protect 'enable' and 'disable' with mutex + +5) Change the installation default value of INLINE_MATCHES + +6) Correct the file name in mangle split_line error messages + +7) Propagate the LOCKFILE setting to the generated script + Changes in 4.6.6 Final 1) Update release documents. @@ -6,6 +22,10 @@ 3) Make leading 'SHELL' case sensitive. +4) Zabbix Macro from Tuomo Soini. + +5) Tinc Macro from Răzvan Sandu. + Changes in 4.6.6 RC 1 1) Update release documents. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/configfiles/mangle.annotated new/shorewall-4.6.6.1/configfiles/mangle.annotated --- old/shorewall-4.6.6/configfiles/mangle.annotated 2015-01-15 16:46:49.000000000 +0100 +++ new/shorewall-4.6.6.1/configfiles/mangle.annotated 2015-01-23 17:51:01.000000000 +0100 @@ -317,7 +317,7 @@ # then ( 2 ** MASK_BITS ) - 1 is assumed (MASK_BITS is set in # shorewall.conf(5)). # -# RESTORE[(/mask)] +# RESTORE[(mask)] # # Restore the packet's mark from the connection's mark using the supplied # mask if any. Your kernel and iptables must include CONNMARK support. @@ -354,7 +354,7 @@ # same remote system then the new connection will use the same provider # as the connection over which that last packet was sent. # -# SAVE[(/mask)] +# SAVE[(mask)] # # Save the packet's mark to the connection's mark using the supplied mask # if any. Your kernel and iptables must include CONNMARK support. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/configfiles/shorewall.conf new/shorewall-4.6.6.1/configfiles/shorewall.conf --- old/shorewall-4.6.6/configfiles/shorewall.conf 2015-01-13 16:05:15.000000000 +0100 +++ new/shorewall-4.6.6.1/configfiles/shorewall.conf 2015-01-23 17:18:30.000000000 +0100 @@ -166,7 +166,7 @@ IMPLICIT_CONTINUE=No -INLINE_MATCHES=Yes +INLINE_MATCHES=No IPSET_WARNINGS=Yes diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/configfiles/shorewall.conf.annotated new/shorewall-4.6.6.1/configfiles/shorewall.conf.annotated --- old/shorewall-4.6.6/configfiles/shorewall.conf.annotated 2015-01-15 16:46:57.000000000 +0100 +++ new/shorewall-4.6.6.1/configfiles/shorewall.conf.annotated 2015-01-23 17:51:10.000000000 +0100 @@ -1002,7 +1002,7 @@ # implicit CONTINUE policy may be overridden by including an explicit policy # (one that does not specify "all" in either the SOURCE or the DEST columns). # -INLINE_MATCHES=Yes +INLINE_MATCHES=No # # INLINE_MATCHES={Yes|No} # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/configure new/shorewall-4.6.6.1/configure --- old/shorewall-4.6.6/configure 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-4.6.6.1/configure 2015-01-23 17:49:48.000000000 +0100 @@ -28,7 +28,7 @@ # # Build updates this # -VERSION=4.6.6 +VERSION=4.6.6.1 case "$BASH_VERSION" in [4-9].*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/configure.pl new/shorewall-4.6.6.1/configure.pl --- old/shorewall-4.6.6/configure.pl 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-4.6.6.1/configure.pl 2015-01-23 17:49:48.000000000 +0100 @@ -31,7 +31,7 @@ # Build updates this # use constant { - VERSION => '4.6.6' + VERSION => '4.6.6.1' }; my %params; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/install.sh new/shorewall-4.6.6.1/install.sh --- old/shorewall-4.6.6/install.sh 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-4.6.6.1/install.sh 2015-01-23 17:49:48.000000000 +0100 @@ -22,7 +22,7 @@ # along with this program; if not, see http://www.gnu.org/licenses/. # -VERSION=4.6.6 +VERSION=4.6.6.1 # # Change to the directory containing this script diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/known_problems.txt new/shorewall-4.6.6.1/known_problems.txt --- old/shorewall-4.6.6/known_problems.txt 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-4.6.6.1/known_problems.txt 2015-01-23 17:49:48.000000000 +0100 @@ -1,2 +1,30 @@ 1) On systems running Upstart, shorewall-init cannot reliably secure the firewall before interfaces are brought up. + +2) The SAVE and RESTORE actions are erroneously disallowed in the + INPUT chain within the mangle file. + + Corrected in 4.6.6.1 + +3) The manpage descriptions of the mangle SAVE and RESTORE actions + incorrectly require a slash (/) prior to the mask value. + + Corrected in 4.6.6.1 + +4) Race conditions can currently occur between the 'start' command and + the 'enable' and 'disable' commands. + + Corrected in 4.6.6.1 + +5) The 'update' command incorrectly adds the INLINE_MATCHES option + to shorewall.conf with a default value of 'Yes'. This causes + 'start' to fail with invalid iptables rules when the alternate + input format using ';' is used. + + Corrected in 4.6.6.1 + +6) The LOCKFILE setting is not propagated to the generated script. So + when the script is run directly, the script unconditionally uses + ${VARDIR}/lock. + + Corrected in 4.6.6.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-accounting.5 new/shorewall-4.6.6.1/manpages/shorewall-accounting.5 --- old/shorewall-4.6.6/manpages/shorewall-accounting.5 2015-01-15 16:45:38.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-accounting.5 2015-01-23 17:49:51.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-accounting .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-ACCOUNTIN" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-ACCOUNTIN" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-actions.5 new/shorewall-4.6.6.1/manpages/shorewall-actions.5 --- old/shorewall-4.6.6/manpages/shorewall-actions.5 2015-01-15 16:45:40.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-actions.5 2015-01-23 17:49:52.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-actions .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-ACTIONS" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-ACTIONS" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-arprules.5 new/shorewall-4.6.6.1/manpages/shorewall-arprules.5 --- old/shorewall-4.6.6/manpages/shorewall-arprules.5 2015-01-15 16:45:41.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-arprules.5 2015-01-23 17:49:54.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-arprules .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-ARPRULES" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-ARPRULES" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-blacklist.5 new/shorewall-4.6.6.1/manpages/shorewall-blacklist.5 --- old/shorewall-4.6.6/manpages/shorewall-blacklist.5 2015-01-15 16:45:43.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-blacklist.5 2015-01-23 17:49:55.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-blacklist .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-BLACKLIST" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-BLACKLIST" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-blrules.5 new/shorewall-4.6.6.1/manpages/shorewall-blrules.5 --- old/shorewall-4.6.6/manpages/shorewall-blrules.5 2015-01-15 16:45:44.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-blrules.5 2015-01-23 17:49:56.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-blrules .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-BLRULES" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-BLRULES" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-conntrack.5 new/shorewall-4.6.6.1/manpages/shorewall-conntrack.5 --- old/shorewall-4.6.6/manpages/shorewall-conntrack.5 2015-01-15 16:45:51.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-conntrack.5 2015-01-23 17:50:03.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall6-conntrack .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL6\-CONNTRAC" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL6\-CONNTRAC" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-ecn.5 new/shorewall-4.6.6.1/manpages/shorewall-ecn.5 --- old/shorewall-4.6.6/manpages/shorewall-ecn.5 2015-01-15 16:45:52.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-ecn.5 2015-01-23 17:50:04.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-ecn .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-ECN" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-ECN" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-exclusion.5 new/shorewall-4.6.6.1/manpages/shorewall-exclusion.5 --- old/shorewall-4.6.6/manpages/shorewall-exclusion.5 2015-01-15 16:45:53.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-exclusion.5 2015-01-23 17:50:05.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-exclusion .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-EXCLUSION" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-EXCLUSION" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-hosts.5 new/shorewall-4.6.6.1/manpages/shorewall-hosts.5 --- old/shorewall-4.6.6/manpages/shorewall-hosts.5 2015-01-15 16:45:55.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-hosts.5 2015-01-23 17:50:07.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-hosts .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-HOSTS" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-HOSTS" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-init.8 new/shorewall-4.6.6.1/manpages/shorewall-init.8 --- old/shorewall-4.6.6/manpages/shorewall-init.8 2015-01-15 16:45:56.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-init.8 2015-01-23 17:50:08.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-init .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Administrative Commands .\" Source: Administrative Commands .\" Language: English .\" -.TH "SHOREWALL\-INIT" "8" "01/15/2015" "Administrative Commands" "Administrative Commands" +.TH "SHOREWALL\-INIT" "8" "01/23/2015" "Administrative Commands" "Administrative Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-interfaces.5 new/shorewall-4.6.6.1/manpages/shorewall-interfaces.5 --- old/shorewall-4.6.6/manpages/shorewall-interfaces.5 2015-01-15 16:45:58.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-interfaces.5 2015-01-23 17:50:10.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-interfaces .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-INTERFACE" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-INTERFACE" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-ipsets.5 new/shorewall-4.6.6.1/manpages/shorewall-ipsets.5 --- old/shorewall-4.6.6/manpages/shorewall-ipsets.5 2015-01-15 16:45:59.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-ipsets.5 2015-01-23 17:50:11.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-ipsets .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-IPSETS" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-IPSETS" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-maclist.5 new/shorewall-4.6.6.1/manpages/shorewall-maclist.5 --- old/shorewall-4.6.6/manpages/shorewall-maclist.5 2015-01-15 16:46:00.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-maclist.5 2015-01-23 17:50:13.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-maclist .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-MACLIST" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-MACLIST" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-mangle.5 new/shorewall-4.6.6.1/manpages/shorewall-mangle.5 --- old/shorewall-4.6.6/manpages/shorewall-mangle.5 2015-01-15 16:46:02.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-mangle.5 2015-01-23 17:50:14.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-mangle .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-MANGLE" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-MANGLE" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -411,7 +411,7 @@ \m[blue]\fBshorewall\&.conf\fR\m[]\&\s-2\u[2]\d\s+2(5))\&. .RE .PP -\fBRESTORE\fR[(/\fImask\fR)] +\fBRESTORE\fR[(\fImask\fR)] .RS 4 Restore the packet\*(Aqs mark from the connection\*(Aqs mark using the supplied mask if any\&. Your kernel and iptables must include CONNMARK support\&. .RE @@ -451,7 +451,7 @@ If the firewall attempts a connection on TCP port 80 or 443 and it has sent a packet on either of those ports in the last five minutes to the same remote system then the new connection will use the same provider as the connection over which that last packet was sent\&. .RE .PP -\fBSAVE[(/\fR\fB\fImask)\fR\fR\fB] \fR +\fBSAVE[(\fR\fB\fI\fImask\fR\fR\fI)\fR\fR\fB] \fR .RS 4 Save the packet\*(Aqs mark to the connection\*(Aqs mark using the supplied mask if any\&. Your kernel and iptables must include CONNMARK support\&. .RE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-masq.5 new/shorewall-4.6.6.1/manpages/shorewall-masq.5 --- old/shorewall-4.6.6/manpages/shorewall-masq.5 2015-01-15 16:46:04.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-masq.5 2015-01-23 17:50:16.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-masq .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-MASQ" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-MASQ" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-modules.5 new/shorewall-4.6.6.1/manpages/shorewall-modules.5 --- old/shorewall-4.6.6/manpages/shorewall-modules.5 2015-01-15 16:46:05.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-modules.5 2015-01-23 17:50:17.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-modules .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-MODULES" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-MODULES" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-nat.5 new/shorewall-4.6.6.1/manpages/shorewall-nat.5 --- old/shorewall-4.6.6/manpages/shorewall-nat.5 2015-01-15 16:46:06.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-nat.5 2015-01-23 17:50:19.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-nat .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-NAT" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-NAT" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-nesting.5 new/shorewall-4.6.6.1/manpages/shorewall-nesting.5 --- old/shorewall-4.6.6/manpages/shorewall-nesting.5 2015-01-15 16:46:08.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-nesting.5 2015-01-23 17:50:20.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-nesting .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-NESTING" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-NESTING" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-netmap.5 new/shorewall-4.6.6.1/manpages/shorewall-netmap.5 --- old/shorewall-4.6.6/manpages/shorewall-netmap.5 2015-01-15 16:46:09.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-netmap.5 2015-01-23 17:50:21.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-netmap .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-NETMAP" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-NETMAP" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-params.5 new/shorewall-4.6.6.1/manpages/shorewall-params.5 --- old/shorewall-4.6.6/manpages/shorewall-params.5 2015-01-15 16:46:10.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-params.5 2015-01-23 17:50:23.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-params .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-PARAMS" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-PARAMS" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-policy.5 new/shorewall-4.6.6.1/manpages/shorewall-policy.5 --- old/shorewall-4.6.6/manpages/shorewall-policy.5 2015-01-15 16:46:12.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-policy.5 2015-01-23 17:50:24.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-policy .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-POLICY" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-POLICY" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-providers.5 new/shorewall-4.6.6.1/manpages/shorewall-providers.5 --- old/shorewall-4.6.6/manpages/shorewall-providers.5 2015-01-15 16:46:13.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-providers.5 2015-01-23 17:50:26.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-providers .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-PROVIDERS" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-PROVIDERS" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-proxyarp.5 new/shorewall-4.6.6.1/manpages/shorewall-proxyarp.5 --- old/shorewall-4.6.6/manpages/shorewall-proxyarp.5 2015-01-15 16:46:15.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-proxyarp.5 2015-01-23 17:50:27.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-proxyarp .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-PROXYARP" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-PROXYARP" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-routes.5 new/shorewall-4.6.6.1/manpages/shorewall-routes.5 --- old/shorewall-4.6.6/manpages/shorewall-routes.5 2015-01-15 16:46:17.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-routes.5 2015-01-23 17:50:30.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-routes .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-ROUTES" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-ROUTES" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-routestopped.5 new/shorewall-4.6.6.1/manpages/shorewall-routestopped.5 --- old/shorewall-4.6.6/manpages/shorewall-routestopped.5 2015-01-15 16:46:16.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-routestopped.5 2015-01-23 17:50:28.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-routestopped .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-ROUTESTOP" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-ROUTESTOP" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-rtrules.5 new/shorewall-4.6.6.1/manpages/shorewall-rtrules.5 --- old/shorewall-4.6.6/manpages/shorewall-rtrules.5 2015-01-15 16:46:19.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-rtrules.5 2015-01-23 17:50:31.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-rtrules .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-RTRULES" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-RTRULES" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-rules.5 new/shorewall-4.6.6.1/manpages/shorewall-rules.5 --- old/shorewall-4.6.6/manpages/shorewall-rules.5 2015-01-15 16:46:21.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-rules.5 2015-01-23 17:50:34.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-rules .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-RULES" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-RULES" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-secmarks.5 new/shorewall-4.6.6.1/manpages/shorewall-secmarks.5 --- old/shorewall-4.6.6/manpages/shorewall-secmarks.5 2015-01-15 16:46:23.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-secmarks.5 2015-01-23 17:50:35.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-secmarks .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-SECMARKS" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-SECMARKS" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-stoppedrules.5 new/shorewall-4.6.6.1/manpages/shorewall-stoppedrules.5 --- old/shorewall-4.6.6/manpages/shorewall-stoppedrules.5 2015-01-15 16:46:24.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-stoppedrules.5 2015-01-23 17:50:37.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-stoppedrules .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-STOPPEDRU" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-STOPPEDRU" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-tcclasses.5 new/shorewall-4.6.6.1/manpages/shorewall-tcclasses.5 --- old/shorewall-4.6.6/manpages/shorewall-tcclasses.5 2015-01-15 16:46:26.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-tcclasses.5 2015-01-23 17:50:38.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tcclasses .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-TCCLASSES" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-TCCLASSES" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-tcdevices.5 new/shorewall-4.6.6.1/manpages/shorewall-tcdevices.5 --- old/shorewall-4.6.6/manpages/shorewall-tcdevices.5 2015-01-15 16:46:27.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-tcdevices.5 2015-01-23 17:50:39.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tcdevices .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-TCDEVICES" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-TCDEVICES" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-tcfilters.5 new/shorewall-4.6.6.1/manpages/shorewall-tcfilters.5 --- old/shorewall-4.6.6/manpages/shorewall-tcfilters.5 2015-01-15 16:46:29.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-tcfilters.5 2015-01-23 17:50:41.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tcfilters .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-TCFILTERS" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-TCFILTERS" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-tcinterfaces.5 new/shorewall-4.6.6.1/manpages/shorewall-tcinterfaces.5 --- old/shorewall-4.6.6/manpages/shorewall-tcinterfaces.5 2015-01-15 16:46:30.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-tcinterfaces.5 2015-01-23 17:50:42.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tcinterfaces .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-TCINTERFA" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-TCINTERFA" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-tcpri.5 new/shorewall-4.6.6.1/manpages/shorewall-tcpri.5 --- old/shorewall-4.6.6/manpages/shorewall-tcpri.5 2015-01-15 16:46:31.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-tcpri.5 2015-01-23 17:50:44.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tcpri .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-TCPRI" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-TCPRI" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-tcrules.5 new/shorewall-4.6.6.1/manpages/shorewall-tcrules.5 --- old/shorewall-4.6.6/manpages/shorewall-tcrules.5 2015-01-15 16:46:33.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-tcrules.5 2015-01-23 17:50:45.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-mangle .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-MANGLE" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-MANGLE" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-tos.5 new/shorewall-4.6.6.1/manpages/shorewall-tos.5 --- old/shorewall-4.6.6/manpages/shorewall-tos.5 2015-01-15 16:46:34.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-tos.5 2015-01-23 17:50:47.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tos .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-TOS" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-TOS" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-tunnels.5 new/shorewall-4.6.6.1/manpages/shorewall-tunnels.5 --- old/shorewall-4.6.6/manpages/shorewall-tunnels.5 2015-01-15 16:46:36.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-tunnels.5 2015-01-23 17:50:48.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tunnels .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-TUNNELS" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-TUNNELS" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-vardir.5 new/shorewall-4.6.6.1/manpages/shorewall-vardir.5 --- old/shorewall-4.6.6/manpages/shorewall-vardir.5 2015-01-15 16:46:37.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-vardir.5 2015-01-23 17:50:50.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-vardir .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-VARDIR" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-VARDIR" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall-zones.5 new/shorewall-4.6.6.1/manpages/shorewall-zones.5 --- old/shorewall-4.6.6/manpages/shorewall-zones.5 2015-01-15 16:46:42.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall-zones.5 2015-01-23 17:50:54.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-zones .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-ZONES" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-ZONES" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall.8 new/shorewall-4.6.6.1/manpages/shorewall.8 --- old/shorewall-4.6.6/manpages/shorewall.8 2015-01-15 16:46:40.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall.8 2015-01-23 17:50:53.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Administrative Commands .\" Source: Administrative Commands .\" Language: English .\" -.TH "SHOREWALL" "8" "01/15/2015" "Administrative Commands" "Administrative Commands" +.TH "SHOREWALL" "8" "01/23/2015" "Administrative Commands" "Administrative Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/manpages/shorewall.conf.5 new/shorewall-4.6.6.1/manpages/shorewall.conf.5 --- old/shorewall-4.6.6/manpages/shorewall.conf.5 2015-01-15 16:45:49.000000000 +0100 +++ new/shorewall-4.6.6.1/manpages/shorewall.conf.5 2015-01-23 17:50:01.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall.conf .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\&.CONF" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\&.CONF" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/releasenotes.txt new/shorewall-4.6.6.1/releasenotes.txt --- old/shorewall-4.6.6/releasenotes.txt 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-4.6.6.1/releasenotes.txt 2015-01-23 17:49:48.000000000 +0100 @@ -1,7 +1,7 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 6 . 6 + S H O R E W A L L 4 . 6 . 6 . 1 ------------------------------------ - J a n u a r y 1 7 , 2 0 1 5 + J a n u a r y 2 3 , 2 0 1 5 ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -14,17 +14,37 @@ I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- -1) This release includes defect repair from Shorewall 4.6.5.4 and - earlier releases. +4.6.6.1 + +1) Previously the SAVE and RESTORE actions were erroneously disallowed + in the INPUT chain within the mangle file. + +2) The manpage descriptions of the mangle SAVE and RESTORE actions + incorrectly required a slash (/) prior to the mask value. + +3) Race conditions could previously occur between the 'start' command + and the 'enable' and 'disable' commands. + +4) The 'update' command incorrectly added the INLINE_MATCHES option + to shorewall.conf with a default value of 'Yes'. This caused + 'start' to fail with invalid iptables rules when the alternate + input format using ';' is used. -2) The 'ifupdown' scripts have been corrected. Previously, they were - looking in the wrong directory for the firewall script. Thanks go - to Tuomo Soini. +6) Previously the LOCKFILE setting was not propagated to the generated + script. So when the script was run directly, the script + unconditionally used ${VARDIR}/lock. -3) Previously, a line beginning with 'shell' was interpreted as a +4.6.6 + +1) This release includes defect repair from Shorewall 4.6.5.5 and + earlier releases. + +2) Previously, a line beginning with 'shell' was interpreted as a shell script. Now, the line must begin with 'SHELL' - (case-sensitive). - + (case-sensitive). + + Note that ?SHELL and BEGIN SHELL are still case-insensitive. + ---------------------------------------------------------------------------- I I. K N O W N P R O B L E M S R E M A I N I N G ---------------------------------------------------------------------------- @@ -118,6 +138,11 @@ 'fallback', then the other would specify 'primary' rather than 'balance'. +6) Two new Macros have been contributed: + + Zabbix - Tuomo Soini + Tinc - Răzvan Sandu + ---------------------------------------------------------------------------- I V. M I G R A T I O N I S S U E S ---------------------------------------------------------------------------- @@ -414,6 +439,26 @@ P R O B L E M S C O R R E C T E D I N 4 . 6 . 5 ---------------------------------------------------------------------------- +4.6.5.5 + +1) The Shorewall-init ifupdown scripts were looking for the firewall + script in the wrong directory. Correction was provider by Tuomo + Soini. + +4.6.5.4 + +1) The '-c' option of the 'dump' and 'show routing' commands is now + documented. + +2) The handling of the 'DIGEST' environmental variable has been + corrected in the Shorewall installer. Previously, specifying that + option would not correctly update the Chains module which led to a + Perl compilation failure. + +3) Handling of ipset names on PORT columns has been + corrected. Previously, such usage resulted in an invalid iptables + rule being generated. + 4.6.5.3 1) The Shorewall-init scripts were using the incorrect diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/shorewall.spec new/shorewall-4.6.6.1/shorewall.spec --- old/shorewall-4.6.6/shorewall.spec 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-4.6.6.1/shorewall.spec 2015-01-23 17:49:48.000000000 +0100 @@ -1,6 +1,6 @@ %define name shorewall %define version 4.6.6 -%define release 0base +%define release 1 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. Name: %{name} @@ -132,6 +132,8 @@ %doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples %changelog +* Thu Jan 22 2015 Tom Eastep tom@shorewall.net +- Updated to 4.6.6-1 * Sat Jan 10 2015 Tom Eastep tom@shorewall.net - Updated to 4.6.6-0base * Tue Jan 06 2015 Tom Eastep tom@shorewall.net diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.6/uninstall.sh new/shorewall-4.6.6.1/uninstall.sh --- old/shorewall-4.6.6/uninstall.sh 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-4.6.6.1/uninstall.sh 2015-01-23 17:49:48.000000000 +0100 @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.6.6 +VERSION=4.6.6.1 PRODUCT=shorewall usage() # $1 = exit status ++++++ shorewall-core-4.6.6.tar.bz2 -> shorewall-core-4.6.6.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.6/changelog.txt new/shorewall-core-4.6.6.1/changelog.txt --- old/shorewall-core-4.6.6/changelog.txt 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-core-4.6.6.1/changelog.txt 2015-01-23 17:49:48.000000000 +0100 @@ -1,3 +1,19 @@ +Changes in 4.6.6.1 + +1) Update release documents. + +2) Allow SAVE and RESTORE in the INPUT chain. + +3) Correct manpage descriptions of mangle SAVE and RESTORE + +4) Protect 'enable' and 'disable' with mutex + +5) Change the installation default value of INLINE_MATCHES + +6) Correct the file name in mangle split_line error messages + +7) Propagate the LOCKFILE setting to the generated script + Changes in 4.6.6 Final 1) Update release documents. @@ -6,6 +22,10 @@ 3) Make leading 'SHELL' case sensitive. +4) Zabbix Macro from Tuomo Soini. + +5) Tinc Macro from Răzvan Sandu. + Changes in 4.6.6 RC 1 1) Update release documents. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.6/configure new/shorewall-core-4.6.6.1/configure --- old/shorewall-core-4.6.6/configure 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-core-4.6.6.1/configure 2015-01-23 17:49:48.000000000 +0100 @@ -28,7 +28,7 @@ # # Build updates this # -VERSION=4.6.6 +VERSION=4.6.6.1 case "$BASH_VERSION" in [4-9].*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.6/configure.pl new/shorewall-core-4.6.6.1/configure.pl --- old/shorewall-core-4.6.6/configure.pl 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-core-4.6.6.1/configure.pl 2015-01-23 17:49:48.000000000 +0100 @@ -31,7 +31,7 @@ # Build updates this # use constant { - VERSION => '4.6.6' + VERSION => '4.6.6.1' }; my %params; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.6/install.sh new/shorewall-core-4.6.6.1/install.sh --- old/shorewall-core-4.6.6/install.sh 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-core-4.6.6.1/install.sh 2015-01-23 17:49:48.000000000 +0100 @@ -22,7 +22,7 @@ # along with this program; if not, see http://www.gnu.org/licenses/. # -VERSION=4.6.6 +VERSION=4.6.6.1 usage() # $1 = exit status { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.6/known_problems.txt new/shorewall-core-4.6.6.1/known_problems.txt --- old/shorewall-core-4.6.6/known_problems.txt 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-core-4.6.6.1/known_problems.txt 2015-01-23 17:49:48.000000000 +0100 @@ -1,2 +1,30 @@ 1) On systems running Upstart, shorewall-init cannot reliably secure the firewall before interfaces are brought up. + +2) The SAVE and RESTORE actions are erroneously disallowed in the + INPUT chain within the mangle file. + + Corrected in 4.6.6.1 + +3) The manpage descriptions of the mangle SAVE and RESTORE actions + incorrectly require a slash (/) prior to the mask value. + + Corrected in 4.6.6.1 + +4) Race conditions can currently occur between the 'start' command and + the 'enable' and 'disable' commands. + + Corrected in 4.6.6.1 + +5) The 'update' command incorrectly adds the INLINE_MATCHES option + to shorewall.conf with a default value of 'Yes'. This causes + 'start' to fail with invalid iptables rules when the alternate + input format using ';' is used. + + Corrected in 4.6.6.1 + +6) The LOCKFILE setting is not propagated to the generated script. So + when the script is run directly, the script unconditionally uses + ${VARDIR}/lock. + + Corrected in 4.6.6.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.6/releasenotes.txt new/shorewall-core-4.6.6.1/releasenotes.txt --- old/shorewall-core-4.6.6/releasenotes.txt 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-core-4.6.6.1/releasenotes.txt 2015-01-23 17:49:48.000000000 +0100 @@ -1,7 +1,7 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 6 . 6 + S H O R E W A L L 4 . 6 . 6 . 1 ------------------------------------ - J a n u a r y 1 7 , 2 0 1 5 + J a n u a r y 2 3 , 2 0 1 5 ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -14,17 +14,37 @@ I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- -1) This release includes defect repair from Shorewall 4.6.5.4 and - earlier releases. +4.6.6.1 + +1) Previously the SAVE and RESTORE actions were erroneously disallowed + in the INPUT chain within the mangle file. + +2) The manpage descriptions of the mangle SAVE and RESTORE actions + incorrectly required a slash (/) prior to the mask value. + +3) Race conditions could previously occur between the 'start' command + and the 'enable' and 'disable' commands. + +4) The 'update' command incorrectly added the INLINE_MATCHES option + to shorewall.conf with a default value of 'Yes'. This caused + 'start' to fail with invalid iptables rules when the alternate + input format using ';' is used. -2) The 'ifupdown' scripts have been corrected. Previously, they were - looking in the wrong directory for the firewall script. Thanks go - to Tuomo Soini. +6) Previously the LOCKFILE setting was not propagated to the generated + script. So when the script was run directly, the script + unconditionally used ${VARDIR}/lock. -3) Previously, a line beginning with 'shell' was interpreted as a +4.6.6 + +1) This release includes defect repair from Shorewall 4.6.5.5 and + earlier releases. + +2) Previously, a line beginning with 'shell' was interpreted as a shell script. Now, the line must begin with 'SHELL' - (case-sensitive). - + (case-sensitive). + + Note that ?SHELL and BEGIN SHELL are still case-insensitive. + ---------------------------------------------------------------------------- I I. K N O W N P R O B L E M S R E M A I N I N G ---------------------------------------------------------------------------- @@ -118,6 +138,11 @@ 'fallback', then the other would specify 'primary' rather than 'balance'. +6) Two new Macros have been contributed: + + Zabbix - Tuomo Soini + Tinc - Răzvan Sandu + ---------------------------------------------------------------------------- I V. M I G R A T I O N I S S U E S ---------------------------------------------------------------------------- @@ -414,6 +439,26 @@ P R O B L E M S C O R R E C T E D I N 4 . 6 . 5 ---------------------------------------------------------------------------- +4.6.5.5 + +1) The Shorewall-init ifupdown scripts were looking for the firewall + script in the wrong directory. Correction was provider by Tuomo + Soini. + +4.6.5.4 + +1) The '-c' option of the 'dump' and 'show routing' commands is now + documented. + +2) The handling of the 'DIGEST' environmental variable has been + corrected in the Shorewall installer. Previously, specifying that + option would not correctly update the Chains module which led to a + Perl compilation failure. + +3) Handling of ipset names on PORT columns has been + corrected. Previously, such usage resulted in an invalid iptables + rule being generated. + 4.6.5.3 1) The Shorewall-init scripts were using the incorrect diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.6/shorewall-core.spec new/shorewall-core-4.6.6.1/shorewall-core.spec --- old/shorewall-core-4.6.6/shorewall-core.spec 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-core-4.6.6.1/shorewall-core.spec 2015-01-23 17:49:48.000000000 +0100 @@ -1,6 +1,6 @@ %define name shorewall-core %define version 4.6.6 -%define release 0base +%define release 1 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. Name: %{name} @@ -63,6 +63,8 @@ %doc COPYING INSTALL changelog.txt releasenotes.txt %changelog +* Thu Jan 22 2015 Tom Eastep tom@shorewall.net +- Updated to 4.6.6-1 * Sat Jan 10 2015 Tom Eastep tom@shorewall.net - Updated to 4.6.6-0base * Tue Jan 06 2015 Tom Eastep tom@shorewall.net diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.6.6/uninstall.sh new/shorewall-core-4.6.6.1/uninstall.sh --- old/shorewall-core-4.6.6/uninstall.sh 2015-01-15 16:45:36.000000000 +0100 +++ new/shorewall-core-4.6.6.1/uninstall.sh 2015-01-23 17:49:48.000000000 +0100 @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.6.6 +VERSION=4.6.6.1 usage() # $1 = exit status { ++++++ shorewall-docs-html-4.6.6.tar.bz2 -> shorewall-docs-html-4.6.6.1.tar.bz2 ++++++ ++++ 6842 lines of diff (skipped) ++++++ shorewall-init-4.6.6.tar.bz2 -> shorewall-init-4.6.6.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.6/changelog.txt new/shorewall-init-4.6.6.1/changelog.txt --- old/shorewall-init-4.6.6/changelog.txt 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-init-4.6.6.1/changelog.txt 2015-01-23 17:49:49.000000000 +0100 @@ -1,3 +1,19 @@ +Changes in 4.6.6.1 + +1) Update release documents. + +2) Allow SAVE and RESTORE in the INPUT chain. + +3) Correct manpage descriptions of mangle SAVE and RESTORE + +4) Protect 'enable' and 'disable' with mutex + +5) Change the installation default value of INLINE_MATCHES + +6) Correct the file name in mangle split_line error messages + +7) Propagate the LOCKFILE setting to the generated script + Changes in 4.6.6 Final 1) Update release documents. @@ -6,6 +22,10 @@ 3) Make leading 'SHELL' case sensitive. +4) Zabbix Macro from Tuomo Soini. + +5) Tinc Macro from Răzvan Sandu. + Changes in 4.6.6 RC 1 1) Update release documents. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.6/configure new/shorewall-init-4.6.6.1/configure --- old/shorewall-init-4.6.6/configure 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-init-4.6.6.1/configure 2015-01-23 17:49:49.000000000 +0100 @@ -28,7 +28,7 @@ # # Build updates this # -VERSION=4.6.6 +VERSION=4.6.6.1 case "$BASH_VERSION" in [4-9].*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.6/configure.pl new/shorewall-init-4.6.6.1/configure.pl --- old/shorewall-init-4.6.6/configure.pl 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-init-4.6.6.1/configure.pl 2015-01-23 17:49:49.000000000 +0100 @@ -31,7 +31,7 @@ # Build updates this # use constant { - VERSION => '4.6.6' + VERSION => '4.6.6.1' }; my %params; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.6/install.sh new/shorewall-init-4.6.6.1/install.sh --- old/shorewall-init-4.6.6/install.sh 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-init-4.6.6.1/install.sh 2015-01-23 17:49:49.000000000 +0100 @@ -27,7 +27,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.6.6 +VERSION=4.6.6.1 usage() # $1 = exit status { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.6/releasenotes.txt new/shorewall-init-4.6.6.1/releasenotes.txt --- old/shorewall-init-4.6.6/releasenotes.txt 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-init-4.6.6.1/releasenotes.txt 2015-01-23 17:49:49.000000000 +0100 @@ -1,7 +1,7 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 6 . 6 + S H O R E W A L L 4 . 6 . 6 . 1 ------------------------------------ - J a n u a r y 1 7 , 2 0 1 5 + J a n u a r y 2 3 , 2 0 1 5 ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -14,17 +14,37 @@ I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- -1) This release includes defect repair from Shorewall 4.6.5.4 and - earlier releases. +4.6.6.1 + +1) Previously the SAVE and RESTORE actions were erroneously disallowed + in the INPUT chain within the mangle file. + +2) The manpage descriptions of the mangle SAVE and RESTORE actions + incorrectly required a slash (/) prior to the mask value. + +3) Race conditions could previously occur between the 'start' command + and the 'enable' and 'disable' commands. + +4) The 'update' command incorrectly added the INLINE_MATCHES option + to shorewall.conf with a default value of 'Yes'. This caused + 'start' to fail with invalid iptables rules when the alternate + input format using ';' is used. -2) The 'ifupdown' scripts have been corrected. Previously, they were - looking in the wrong directory for the firewall script. Thanks go - to Tuomo Soini. +6) Previously the LOCKFILE setting was not propagated to the generated + script. So when the script was run directly, the script + unconditionally used ${VARDIR}/lock. -3) Previously, a line beginning with 'shell' was interpreted as a +4.6.6 + +1) This release includes defect repair from Shorewall 4.6.5.5 and + earlier releases. + +2) Previously, a line beginning with 'shell' was interpreted as a shell script. Now, the line must begin with 'SHELL' - (case-sensitive). - + (case-sensitive). + + Note that ?SHELL and BEGIN SHELL are still case-insensitive. + ---------------------------------------------------------------------------- I I. K N O W N P R O B L E M S R E M A I N I N G ---------------------------------------------------------------------------- @@ -118,6 +138,11 @@ 'fallback', then the other would specify 'primary' rather than 'balance'. +6) Two new Macros have been contributed: + + Zabbix - Tuomo Soini + Tinc - Răzvan Sandu + ---------------------------------------------------------------------------- I V. M I G R A T I O N I S S U E S ---------------------------------------------------------------------------- @@ -414,6 +439,26 @@ P R O B L E M S C O R R E C T E D I N 4 . 6 . 5 ---------------------------------------------------------------------------- +4.6.5.5 + +1) The Shorewall-init ifupdown scripts were looking for the firewall + script in the wrong directory. Correction was provider by Tuomo + Soini. + +4.6.5.4 + +1) The '-c' option of the 'dump' and 'show routing' commands is now + documented. + +2) The handling of the 'DIGEST' environmental variable has been + corrected in the Shorewall installer. Previously, specifying that + option would not correctly update the Chains module which led to a + Perl compilation failure. + +3) Handling of ipset names on PORT columns has been + corrected. Previously, such usage resulted in an invalid iptables + rule being generated. + 4.6.5.3 1) The Shorewall-init scripts were using the incorrect diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.6/shorewall-init.spec new/shorewall-init-4.6.6.1/shorewall-init.spec --- old/shorewall-init-4.6.6/shorewall-init.spec 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-init-4.6.6.1/shorewall-init.spec 2015-01-23 17:49:49.000000000 +0100 @@ -1,6 +1,6 @@ %define name shorewall-init %define version 4.6.6 -%define release 0base +%define release 1 Summary: Shorewall-init adds functionality to Shoreline Firewall (Shorewall). Name: %{name} @@ -126,6 +126,8 @@ %doc COPYING changelog.txt releasenotes.txt %changelog +* Thu Jan 22 2015 Tom Eastep tom@shorewall.net +- Updated to 4.6.6-1 * Sat Jan 10 2015 Tom Eastep tom@shorewall.net - Updated to 4.6.6-0base * Tue Jan 06 2015 Tom Eastep tom@shorewall.net diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.6.6/uninstall.sh new/shorewall-init-4.6.6.1/uninstall.sh --- old/shorewall-init-4.6.6/uninstall.sh 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-init-4.6.6.1/uninstall.sh 2015-01-23 17:49:49.000000000 +0100 @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.6.6 +VERSION=4.6.6.1 usage() # $1 = exit status { ++++++ shorewall-lite-4.6.6.tar.bz2 -> shorewall-lite-4.6.6.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.6/changelog.txt new/shorewall-lite-4.6.6.1/changelog.txt --- old/shorewall-lite-4.6.6/changelog.txt 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-lite-4.6.6.1/changelog.txt 2015-01-23 17:49:49.000000000 +0100 @@ -1,3 +1,19 @@ +Changes in 4.6.6.1 + +1) Update release documents. + +2) Allow SAVE and RESTORE in the INPUT chain. + +3) Correct manpage descriptions of mangle SAVE and RESTORE + +4) Protect 'enable' and 'disable' with mutex + +5) Change the installation default value of INLINE_MATCHES + +6) Correct the file name in mangle split_line error messages + +7) Propagate the LOCKFILE setting to the generated script + Changes in 4.6.6 Final 1) Update release documents. @@ -6,6 +22,10 @@ 3) Make leading 'SHELL' case sensitive. +4) Zabbix Macro from Tuomo Soini. + +5) Tinc Macro from Răzvan Sandu. + Changes in 4.6.6 RC 1 1) Update release documents. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.6/configure new/shorewall-lite-4.6.6.1/configure --- old/shorewall-lite-4.6.6/configure 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-lite-4.6.6.1/configure 2015-01-23 17:49:49.000000000 +0100 @@ -28,7 +28,7 @@ # # Build updates this # -VERSION=4.6.6 +VERSION=4.6.6.1 case "$BASH_VERSION" in [4-9].*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.6/configure.pl new/shorewall-lite-4.6.6.1/configure.pl --- old/shorewall-lite-4.6.6/configure.pl 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-lite-4.6.6.1/configure.pl 2015-01-23 17:49:49.000000000 +0100 @@ -31,7 +31,7 @@ # Build updates this # use constant { - VERSION => '4.6.6' + VERSION => '4.6.6.1' }; my %params; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.6/install.sh new/shorewall-lite-4.6.6.1/install.sh --- old/shorewall-lite-4.6.6/install.sh 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-lite-4.6.6.1/install.sh 2015-01-23 17:49:49.000000000 +0100 @@ -22,7 +22,7 @@ # along with this program; if not, see http://www.gnu.org/licenses/. # -VERSION=4.6.6 +VERSION=4.6.6.1 usage() # $1 = exit status { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.6/manpages/shorewall-lite-vardir.5 new/shorewall-lite-4.6.6.1/manpages/shorewall-lite-vardir.5 --- old/shorewall-lite-4.6.6/manpages/shorewall-lite-vardir.5 2015-01-15 16:48:57.000000000 +0100 +++ new/shorewall-lite-4.6.6.1/manpages/shorewall-lite-vardir.5 2015-01-23 17:53:10.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-lite-vardir .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-LITE\-VAR" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-LITE\-VAR" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.6/manpages/shorewall-lite.8 new/shorewall-lite-4.6.6.1/manpages/shorewall-lite.8 --- old/shorewall-lite-4.6.6/manpages/shorewall-lite.8 2015-01-15 16:48:59.000000000 +0100 +++ new/shorewall-lite-4.6.6.1/manpages/shorewall-lite.8 2015-01-23 17:53:11.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-lite .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Administrative Commands .\" Source: Administrative Commands .\" Language: English .\" -.TH "SHOREWALL\-LITE" "8" "01/15/2015" "Administrative Commands" "Administrative Commands" +.TH "SHOREWALL\-LITE" "8" "01/23/2015" "Administrative Commands" "Administrative Commands" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.6/manpages/shorewall-lite.conf.5 new/shorewall-lite-4.6.6.1/manpages/shorewall-lite.conf.5 --- old/shorewall-lite-4.6.6/manpages/shorewall-lite.conf.5 2015-01-15 16:48:56.000000000 +0100 +++ new/shorewall-lite-4.6.6.1/manpages/shorewall-lite.conf.5 2015-01-23 17:53:08.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-lite.conf .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/ -.\" Date: 01/15/2015 +.\" Date: 01/23/2015 .\" Manual: Configuration Files .\" Source: Configuration Files .\" Language: English .\" -.TH "SHOREWALL\-LITE\&.CO" "5" "01/15/2015" "Configuration Files" "Configuration Files" +.TH "SHOREWALL\-LITE\&.CO" "5" "01/23/2015" "Configuration Files" "Configuration Files" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.6/releasenotes.txt new/shorewall-lite-4.6.6.1/releasenotes.txt --- old/shorewall-lite-4.6.6/releasenotes.txt 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-lite-4.6.6.1/releasenotes.txt 2015-01-23 17:49:49.000000000 +0100 @@ -1,7 +1,7 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 6 . 6 + S H O R E W A L L 4 . 6 . 6 . 1 ------------------------------------ - J a n u a r y 1 7 , 2 0 1 5 + J a n u a r y 2 3 , 2 0 1 5 ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -14,17 +14,37 @@ I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- -1) This release includes defect repair from Shorewall 4.6.5.4 and - earlier releases. +4.6.6.1 + +1) Previously the SAVE and RESTORE actions were erroneously disallowed + in the INPUT chain within the mangle file. + +2) The manpage descriptions of the mangle SAVE and RESTORE actions + incorrectly required a slash (/) prior to the mask value. + +3) Race conditions could previously occur between the 'start' command + and the 'enable' and 'disable' commands. + +4) The 'update' command incorrectly added the INLINE_MATCHES option + to shorewall.conf with a default value of 'Yes'. This caused + 'start' to fail with invalid iptables rules when the alternate + input format using ';' is used. -2) The 'ifupdown' scripts have been corrected. Previously, they were - looking in the wrong directory for the firewall script. Thanks go - to Tuomo Soini. +6) Previously the LOCKFILE setting was not propagated to the generated + script. So when the script was run directly, the script + unconditionally used ${VARDIR}/lock. -3) Previously, a line beginning with 'shell' was interpreted as a +4.6.6 + +1) This release includes defect repair from Shorewall 4.6.5.5 and + earlier releases. + +2) Previously, a line beginning with 'shell' was interpreted as a shell script. Now, the line must begin with 'SHELL' - (case-sensitive). - + (case-sensitive). + + Note that ?SHELL and BEGIN SHELL are still case-insensitive. + ---------------------------------------------------------------------------- I I. K N O W N P R O B L E M S R E M A I N I N G ---------------------------------------------------------------------------- @@ -118,6 +138,11 @@ 'fallback', then the other would specify 'primary' rather than 'balance'. +6) Two new Macros have been contributed: + + Zabbix - Tuomo Soini + Tinc - Răzvan Sandu + ---------------------------------------------------------------------------- I V. M I G R A T I O N I S S U E S ---------------------------------------------------------------------------- @@ -414,6 +439,26 @@ P R O B L E M S C O R R E C T E D I N 4 . 6 . 5 ---------------------------------------------------------------------------- +4.6.5.5 + +1) The Shorewall-init ifupdown scripts were looking for the firewall + script in the wrong directory. Correction was provider by Tuomo + Soini. + +4.6.5.4 + +1) The '-c' option of the 'dump' and 'show routing' commands is now + documented. + +2) The handling of the 'DIGEST' environmental variable has been + corrected in the Shorewall installer. Previously, specifying that + option would not correctly update the Chains module which led to a + Perl compilation failure. + +3) Handling of ipset names on PORT columns has been + corrected. Previously, such usage resulted in an invalid iptables + rule being generated. + 4.6.5.3 1) The Shorewall-init scripts were using the incorrect diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.6/shorewall-lite.spec new/shorewall-lite-4.6.6.1/shorewall-lite.spec --- old/shorewall-lite-4.6.6/shorewall-lite.spec 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-lite-4.6.6.1/shorewall-lite.spec 2015-01-23 17:49:49.000000000 +0100 @@ -1,6 +1,6 @@ %define name shorewall-lite %define version 4.6.6 -%define release 0base +%define release 1 %define initdir /etc/init.d Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems. @@ -106,6 +106,8 @@ %doc COPYING changelog.txt releasenotes.txt %changelog +* Thu Jan 22 2015 Tom Eastep tom@shorewall.net +- Updated to 4.6.6-1 * Sat Jan 10 2015 Tom Eastep tom@shorewall.net - Updated to 4.6.6-0base * Tue Jan 06 2015 Tom Eastep tom@shorewall.net diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.6.6/uninstall.sh new/shorewall-lite-4.6.6.1/uninstall.sh --- old/shorewall-lite-4.6.6/uninstall.sh 2015-01-15 16:45:37.000000000 +0100 +++ new/shorewall-lite-4.6.6.1/uninstall.sh 2015-01-23 17:49:49.000000000 +0100 @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.6.6 +VERSION=4.6.6.1 PRODUCT=shorewall-lite usage() # $1 = exit status ++++++ shorewall-4.6.6.tar.bz2 -> shorewall6-4.6.6.1.tar.bz2 ++++++ ++++ 127521 lines of diff (skipped) ++++++ shorewall-lite-4.6.6.tar.bz2 -> shorewall6-lite-4.6.6.1.tar.bz2 ++++++ ++++ 8054 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@hilbert.suse.de