Hello community, here is the log from the commit of package shorewall for openSUSE:Factory checked in at 2012-11-12 16:06:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/shorewall (Old) and /work/SRC/openSUSE:Factory/.shorewall.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "shorewall", Maintainer is "" Changes: -------- --- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2012-10-31 07:03:32.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2012-11-12 16:06:49.000000000 +0100 @@ -1,0 +2,35 @@ +Sat Nov 10 20:11:40 UTC 2012 - toganm@opensuse.org + +- Update to 4.5.9.1 For more details see changelog.txt and + releasenotes.txt + * Previously, using a wildcard interface name in a rule would + result in this error: + + ERROR: Invalid ipset name (ppp+) : ... + + Such entries are now handled correctly. + * The shorewall-masq(5) manpage incorrectly stated that the + SOURCE column may use exclusion with an interface name (e.g., + eth1:!1.2.3.4). That hasn't been the case for some time. To + accomplish the same thing, do this: + + eth0 1.2.3.4 NONAT + eth0 eth1 + + Note: Using an interface name in the SOURCE column is deprecated. + * Previously, if a MARK was specified for a tc class that + explicitly specified a class number, the following spurious + warning message was issued: + + WARNING: Class NUMBER ignored -- + INTERFACE <name> does not have the 'classify' option + + That warning message is no longer issued. + * With Shorewall 4.5.9, there were issues when the ipset utility + was not installed, some of which prevented Shorewall from + starting. +- Adjust for the usr move + * change /sbin/service to /usr/service in requires and setting links + + +------------------------------------------------------------------- Old: ---- shorewall-4.5.9.tar.bz2 shorewall-core-4.5.9.tar.bz2 shorewall-docs-html-4.5.9.tar.bz2 shorewall-init-4.5.9.tar.bz2 shorewall-lite-4.5.9.tar.bz2 shorewall6-4.5.9.tar.bz2 shorewall6-lite-4.5.9.tar.bz2 New: ---- shorewall-4.5.9.1.tar.bz2 shorewall-core-4.5.9.1.tar.bz2 shorewall-docs-html-4.5.9.1.tar.bz2 shorewall-init-4.5.9.1.tar.bz2 shorewall-lite-4.5.9.1.tar.bz2 shorewall6-4.5.9.1.tar.bz2 shorewall6-lite-4.5.9.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ shorewall.spec ++++++ --- /var/tmp/diff_new_pack.vbGyRh/_old 2012-11-12 16:06:51.000000000 +0100 +++ /var/tmp/diff_new_pack.vbGyRh/_new 2012-11-12 16:06:51.000000000 +0100 @@ -20,7 +20,7 @@ %define have_systemd 1 Name: shorewall -Version: 4.5.9 +Version: 4.5.9.1 Release: 0 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems License: GPL-2.0 @@ -51,7 +51,7 @@ %endif %if 0%{?suse_version} > 1220 PreReq: %fillup_prereq -Requires: /sbin/service +Requires: /usr/sbin/service %endif %endif Requires: %name-core = %{version}-%{release} @@ -116,7 +116,7 @@ %endif %if 0%{?suse_version} > 1220 PreReq: %fillup_prereq -Requires: /sbin/service +Requires: /usr/sbin/service %endif %endif %if 0%{?fedora_version} @@ -163,7 +163,7 @@ %endif %if 0%{?suse_version} > 1220 PreReq: %fillup_prereq -Requires: /sbin/service +Requires: /usr/sbin/service %endif %endif %if 0%{?fedora_version} @@ -203,7 +203,7 @@ %endif %if 0%{?suse_version} > 1220 PreReq: %fillup_prereq -Requires: /sbin/service +Requires: /usr/sbin/service %endif %endif %if 0%{?fedora_version} @@ -245,7 +245,7 @@ %endif %if 0%{?suse_version} > 1220 PreReq: %fillup_prereq -Requires: /sbin/service +Requires: /usr/sbin/service %endif %endif %if 0%{?fedora_version} @@ -394,12 +394,12 @@ popd done -# FIXME linkto /sbin/service should follow usr_move thing +# FIXME linkto /usr/sbin/service should follow usr_move thing rctargets="shorewall shorewall-lite shorewall6 shorewall6-lite" mkdir -p %buildroot/%_sbindir for i in $rctargets; do %if 0%{?suse_version} > 1220 - ln -sf /sbin/service %buildroot%_sbindir/rc${i} + ln -sf /usr/sbin/service %buildroot%_sbindir/rc${i} %else %if 0%{?suse_version} <= 1220 ln -sf %_initddir/${i} %buildroot%_sbindir/rc${i} ++++++ shorewall-4.5.9.tar.bz2 -> shorewall-4.5.9.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/Perl/Shorewall/Chains.pm new/shorewall-4.5.9.1/Perl/Shorewall/Chains.pm --- old/shorewall-4.5.9/Perl/Shorewall/Chains.pm 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-4.5.9.1/Perl/Shorewall/Chains.pm 2012-11-09 21:31:17.000000000 +0100 @@ -5904,12 +5904,10 @@ my ( $iiface, $inets ); if ( $family == F_IPV4 ) { - if ( $source =~ /^~/ ) { - $inets = $source; - } elsif ( $source =~ /^(.+?):(.+)$/ ) { + if ( $source =~ /^(.+?):(.+)$/ ) { $iiface = $1; $inets = $2; - } elsif ( $source =~ /\+|&|~|\..*\./ || $source =~ /^!?\^/ ) { + } elsif ( $source =~ /^!?(?:\+|&|~|\^|\d+\.)/ ) { $inets = $source; } else { $iiface = $source; @@ -6018,7 +6016,7 @@ if ( $dest =~ /^(.+?):(.+)$/ ) { $diface = $1; $dnets = $2; - } elsif ( $dest =~ /\+|&|%|~|\..*\./ || $dest =~ /^!?\^/ ) { + } elsif ( $dest =~ /^!?(?:\+|&|%|~|\^|\d+\.)/ ) { $dnets = $dest; } else { $diface = $dest; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/Perl/Shorewall/Compiler.pm new/shorewall-4.5.9.1/Perl/Shorewall/Compiler.pm --- old/shorewall-4.5.9/Perl/Shorewall/Compiler.pm 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-4.5.9.1/Perl/Shorewall/Compiler.pm 2012-11-09 21:31:17.000000000 +0100 @@ -203,6 +203,7 @@ emit ( '[ -f ${g_confdir}/vardir ] && . ${g_confdir}/vardir' ); emit ( qq([ -n "\${VARDIR:=$shorewallrc1{VARDIR}}" ]) ); + emit ( qq([ -n "\${VARLIB:=$shorewallrc1{VARLIB}}" ]) ); emit 'TEMPFILE='; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/Perl/Shorewall/Config.pm new/shorewall-4.5.9.1/Perl/Shorewall/Config.pm --- old/shorewall-4.5.9/Perl/Shorewall/Config.pm 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-4.5.9.1/Perl/Shorewall/Config.pm 2012-11-09 21:31:17.000000000 +0100 @@ -607,7 +607,7 @@ EXPORT => 0, KLUDGEFREE => '', STATEMATCH => '-m state --state', - VERSION => "4.5.9", + VERSION => "4.5.9.1", CAPVERSION => 40509 , ); # @@ -4564,6 +4564,8 @@ default_yes_no 'AUTOHELPERS' , 'Yes'; default_yes_no 'RESTORE_ROUTEMARKS' , 'Yes'; + $config{IPSET} = '' if supplied $config{IPSET} && $config{IPSET} eq 'ipset'; + if ( supplied $config{HELPERS} ) { my %helpers_temp = %helpers_enabled; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/Perl/Shorewall/Tc.pm new/shorewall-4.5.9.1/Perl/Shorewall/Tc.pm --- old/shorewall-4.5.9/Perl/Shorewall/Tc.pm 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-4.5.9.1/Perl/Shorewall/Tc.pm 2012-11-09 21:31:17.000000000 +0100 @@ -1447,10 +1447,7 @@ } unless ( $devref->{classify} || $occurs > 1 ) { - if ( $mark ne '-' ) { - fatal_error "Missing MARK" if $mark eq '-'; - warning_message "Class NUMBER ignored -- INTERFACE $device does not have the 'classify' option" if $devclass =~ /:/; - } + fatal_error "Missing MARK" if $mark eq '-'; } $tcref->{flow} = $devref->{flow} unless $tcref->{flow}; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/Perl/lib.core new/shorewall-4.5.9.1/Perl/lib.core --- old/shorewall-4.5.9/Perl/lib.core 2012-10-29 15:18:28.000000000 +0100 +++ new/shorewall-4.5.9.1/Perl/lib.core 2012-11-09 21:29:19.000000000 +0100 @@ -838,13 +838,13 @@ gateway=$( find_peer $($IP addr list $interface ) ) fi - if [ -z "$gateway" -a -f /var/lib/dhcpcd/dhcpcd-${1}.info ]; then - eval $(grep ^GATEWAYS= /var/lib/dhcpcd/dhcpcd-${1}.info 2> /dev/null) + if [ -z "$gateway" -a -f ${VARLIB}/dhcpcd/dhcpcd-${1}.info ]; then + eval $(grep ^GATEWAYS= ${VARLIB}/dhcpcd/dhcpcd-${1}.info 2> /dev/null) [ -n "$GATEWAYS" ] && GATEWAYS=${GATEWAYS%,*} && gateway=$GATEWAYS fi - if [ -z "$gateway" -a -f /var/lib/dhcp/dhclient-${1}.lease ]; then - gateway=$(grep 'option routers' /var/lib/dhcp/dhclient-${1}.lease | tail -n 1 | while read j1 j2 gateway; do echo $gateway ; return 0; done) + if [ -z "$gateway" -a -f ${VARLIB}/dhcp/dhclient-${1}.lease ]; then + gateway=$(grep 'option routers' ${VARLIB}/dhcp/dhclient-${1}.lease | tail -n 1 | while read j1 j2 gateway; do echo $gateway ; return 0; done) fi [ -n "$gateway" ] && echo $gateway diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/Samples/three-interfaces/masq.annotated new/shorewall-4.5.9.1/Samples/three-interfaces/masq.annotated --- old/shorewall-4.5.9/Samples/three-interfaces/masq.annotated 2012-10-29 19:28:53.000000000 +0100 +++ new/shorewall-4.5.9.1/Samples/three-interfaces/masq.annotated 2012-11-09 21:33:41.000000000 +0100 @@ -82,8 +82,7 @@ # the end of the file is reached. To stop adding comments to rules, use a # line with only the word COMMENT. # -# SOURCE (Formerly called SUBNET) - {interface[:exclusion]|address[,address][ -# exclusion]} +# SOURCE (Formerly called SUBNET) - {interface|address[,address][exclusion]} # # Set of hosts that you wish to masquerade. You can specify this as an # address (net or host) or as an interface (use of an interface is @@ -92,16 +91,6 @@ # you of that fact. (Shorewall will use your main routing table to determine # the appropriate addresses to masquerade). # -# In order to exclude a address of the specified SOURCE, you may append an -# exclusion ("!" and a comma-separated list of IP addresses (host or net) -# that you wish to exclude (see shorewall-exclusion(5))). Note that a colon -# (":") must appear between an interface name and the exclusion; -# -# Example: eth1:!192.168.1.4,192.168.32.0/27 -# -# In that example traffic from eth1 would be masqueraded unless it came from -# 192.168.1.4 or 196.168.32.0/27 -# # The preferred way to specify the SOURCE is to supply one or more host or # network addresses separated by comma. You may use ipset names preceded by a # plus sign (+) to specify a set of hosts. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/Samples/two-interfaces/masq.annotated new/shorewall-4.5.9.1/Samples/two-interfaces/masq.annotated --- old/shorewall-4.5.9/Samples/two-interfaces/masq.annotated 2012-10-29 19:29:05.000000000 +0100 +++ new/shorewall-4.5.9.1/Samples/two-interfaces/masq.annotated 2012-11-09 21:33:54.000000000 +0100 @@ -82,8 +82,7 @@ # the end of the file is reached. To stop adding comments to rules, use a # line with only the word COMMENT. # -# SOURCE (Formerly called SUBNET) - {interface[:exclusion]|address[,address][ -# exclusion]} +# SOURCE (Formerly called SUBNET) - {interface|address[,address][exclusion]} # # Set of hosts that you wish to masquerade. You can specify this as an # address (net or host) or as an interface (use of an interface is @@ -92,16 +91,6 @@ # you of that fact. (Shorewall will use your main routing table to determine # the appropriate addresses to masquerade). # -# In order to exclude a address of the specified SOURCE, you may append an -# exclusion ("!" and a comma-separated list of IP addresses (host or net) -# that you wish to exclude (see shorewall-exclusion(5))). Note that a colon -# (":") must appear between an interface name and the exclusion; -# -# Example: eth1:!192.168.1.4,192.168.32.0/27 -# -# In that example traffic from eth1 would be masqueraded unless it came from -# 192.168.1.4 or 196.168.32.0/27 -# # The preferred way to specify the SOURCE is to supply one or more host or # network addresses separated by comma. You may use ipset names preceded by a # plus sign (+) to specify a set of hosts. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/action.TCPFlags new/shorewall-4.5.9.1/action.TCPFlags --- old/shorewall-4.5.9/action.TCPFlags 2012-10-29 15:18:28.000000000 +0100 +++ new/shorewall-4.5.9.1/action.TCPFlags 2012-11-09 21:29:19.000000000 +0100 @@ -1,7 +1,7 @@ # -# Shorewall version 4 - Drop Smurfs Action +# Shorewall version 4 - Drop TCPFlags Action # -# /usr/share/shorewall/action.DropSmurfs +# /usr/share/shorewall/action.TCPFlags # # Accepts a single optional parameter: # diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/changelog.txt new/shorewall-4.5.9.1/changelog.txt --- old/shorewall-4.5.9/changelog.txt 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-4.5.9.1/changelog.txt 2012-11-09 21:31:17.000000000 +0100 @@ -1,3 +1,15 @@ +Changes in 4.5.9.1 + +1) Update release documents. + +2) Correct handling of wildcard interfaces in rules. + +3) Correct shorewall-masq(5). + +4) Remove spurious warning message. + +5) Don't default IPSET to 'ipset' + Changes in 4.5.9 Final 1) Update release documents. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/configfiles/masq.annotated new/shorewall-4.5.9.1/configfiles/masq.annotated --- old/shorewall-4.5.9/configfiles/masq.annotated 2012-10-29 19:28:07.000000000 +0100 +++ new/shorewall-4.5.9.1/configfiles/masq.annotated 2012-11-09 21:32:56.000000000 +0100 @@ -78,8 +78,7 @@ # the end of the file is reached. To stop adding comments to rules, use a # line with only the word COMMENT. # -# SOURCE (Formerly called SUBNET) - {interface[:exclusion]|address[,address][ -# exclusion]} +# SOURCE (Formerly called SUBNET) - {interface|address[,address][exclusion]} # # Set of hosts that you wish to masquerade. You can specify this as an # address (net or host) or as an interface (use of an interface is @@ -88,16 +87,6 @@ # you of that fact. (Shorewall will use your main routing table to determine # the appropriate addresses to masquerade). # -# In order to exclude a address of the specified SOURCE, you may append an -# exclusion ("!" and a comma-separated list of IP addresses (host or net) -# that you wish to exclude (see shorewall-exclusion(5))). Note that a colon -# (":") must appear between an interface name and the exclusion; -# -# Example: eth1:!192.168.1.4,192.168.32.0/27 -# -# In that example traffic from eth1 would be masqueraded unless it came from -# 192.168.1.4 or 196.168.32.0/27 -# # The preferred way to specify the SOURCE is to supply one or more host or # network addresses separated by comma. You may use ipset names preceded by a # plus sign (+) to specify a set of hosts. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/configfiles/tcclasses.annotated new/shorewall-4.5.9.1/configfiles/tcclasses.annotated --- old/shorewall-4.5.9/configfiles/tcclasses.annotated 2012-10-29 19:28:28.000000000 +0100 +++ new/shorewall-4.5.9.1/configfiles/tcclasses.annotated 2012-11-09 21:33:17.000000000 +0100 @@ -57,9 +57,7 @@ # # INTERFACE - interface[[:parent]:class] # -# Name of interface. Each interface may be listed only once in this file. You -# may NOT specify the name of an alias (e.g., eth0:0) here; see http:// -# www.shorewall.net/FAQ.htm#faq18 +# Name of interface. # # You may specify the interface number rather than the interface name. If the # classify option is given for the interface in shorewall-tcdevices(5), then diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/configure new/shorewall-4.5.9.1/configure --- old/shorewall-4.5.9/configure 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-4.5.9.1/configure 2012-11-09 21:31:17.000000000 +0100 @@ -28,7 +28,7 @@ # # Build updates this # -VERSION=4.5.9 +VERSION=4.5.9.1 case "$BASH_VERSION" in [4-9].*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/configure.pl new/shorewall-4.5.9.1/configure.pl --- old/shorewall-4.5.9/configure.pl 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-4.5.9.1/configure.pl 2012-11-09 21:31:17.000000000 +0100 @@ -31,7 +31,7 @@ # Build updates this # use constant { - VERSION => '4.5.9' + VERSION => '4.5.9.1' }; my %params; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/install.sh new/shorewall-4.5.9.1/install.sh --- old/shorewall-4.5.9/install.sh 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-4.5.9.1/install.sh 2012-11-09 21:31:17.000000000 +0100 @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.5.9 +VERSION=4.5.9.1 # # Change to the directory containing this script diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/known_problems.txt new/shorewall-4.5.9.1/known_problems.txt --- old/shorewall-4.5.9/known_problems.txt 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-4.5.9.1/known_problems.txt 2012-11-09 21:31:17.000000000 +0100 @@ -1,2 +1,65 @@ 1) On systems running Upstart, shorewall-init cannot reliably secure the firewall before interfaces are brought up. + +2) Using a wildcard interface in a rule (such as in the tcrules file), + generates an error: + + ERROR: Invalid ipset name (ppp+) : ... + + Workaround: + + Use a logical interface name. + + /etc/shorewall/interface: + + #ZONE INTERFACE OPTIONS + vpn ppps physical=ppp+ + + /etc/shorewall/tcrules: + + #ACTION SOURCE DEST ... + 1:P ppps ... + + Corrected in 4.4.9.1. + +3) The shorewall-masq(5) manpage incorrectly states that the SOURCE + column may use exclusion with an interface name (e.g., + eth0:!1.2.3.4). That isn't the case. To accomplish the same thing, + do this: + + eth0 1.2.3.4 NONAT + eth0 0.0.0.0/0 + + Corrected in 4.4.9.1. + +4) If a MARK is specified for a tc class that explicitly specifies a + class number, the following spurious warning message is issued: + + WARNING: Class NUMBER ignored -- + INTERFACE <name> does not have the 'classify' option + + That warning may be safely ignored. + + Corrected in 4.5.9.1. + +5) When ipset is not installed, Shorewall commands may fail with + error messages such as: + + ERROR: IPSET=ipset is not installed or is not executable + + or + + ERROR: Can't find ipset executable + + Workaround: + + Create a file named 'ipset' in one of the directories in + $PATH with these contents: + + #!/bin/sh + + exit 1 + + Secure the file for execute access. + + Corrected in 4.5.9.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/lib.cli-std new/shorewall-4.5.9.1/lib.cli-std --- old/shorewall-4.5.9/lib.cli-std 2012-10-29 15:18:28.000000000 +0100 +++ new/shorewall-4.5.9.1/lib.cli-std 2012-11-09 21:29:19.000000000 +0100 @@ -136,6 +136,12 @@ exit 2 fi ;; + ipset) + # + # Old config files had this as default + # + IPSET='' + ;; *) prog="$(mywhich $IPSET 2> /dev/null)" if [ -z "$prog" ] ; then @@ -146,7 +152,7 @@ ;; esac else - IPSET='ipset' + IPSET='' fi if [ -n "$TC" ]; then diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-accounting.5 new/shorewall-4.5.9.1/manpages/shorewall-accounting.5 --- old/shorewall-4.5.9/manpages/shorewall-accounting.5 2012-10-29 19:26:31.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-accounting.5 2012-11-09 21:31:20.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-accounting .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-ACCOUNTIN" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-ACCOUNTIN" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-actions.5 new/shorewall-4.5.9.1/manpages/shorewall-actions.5 --- old/shorewall-4.5.9/manpages/shorewall-actions.5 2012-10-29 19:26:33.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-actions.5 2012-11-09 21:31:22.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-actions .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-ACTIONS" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-ACTIONS" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-blacklist.5 new/shorewall-4.5.9.1/manpages/shorewall-blacklist.5 --- old/shorewall-4.5.9/manpages/shorewall-blacklist.5 2012-10-29 19:26:35.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-blacklist.5 2012-11-09 21:31:24.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-blacklist .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-BLACKLIST" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-BLACKLIST" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-blrules.5 new/shorewall-4.5.9.1/manpages/shorewall-blrules.5 --- old/shorewall-4.5.9/manpages/shorewall-blrules.5 2012-10-29 19:26:37.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-blrules.5 2012-11-09 21:31:26.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-blrules .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-BLRULES" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-BLRULES" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-conntrack.5 new/shorewall-4.5.9.1/manpages/shorewall-conntrack.5 --- old/shorewall-4.5.9/manpages/shorewall-conntrack.5 2012-10-29 19:26:43.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-conntrack.5 2012-11-09 21:31:32.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall6-conntrack .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL6\-CONNTRAC" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL6\-CONNTRAC" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-ecn.5 new/shorewall-4.5.9.1/manpages/shorewall-ecn.5 --- old/shorewall-4.5.9/manpages/shorewall-ecn.5 2012-10-29 19:26:45.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-ecn.5 2012-11-09 21:31:34.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-ecn .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-ECN" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-ECN" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-exclusion.5 new/shorewall-4.5.9.1/manpages/shorewall-exclusion.5 --- old/shorewall-4.5.9/manpages/shorewall-exclusion.5 2012-10-29 19:26:47.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-exclusion.5 2012-11-09 21:31:36.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-exclusion .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-EXCLUSION" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-EXCLUSION" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-hosts.5 new/shorewall-4.5.9.1/manpages/shorewall-hosts.5 --- old/shorewall-4.5.9/manpages/shorewall-hosts.5 2012-10-29 19:26:49.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-hosts.5 2012-11-09 21:31:38.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-hosts .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-HOSTS" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-HOSTS" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-init.8 new/shorewall-4.5.9.1/manpages/shorewall-init.8 --- old/shorewall-4.5.9/manpages/shorewall-init.8 2012-10-29 19:26:51.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-init.8 2012-11-09 21:31:40.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-init .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-INIT" "8" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-INIT" "8" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-interfaces.5 new/shorewall-4.5.9.1/manpages/shorewall-interfaces.5 --- old/shorewall-4.5.9/manpages/shorewall-interfaces.5 2012-10-29 19:26:54.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-interfaces.5 2012-11-09 21:31:43.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-interfaces .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-INTERFACE" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-INTERFACE" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-ipsets.5 new/shorewall-4.5.9.1/manpages/shorewall-ipsets.5 --- old/shorewall-4.5.9/manpages/shorewall-ipsets.5 2012-10-29 19:26:55.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-ipsets.5 2012-11-09 21:31:45.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-ipsets .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-IPSETS" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-IPSETS" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-maclist.5 new/shorewall-4.5.9.1/manpages/shorewall-maclist.5 --- old/shorewall-4.5.9/manpages/shorewall-maclist.5 2012-10-29 19:26:57.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-maclist.5 2012-11-09 21:31:47.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-maclist .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-MACLIST" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-MACLIST" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-masq.5 new/shorewall-4.5.9.1/manpages/shorewall-masq.5 --- old/shorewall-4.5.9/manpages/shorewall-masq.5 2012-10-29 19:27:00.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-masq.5 2012-11-09 21:31:49.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-masq .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-MASQ" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-MASQ" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -143,7 +143,7 @@ Comments may be attached to Netfilter rules generated from entries in this file through the use of COMMENT lines\&. These lines begin with the word COMMENT; the remainder of the line is treated as a comment which is attached to subsequent rules until another COMMENT line is found or until the end of the file is reached\&. To stop adding comments to rules, use a line with only the word COMMENT\&. .RE .PP -\fBSOURCE\fR (Formerly called SUBNET) \- {\fIinterface\fR[:\fIexclusion\fR]|\fIaddress\fR[\fB,\fR\fIaddress\fR][\fIexclusion\fR]} +\fBSOURCE\fR (Formerly called SUBNET) \- {\fIinterface\fR|\fIaddress\fR[\fB,\fR\fIaddress\fR][\fIexclusion\fR]} .RS 4 Set of hosts that you wish to masquerade\&. You can specify this as an \fIaddress\fR @@ -153,18 +153,6 @@ \fIinterface\fR is deprecated)\&. If you give the name of an interface, the interface must be up before you start the firewall and the Shorewall rules compiler will warn you of that fact\&. (Shorewall will use your main routing table to determine the appropriate addresses to masquerade)\&. .sp -In order to exclude a address of the specified SOURCE, you may append an -\fIexclusion\fR -("!" and a comma\-separated list of IP addresses (host or net) that you wish to exclude (see -\m[blue]\fBshorewall\-exclusion\fR\m[]\&\s-2\u[6]\d\s+2(5)))\&. Note that a colon (":") must appear between an -\fIinterface\fR -name and the -\fIexclusion\fR; -.sp -Example: eth1:!192\&.168\&.1\&.4,192\&.168\&.32\&.0/27 -.sp -In that example traffic from eth1 would be masqueraded unless it came from 192\&.168\&.1\&.4 or 196\&.168\&.32\&.0/27 -.sp The preferred way to specify the SOURCE is to supply one or more host or network addresses separated by comma\&. You may use ipset names preceded by a plus sign (+) to specify a set of hosts\&. .RE .PP diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-modules.5 new/shorewall-4.5.9.1/manpages/shorewall-modules.5 --- old/shorewall-4.5.9/manpages/shorewall-modules.5 2012-10-29 19:27:02.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-modules.5 2012-11-09 21:31:51.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-modules .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-MODULES" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-MODULES" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-nat.5 new/shorewall-4.5.9.1/manpages/shorewall-nat.5 --- old/shorewall-4.5.9/manpages/shorewall-nat.5 2012-10-29 19:27:04.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-nat.5 2012-11-09 21:31:53.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-nat .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-NAT" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-NAT" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-nesting.5 new/shorewall-4.5.9.1/manpages/shorewall-nesting.5 --- old/shorewall-4.5.9/manpages/shorewall-nesting.5 2012-10-29 19:27:06.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-nesting.5 2012-11-09 21:31:55.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-nesting .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-NESTING" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-NESTING" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-netmap.5 new/shorewall-4.5.9.1/manpages/shorewall-netmap.5 --- old/shorewall-4.5.9/manpages/shorewall-netmap.5 2012-10-29 19:27:08.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-netmap.5 2012-11-09 21:31:57.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-netmap .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-NETMAP" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-NETMAP" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-params.5 new/shorewall-4.5.9.1/manpages/shorewall-params.5 --- old/shorewall-4.5.9/manpages/shorewall-params.5 2012-10-29 19:27:10.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-params.5 2012-11-09 21:31:59.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-params .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-PARAMS" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-PARAMS" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-policy.5 new/shorewall-4.5.9.1/manpages/shorewall-policy.5 --- old/shorewall-4.5.9/manpages/shorewall-policy.5 2012-10-29 19:27:12.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-policy.5 2012-11-09 21:32:01.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-policy .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-POLICY" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-POLICY" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-providers.5 new/shorewall-4.5.9.1/manpages/shorewall-providers.5 --- old/shorewall-4.5.9/manpages/shorewall-providers.5 2012-10-29 19:27:14.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-providers.5 2012-11-09 21:32:03.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-providers .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-PROVIDERS" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-PROVIDERS" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-proxyarp.5 new/shorewall-4.5.9.1/manpages/shorewall-proxyarp.5 --- old/shorewall-4.5.9/manpages/shorewall-proxyarp.5 2012-10-29 19:27:16.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-proxyarp.5 2012-11-09 21:32:05.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-proxyarp .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-PROXYARP" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-PROXYARP" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-routes.5 new/shorewall-4.5.9.1/manpages/shorewall-routes.5 --- old/shorewall-4.5.9/manpages/shorewall-routes.5 2012-10-29 19:27:20.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-routes.5 2012-11-09 21:32:09.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-routes .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-ROUTES" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-ROUTES" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-routestopped.5 new/shorewall-4.5.9.1/manpages/shorewall-routestopped.5 --- old/shorewall-4.5.9/manpages/shorewall-routestopped.5 2012-10-29 19:27:18.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-routestopped.5 2012-11-09 21:32:07.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-routestopped .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-ROUTESTOP" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-ROUTESTOP" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-rtrules.5 new/shorewall-4.5.9.1/manpages/shorewall-rtrules.5 --- old/shorewall-4.5.9/manpages/shorewall-rtrules.5 2012-10-29 19:27:22.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-rtrules.5 2012-11-09 21:32:11.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-rtrules .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-RTRULES" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-RTRULES" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-rules.5 new/shorewall-4.5.9.1/manpages/shorewall-rules.5 --- old/shorewall-4.5.9/manpages/shorewall-rules.5 2012-10-29 19:27:25.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-rules.5 2012-11-09 21:32:14.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-rules .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-RULES" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-RULES" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-secmarks.5 new/shorewall-4.5.9.1/manpages/shorewall-secmarks.5 --- old/shorewall-4.5.9/manpages/shorewall-secmarks.5 2012-10-29 19:27:27.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-secmarks.5 2012-11-09 21:32:16.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-secmarks .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-SECMARKS" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-SECMARKS" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-stoppedrules.5 new/shorewall-4.5.9.1/manpages/shorewall-stoppedrules.5 --- old/shorewall-4.5.9/manpages/shorewall-stoppedrules.5 2012-10-29 19:27:29.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-stoppedrules.5 2012-11-09 21:32:18.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-stoppedrules .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-STOPPEDRU" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-STOPPEDRU" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-tcclasses.5 new/shorewall-4.5.9.1/manpages/shorewall-tcclasses.5 --- old/shorewall-4.5.9/manpages/shorewall-tcclasses.5 2012-10-29 19:27:31.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-tcclasses.5 2012-11-09 21:32:20.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tcclasses .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-TCCLASSES" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-TCCLASSES" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -114,8 +114,7 @@ \fBINTERFACE\fR \- \fIinterface\fR[[:\fIparent\fR]:\fIclass\fR] .RS 4 Name of -\fIinterface\fR\&. Each interface may be listed only once in this file\&. You may NOT specify the name of an alias (e\&.g\&., eth0:0) here; see -\m[blue]\fBhttp://www\&.shorewall\&.net/FAQ\&.htm#faq18\fR\m[] +\fIinterface\fR\&. .sp You may specify the interface number rather than the interface name\&. If the \fBclassify\fR diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-tcdevices.5 new/shorewall-4.5.9.1/manpages/shorewall-tcdevices.5 --- old/shorewall-4.5.9/manpages/shorewall-tcdevices.5 2012-10-29 19:27:33.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-tcdevices.5 2012-11-09 21:32:22.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tcdevices .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-TCDEVICES" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-TCDEVICES" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-tcfilters.5 new/shorewall-4.5.9.1/manpages/shorewall-tcfilters.5 --- old/shorewall-4.5.9/manpages/shorewall-tcfilters.5 2012-10-29 19:27:35.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-tcfilters.5 2012-11-09 21:32:24.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tcfilters .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-TCFILTERS" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-TCFILTERS" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-tcinterfaces.5 new/shorewall-4.5.9.1/manpages/shorewall-tcinterfaces.5 --- old/shorewall-4.5.9/manpages/shorewall-tcinterfaces.5 2012-10-29 19:27:37.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-tcinterfaces.5 2012-11-09 21:32:26.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tcinterfaces .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-TCINTERFA" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-TCINTERFA" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-tcpri.5 new/shorewall-4.5.9.1/manpages/shorewall-tcpri.5 --- old/shorewall-4.5.9/manpages/shorewall-tcpri.5 2012-10-29 19:27:39.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-tcpri.5 2012-11-09 21:32:28.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tcpri .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-TCPRI" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-TCPRI" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-tcrules.5 new/shorewall-4.5.9.1/manpages/shorewall-tcrules.5 --- old/shorewall-4.5.9/manpages/shorewall-tcrules.5 2012-10-29 19:27:42.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-tcrules.5 2012-11-09 21:32:31.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tcrules .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-TCRULES" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-TCRULES" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-tos.5 new/shorewall-4.5.9.1/manpages/shorewall-tos.5 --- old/shorewall-4.5.9/manpages/shorewall-tos.5 2012-10-29 19:27:44.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-tos.5 2012-11-09 21:32:33.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tos .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-TOS" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-TOS" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-tunnels.5 new/shorewall-4.5.9.1/manpages/shorewall-tunnels.5 --- old/shorewall-4.5.9/manpages/shorewall-tunnels.5 2012-10-29 19:27:46.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-tunnels.5 2012-11-09 21:32:35.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-tunnels .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-TUNNELS" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-TUNNELS" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-vardir.5 new/shorewall-4.5.9.1/manpages/shorewall-vardir.5 --- old/shorewall-4.5.9/manpages/shorewall-vardir.5 2012-10-29 19:27:48.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-vardir.5 2012-11-09 21:32:37.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-vardir .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-VARDIR" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-VARDIR" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall-zones.5 new/shorewall-4.5.9.1/manpages/shorewall-zones.5 --- old/shorewall-4.5.9/manpages/shorewall-zones.5 2012-10-29 19:27:53.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall-zones.5 2012-11-09 21:32:42.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-zones .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-ZONES" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-ZONES" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall.8 new/shorewall-4.5.9.1/manpages/shorewall.8 --- old/shorewall-4.5.9/manpages/shorewall.8 2012-10-29 19:27:50.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall.8 2012-11-09 21:32:39.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL" "8" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL" "8" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/manpages/shorewall.conf.5 new/shorewall-4.5.9.1/manpages/shorewall.conf.5 --- old/shorewall-4.5.9/manpages/shorewall.conf.5 2012-10-29 19:26:41.000000000 +0100 +++ new/shorewall-4.5.9.1/manpages/shorewall.conf.5 2012-11-09 21:31:30.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall.conf .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\&.CONF" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\&.CONF" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/releasenotes.txt new/shorewall-4.5.9.1/releasenotes.txt --- old/shorewall-4.5.9/releasenotes.txt 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-4.5.9.1/releasenotes.txt 2012-11-09 21:31:17.000000000 +0100 @@ -1,7 +1,7 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 5 . 9 + S H O R E W A L L 4 . 5 . 9 . 1 ------------------------------------ - N o v e m b e r 0 2 , 2 0 1 2 + N o v e m b e r 0 9 , 2 0 1 2 ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -15,6 +15,39 @@ I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- +4.5.9.1 + +1) Previously, using a wildcard interface name in a rule would result + in this error: + + ERROR: Invalid ipset name (ppp+) : ... + + Such entries are now handled correctly. + +2) The shorewall-masq(5) manpage incorrectly stated that the SOURCE + column may use exclusion with an interface name (e.g., + eth1:!1.2.3.4). That hasn't been the case for some time. To + accomplish the same thing, do this: + + eth0 1.2.3.4 NONAT + eth0 eth1 + + Note: Using an interface name in the SOURCE column is deprecated. + +3) Previously, if a MARK was specified for a tc class that explicitly + specified a class number, the following spurious warning message + was issued: + + WARNING: Class NUMBER ignored -- + INTERFACE <name> does not have the 'classify' option + + That warning message is no longer issued. + +4) With Shorewall 4.5.9, there were issues when the ipset utility was + not installed, some of which prevented Shorewall from starting. + +4.5.9 + 1) This release contains all defect repair from Shorewall 4.5.8.2. 2) A typo has been corrected in the shorewallrc.default file. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/shorewall.spec new/shorewall-4.5.9.1/shorewall.spec --- old/shorewall-4.5.9/shorewall.spec 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-4.5.9.1/shorewall.spec 2012-11-09 21:31:17.000000000 +0100 @@ -1,6 +1,6 @@ %define name shorewall %define version 4.5.9 -%define release 0base +%define release 1 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. Name: %{name} @@ -122,6 +122,8 @@ %doc COPYING INSTALL changelog.txt releasenotes.txt Contrib/* Samples %changelog +* Sat Nov 03 2012 Tom Eastep tom@shorewall.net +- Updated to 4.5.9-1 * Fri Oct 26 2012 Tom Eastep tom@shorewall.net - Updated to 4.5.9-0base * Sun Oct 21 2012 Tom Eastep tom@shorewall.net diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.5.9/uninstall.sh new/shorewall-4.5.9.1/uninstall.sh --- old/shorewall-4.5.9/uninstall.sh 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-4.5.9.1/uninstall.sh 2012-11-09 21:31:17.000000000 +0100 @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.5.9 +VERSION=4.5.9.1 usage() # $1 = exit status { ++++++ shorewall-core-4.5.9.tar.bz2 -> shorewall-core-4.5.9.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.5.9/changelog.txt new/shorewall-core-4.5.9.1/changelog.txt --- old/shorewall-core-4.5.9/changelog.txt 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-core-4.5.9.1/changelog.txt 2012-11-09 18:02:36.000000000 +0100 @@ -1,3 +1,15 @@ +Changes in 4.5.9.1 + +1) Update release documents. + +2) Correct handling of wildcard interfaces in rules. + +3) Correct shorewall-masq(5). + +4) Remove spurious warning message. + +5) Don't default IPSET to 'ipset' + Changes in 4.5.9 Final 1) Update release documents. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.5.9/configure new/shorewall-core-4.5.9.1/configure --- old/shorewall-core-4.5.9/configure 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-core-4.5.9.1/configure 2012-11-09 18:02:36.000000000 +0100 @@ -28,7 +28,7 @@ # # Build updates this # -VERSION=4.5.9 +VERSION=4.5.9.1 case "$BASH_VERSION" in [4-9].*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.5.9/configure.pl new/shorewall-core-4.5.9.1/configure.pl --- old/shorewall-core-4.5.9/configure.pl 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-core-4.5.9.1/configure.pl 2012-11-09 18:02:36.000000000 +0100 @@ -31,7 +31,7 @@ # Build updates this # use constant { - VERSION => '4.5.9' + VERSION => '4.5.9.1' }; my %params; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.5.9/install.sh new/shorewall-core-4.5.9.1/install.sh --- old/shorewall-core-4.5.9/install.sh 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-core-4.5.9.1/install.sh 2012-11-09 18:02:36.000000000 +0100 @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.5.9 +VERSION=4.5.9.1 usage() # $1 = exit status { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.5.9/known_problems.txt new/shorewall-core-4.5.9.1/known_problems.txt --- old/shorewall-core-4.5.9/known_problems.txt 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-core-4.5.9.1/known_problems.txt 2012-11-09 18:02:36.000000000 +0100 @@ -1,2 +1,65 @@ 1) On systems running Upstart, shorewall-init cannot reliably secure the firewall before interfaces are brought up. + +2) Using a wildcard interface in a rule (such as in the tcrules file), + generates an error: + + ERROR: Invalid ipset name (ppp+) : ... + + Workaround: + + Use a logical interface name. + + /etc/shorewall/interface: + + #ZONE INTERFACE OPTIONS + vpn ppps physical=ppp+ + + /etc/shorewall/tcrules: + + #ACTION SOURCE DEST ... + 1:P ppps ... + + Corrected in 4.4.9.1. + +3) The shorewall-masq(5) manpage incorrectly states that the SOURCE + column may use exclusion with an interface name (e.g., + eth0:!1.2.3.4). That isn't the case. To accomplish the same thing, + do this: + + eth0 1.2.3.4 NONAT + eth0 0.0.0.0/0 + + Corrected in 4.4.9.1. + +4) If a MARK is specified for a tc class that explicitly specifies a + class number, the following spurious warning message is issued: + + WARNING: Class NUMBER ignored -- + INTERFACE <name> does not have the 'classify' option + + That warning may be safely ignored. + + Corrected in 4.5.9.1. + +5) When ipset is not installed, Shorewall commands may fail with + error messages such as: + + ERROR: IPSET=ipset is not installed or is not executable + + or + + ERROR: Can't find ipset executable + + Workaround: + + Create a file named 'ipset' in one of the directories in + $PATH with these contents: + + #!/bin/sh + + exit 1 + + Secure the file for execute access. + + Corrected in 4.5.9.1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.5.9/lib.cli new/shorewall-core-4.5.9.1/lib.cli --- old/shorewall-core-4.5.9/lib.cli 2012-10-29 15:18:28.000000000 +0100 +++ new/shorewall-core-4.5.9.1/lib.cli 2012-11-09 17:54:54.000000000 +0100 @@ -525,7 +525,7 @@ determine_ipset_version() { local setname - if [ $IPSET = ipset ]; then + if [ -z "$IPSET" -o $IPSET = ipset ]; then IPSET=$(mywhich ipset) [ -n "$IPSET" ] || fatal_error "The ipset utility cannot be located" fi @@ -2956,27 +2956,6 @@ fi fi - if [ -n "$IPSET" ]; then - case "$IPSET" in - */*) - if [ ! -x "$IPSET" ] ; then - echo " ERROR: The program specified in IPSET ($IPSET) does not exist or is not executable" >&2 - exit 2 - fi - ;; - *) - prog="$(mywhich $IPSET 2> /dev/null)" - if [ -z "$prog" ] ; then - echo " ERROR: Can't find $IPSET executable" >&2 - exit 2 - fi - IPSET=$prog - ;; - esac - else - IPSET='ipset' - fi - [ -n "$RESTOREFILE" ] || RESTOREFILE=restore validate_restorefile RESTOREFILE @@ -3017,7 +2996,7 @@ ;; esac else - IPSET='ipset' + IPSET='' fi TC=tc diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.5.9/lib.common new/shorewall-core-4.5.9.1/lib.common --- old/shorewall-core-4.5.9/lib.common 2012-10-29 15:18:28.000000000 +0100 +++ new/shorewall-core-4.5.9.1/lib.common 2012-11-09 17:54:54.000000000 +0100 @@ -84,7 +84,7 @@ temp=$( $SHOREWALL_SHELL $1 version | tail -n 1 | sed 's/-.*//' ) - if [ $? -ne 0 ]; then + if [ -z "$temp" ]; then version=0 else ifs=$IFS diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.5.9/releasenotes.txt new/shorewall-core-4.5.9.1/releasenotes.txt --- old/shorewall-core-4.5.9/releasenotes.txt 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-core-4.5.9.1/releasenotes.txt 2012-11-09 18:02:36.000000000 +0100 @@ -1,7 +1,7 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 5 . 9 + S H O R E W A L L 4 . 5 . 9 . 1 ------------------------------------ - N o v e m b e r 0 2 , 2 0 1 2 + N o v e m b e r 0 9 , 2 0 1 2 ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -15,6 +15,39 @@ I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- +4.5.9.1 + +1) Previously, using a wildcard interface name in a rule would result + in this error: + + ERROR: Invalid ipset name (ppp+) : ... + + Such entries are now handled correctly. + +2) The shorewall-masq(5) manpage incorrectly stated that the SOURCE + column may use exclusion with an interface name (e.g., + eth1:!1.2.3.4). That hasn't been the case for some time. To + accomplish the same thing, do this: + + eth0 1.2.3.4 NONAT + eth0 eth1 + + Note: Using an interface name in the SOURCE column is deprecated. + +3) Previously, if a MARK was specified for a tc class that explicitly + specified a class number, the following spurious warning message + was issued: + + WARNING: Class NUMBER ignored -- + INTERFACE <name> does not have the 'classify' option + + That warning message is no longer issued. + +4) With Shorewall 4.5.9, there were issues when the ipset utility was + not installed, some of which prevented Shorewall from starting. + +4.5.9 + 1) This release contains all defect repair from Shorewall 4.5.8.2. 2) A typo has been corrected in the shorewallrc.default file. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.5.9/shorewall-core.spec new/shorewall-core-4.5.9.1/shorewall-core.spec --- old/shorewall-core-4.5.9/shorewall-core.spec 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-core-4.5.9.1/shorewall-core.spec 2012-11-09 18:02:36.000000000 +0100 @@ -1,6 +1,6 @@ %define name shorewall-core %define version 4.5.9 -%define release 0base +%define release 1 Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. Name: %{name} @@ -62,6 +62,8 @@ %doc COPYING INSTALL changelog.txt releasenotes.txt %changelog +* Sat Nov 03 2012 Tom Eastep tom@shorewall.net +- Updated to 4.5.9-1 * Fri Oct 26 2012 Tom Eastep tom@shorewall.net - Updated to 4.5.9-0base * Sun Oct 21 2012 Tom Eastep tom@shorewall.net diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-core-4.5.9/uninstall.sh new/shorewall-core-4.5.9.1/uninstall.sh --- old/shorewall-core-4.5.9/uninstall.sh 2012-10-29 19:26:27.000000000 +0100 +++ new/shorewall-core-4.5.9.1/uninstall.sh 2012-11-09 18:02:36.000000000 +0100 @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.5.9 +VERSION=4.5.9.1 usage() # $1 = exit status { ++++++ shorewall-docs-html-4.5.9.tar.bz2 -> shorewall-docs-html-4.5.9.1.tar.bz2 ++++++ ++++ 6564 lines of diff (skipped) ++++++ shorewall-init-4.5.9.tar.bz2 -> shorewall-init-4.5.9.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.5.9/changelog.txt new/shorewall-init-4.5.9.1/changelog.txt --- old/shorewall-init-4.5.9/changelog.txt 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-init-4.5.9.1/changelog.txt 2012-11-09 18:02:36.000000000 +0100 @@ -1,3 +1,15 @@ +Changes in 4.5.9.1 + +1) Update release documents. + +2) Correct handling of wildcard interfaces in rules. + +3) Correct shorewall-masq(5). + +4) Remove spurious warning message. + +5) Don't default IPSET to 'ipset' + Changes in 4.5.9 Final 1) Update release documents. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.5.9/configure new/shorewall-init-4.5.9.1/configure --- old/shorewall-init-4.5.9/configure 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-init-4.5.9.1/configure 2012-11-09 18:02:36.000000000 +0100 @@ -28,7 +28,7 @@ # # Build updates this # -VERSION=4.5.9 +VERSION=4.5.9.1 case "$BASH_VERSION" in [4-9].*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.5.9/configure.pl new/shorewall-init-4.5.9.1/configure.pl --- old/shorewall-init-4.5.9/configure.pl 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-init-4.5.9.1/configure.pl 2012-11-09 18:02:36.000000000 +0100 @@ -31,7 +31,7 @@ # Build updates this # use constant { - VERSION => '4.5.9' + VERSION => '4.5.9.1' }; my %params; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.5.9/install.sh new/shorewall-init-4.5.9.1/install.sh --- old/shorewall-init-4.5.9/install.sh 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-init-4.5.9.1/install.sh 2012-11-09 18:02:36.000000000 +0100 @@ -23,7 +23,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.5.9 +VERSION=4.5.9.1 usage() # $1 = exit status { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.5.9/releasenotes.txt new/shorewall-init-4.5.9.1/releasenotes.txt --- old/shorewall-init-4.5.9/releasenotes.txt 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-init-4.5.9.1/releasenotes.txt 2012-11-09 18:02:36.000000000 +0100 @@ -1,7 +1,7 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 5 . 9 + S H O R E W A L L 4 . 5 . 9 . 1 ------------------------------------ - N o v e m b e r 0 2 , 2 0 1 2 + N o v e m b e r 0 9 , 2 0 1 2 ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -15,6 +15,39 @@ I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- +4.5.9.1 + +1) Previously, using a wildcard interface name in a rule would result + in this error: + + ERROR: Invalid ipset name (ppp+) : ... + + Such entries are now handled correctly. + +2) The shorewall-masq(5) manpage incorrectly stated that the SOURCE + column may use exclusion with an interface name (e.g., + eth1:!1.2.3.4). That hasn't been the case for some time. To + accomplish the same thing, do this: + + eth0 1.2.3.4 NONAT + eth0 eth1 + + Note: Using an interface name in the SOURCE column is deprecated. + +3) Previously, if a MARK was specified for a tc class that explicitly + specified a class number, the following spurious warning message + was issued: + + WARNING: Class NUMBER ignored -- + INTERFACE <name> does not have the 'classify' option + + That warning message is no longer issued. + +4) With Shorewall 4.5.9, there were issues when the ipset utility was + not installed, some of which prevented Shorewall from starting. + +4.5.9 + 1) This release contains all defect repair from Shorewall 4.5.8.2. 2) A typo has been corrected in the shorewallrc.default file. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.5.9/shorewall-init.spec new/shorewall-init-4.5.9.1/shorewall-init.spec --- old/shorewall-init-4.5.9/shorewall-init.spec 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-init-4.5.9.1/shorewall-init.spec 2012-11-09 18:02:36.000000000 +0100 @@ -1,6 +1,6 @@ %define name shorewall-init %define version 4.5.9 -%define release 0base +%define release 1 Summary: Shorewall-init adds functionality to Shoreline Firewall (Shorewall). Name: %{name} @@ -125,6 +125,8 @@ %doc COPYING changelog.txt releasenotes.txt %changelog +* Sat Nov 03 2012 Tom Eastep tom@shorewall.net +- Updated to 4.5.9-1 * Fri Oct 26 2012 Tom Eastep tom@shorewall.net - Updated to 4.5.9-0base * Sun Oct 21 2012 Tom Eastep tom@shorewall.net diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-init-4.5.9/uninstall.sh new/shorewall-init-4.5.9.1/uninstall.sh --- old/shorewall-init-4.5.9/uninstall.sh 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-init-4.5.9.1/uninstall.sh 2012-11-09 18:02:36.000000000 +0100 @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.5.9 +VERSION=4.5.9.1 usage() # $1 = exit status { ++++++ shorewall-lite-4.5.9.tar.bz2 -> shorewall-lite-4.5.9.1.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.5.9/changelog.txt new/shorewall-lite-4.5.9.1/changelog.txt --- old/shorewall-lite-4.5.9/changelog.txt 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-lite-4.5.9.1/changelog.txt 2012-11-09 18:02:36.000000000 +0100 @@ -1,3 +1,15 @@ +Changes in 4.5.9.1 + +1) Update release documents. + +2) Correct handling of wildcard interfaces in rules. + +3) Correct shorewall-masq(5). + +4) Remove spurious warning message. + +5) Don't default IPSET to 'ipset' + Changes in 4.5.9 Final 1) Update release documents. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.5.9/configure new/shorewall-lite-4.5.9.1/configure --- old/shorewall-lite-4.5.9/configure 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-lite-4.5.9.1/configure 2012-11-09 18:02:36.000000000 +0100 @@ -28,7 +28,7 @@ # # Build updates this # -VERSION=4.5.9 +VERSION=4.5.9.1 case "$BASH_VERSION" in [4-9].*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.5.9/configure.pl new/shorewall-lite-4.5.9.1/configure.pl --- old/shorewall-lite-4.5.9/configure.pl 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-lite-4.5.9.1/configure.pl 2012-11-09 18:02:36.000000000 +0100 @@ -31,7 +31,7 @@ # Build updates this # use constant { - VERSION => '4.5.9' + VERSION => '4.5.9.1' }; my %params; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.5.9/install.sh new/shorewall-lite-4.5.9.1/install.sh --- old/shorewall-lite-4.5.9/install.sh 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-lite-4.5.9.1/install.sh 2012-11-09 18:02:36.000000000 +0100 @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.5.9 +VERSION=4.5.9.1 usage() # $1 = exit status { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.5.9/manpages/shorewall-lite-vardir.5 new/shorewall-lite-4.5.9.1/manpages/shorewall-lite-vardir.5 --- old/shorewall-lite-4.5.9/manpages/shorewall-lite-vardir.5 2012-10-29 19:32:03.000000000 +0100 +++ new/shorewall-lite-4.5.9.1/manpages/shorewall-lite-vardir.5 2012-11-09 18:08:11.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-lite-vardir .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-LITE\-VAR" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-LITE\-VAR" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.5.9/manpages/shorewall-lite.8 new/shorewall-lite-4.5.9.1/manpages/shorewall-lite.8 --- old/shorewall-lite-4.5.9/manpages/shorewall-lite.8 2012-10-29 19:32:05.000000000 +0100 +++ new/shorewall-lite-4.5.9.1/manpages/shorewall-lite.8 2012-11-09 18:08:13.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-lite .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-LITE" "8" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-LITE" "8" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.5.9/manpages/shorewall-lite.conf.5 new/shorewall-lite-4.5.9.1/manpages/shorewall-lite.conf.5 --- old/shorewall-lite-4.5.9/manpages/shorewall-lite.conf.5 2012-10-29 19:32:01.000000000 +0100 +++ new/shorewall-lite-4.5.9.1/manpages/shorewall-lite.conf.5 2012-11-09 18:08:09.000000000 +0100 @@ -2,12 +2,12 @@ .\" Title: shorewall-lite.conf .\" Author: [FIXME: author] [see http://docbook.sf.net/el/author] .\" Generator: DocBook XSL Stylesheets v1.75.2 http://docbook.sf.net/ -.\" Date: 10/29/2012 +.\" Date: 11/09/2012 .\" Manual: [FIXME: manual] .\" Source: [FIXME: source] .\" Language: English .\" -.TH "SHOREWALL\-LITE\&.CO" "5" "10/29/2012" "[FIXME: source]" "[FIXME: manual]" +.TH "SHOREWALL\-LITE\&.CO" "5" "11/09/2012" "[FIXME: source]" "[FIXME: manual]" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.5.9/releasenotes.txt new/shorewall-lite-4.5.9.1/releasenotes.txt --- old/shorewall-lite-4.5.9/releasenotes.txt 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-lite-4.5.9.1/releasenotes.txt 2012-11-09 18:02:36.000000000 +0100 @@ -1,7 +1,7 @@ ---------------------------------------------------------------------------- - S H O R E W A L L 4 . 5 . 9 + S H O R E W A L L 4 . 5 . 9 . 1 ------------------------------------ - N o v e m b e r 0 2 , 2 0 1 2 + N o v e m b e r 0 9 , 2 0 1 2 ---------------------------------------------------------------------------- I. PROBLEMS CORRECTED IN THIS RELEASE @@ -15,6 +15,39 @@ I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- +4.5.9.1 + +1) Previously, using a wildcard interface name in a rule would result + in this error: + + ERROR: Invalid ipset name (ppp+) : ... + + Such entries are now handled correctly. + +2) The shorewall-masq(5) manpage incorrectly stated that the SOURCE + column may use exclusion with an interface name (e.g., + eth1:!1.2.3.4). That hasn't been the case for some time. To + accomplish the same thing, do this: + + eth0 1.2.3.4 NONAT + eth0 eth1 + + Note: Using an interface name in the SOURCE column is deprecated. + +3) Previously, if a MARK was specified for a tc class that explicitly + specified a class number, the following spurious warning message + was issued: + + WARNING: Class NUMBER ignored -- + INTERFACE <name> does not have the 'classify' option + + That warning message is no longer issued. + +4) With Shorewall 4.5.9, there were issues when the ipset utility was + not installed, some of which prevented Shorewall from starting. + +4.5.9 + 1) This release contains all defect repair from Shorewall 4.5.8.2. 2) A typo has been corrected in the shorewallrc.default file. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.5.9/shorewall-lite.spec new/shorewall-lite-4.5.9.1/shorewall-lite.spec --- old/shorewall-lite-4.5.9/shorewall-lite.spec 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-lite-4.5.9.1/shorewall-lite.spec 2012-11-09 18:02:36.000000000 +0100 @@ -1,6 +1,6 @@ %define name shorewall-lite %define version 4.5.9 -%define release 0base +%define release 1 %define initdir /etc/init.d Summary: Shoreline Firewall Lite is an iptables-based firewall for Linux systems. @@ -105,6 +105,8 @@ %doc COPYING changelog.txt releasenotes.txt %changelog +* Sat Nov 03 2012 Tom Eastep tom@shorewall.net +- Updated to 4.5.9-1 * Fri Oct 26 2012 Tom Eastep tom@shorewall.net - Updated to 4.5.9-0base * Sun Oct 21 2012 Tom Eastep tom@shorewall.net diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-lite-4.5.9/uninstall.sh new/shorewall-lite-4.5.9.1/uninstall.sh --- old/shorewall-lite-4.5.9/uninstall.sh 2012-10-29 19:26:28.000000000 +0100 +++ new/shorewall-lite-4.5.9.1/uninstall.sh 2012-11-09 18:02:36.000000000 +0100 @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Shorewall Firewall -VERSION=4.5.9 +VERSION=4.5.9.1 usage() # $1 = exit status { ++++++ shorewall-4.5.9.tar.bz2 -> shorewall6-4.5.9.1.tar.bz2 ++++++ ++++ 105068 lines of diff (skipped) ++++++ shorewall-lite-4.5.9.tar.bz2 -> shorewall6-lite-4.5.9.1.tar.bz2 ++++++ ++++ 6853 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org