Hello community,
here is the log from the commit of package shorewall for openSUSE:Factory checked in at 2015-04-05 02:04:21
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/shorewall (Old)
and /work/SRC/openSUSE:Factory/.shorewall.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "shorewall"
Changes:
--------
--- /work/SRC/openSUSE:Factory/shorewall/shorewall.changes 2015-03-18 13:05:33.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.shorewall.new/shorewall.changes 2015-04-05 02:04:29.000000000 +0200
@@ -1,0 +2,26 @@
+Sat Apr 4 08:29:52 UTC 2015 - toganm@opensuse.org
+
+- Update to version 4.6.8 For more details see changelog.txt and
+ releasenotes.txt
+
+ * This release includes defect repair from Shorewall 4.6.6.2 and
+ earlier releases.
+
+ * Previously, when the -n option was specified and NetworkManager
+ was installed on the target system, the Shorewall-init installer
+ would still create
+ ${DESTDIR}etc/NetworkManager/dispatcher.d/01-shorewall, regardless
+ of the setting of $CONFDIR. That has been corrected such that
+ the directory
+ ${DESTDIR}${CONFDIR}/NetworkManager/dispatcher.d/01-shorewall
+ is created instead.
+
+ * Previously, handling of the IPTABLES and IP6TABLES actions in
+ the conntrack file was broken. nfw provided a fix on IRC.
+
+ * The Shorewall-core and Shorewall6 installers would previously
+ report incorrectly that the product release was not installed.
+ Matt Darfeuille provided fixes.
+
+
+-------------------------------------------------------------------
Old:
----
shorewall-4.6.7.tar.bz2
shorewall-core-4.6.7.tar.bz2
shorewall-docs-html-4.6.7.tar.bz2
shorewall-init-4.6.7.tar.bz2
shorewall-lite-4.6.7.tar.bz2
shorewall6-4.6.7.tar.bz2
shorewall6-lite-4.6.7.tar.bz2
New:
----
shorewall-4.6.8.tar.bz2
shorewall-core-4.6.8.tar.bz2
shorewall-docs-html-4.6.8.tar.bz2
shorewall-init-4.6.8.tar.bz2
shorewall-lite-4.6.8.tar.bz2
shorewall6-4.6.8.tar.bz2
shorewall6-lite-4.6.8.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ shorewall.spec ++++++
--- /var/tmp/diff_new_pack.7ZZDYZ/_old 2015-04-05 02:04:31.000000000 +0200
+++ /var/tmp/diff_new_pack.7ZZDYZ/_new 2015-04-05 02:04:31.000000000 +0200
@@ -20,19 +20,19 @@
%define have_systemd 1
Name: shorewall
-Version: 4.6.7
+Version: 4.6.8
Release: 0
Summary: Shoreline Firewall is an iptables-based firewall for Linux systems
License: GPL-2.0
Group: Productivity/Networking/Security
Url: http://www.shorewall.net/
-Source: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-%version.tar.bz2
-Source1: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-core-%version.tar.bz2
-Source2: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-lite-%version.tar.bz2
-Source3: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-init-%version.tar.bz2
-Source4: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}6-lite-%version.tar.bz2
-Source5: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}6-%version.tar.bz2
-Source6: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.7/%{name}-docs-html-%version.tar.bz2
+Source: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-%version.tar.bz2
+Source1: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-core-%version.tar.bz2
+Source2: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-lite-%version.tar.bz2
+Source3: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-init-%version.tar.bz2
+Source4: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}6-lite-%version.tar.bz2
+Source5: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}6-%version.tar.bz2
+Source6: http://www.shorewall.net/pub/shorewall/4.6/shorewall-4.6.8/%{name}-docs-html-%version.tar.bz2
Source7: %{name}-4.4.22.rpmlintrc
Source8: README.openSUSE
# PATCH-FIX-UPSTREAM toganm@opensuse.org Shorewall-lite init.suse.sh Required Stop
++++++ shorewall-4.6.7.tar.bz2 -> shorewall-4.6.8.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/Perl/Shorewall/Chains.pm new/shorewall-4.6.8/Perl/Shorewall/Chains.pm
--- old/shorewall-4.6.7/Perl/Shorewall/Chains.pm 2015-03-11 19:41:43.000000000 +0100
+++ new/shorewall-4.6.8/Perl/Shorewall/Chains.pm 2015-04-02 22:27:47.000000000 +0200
@@ -7953,7 +7953,7 @@
fi
if chain_exists dynamic; then
- $tool -S dynamic | tail -n +2 > \${VARDIR}/.dynamic
+ $tool -S dynamic | tail -n +2 | fgrep -v -- '-j ACCEPT' > \${VARDIR}/.dynamic
else
rm -f \${VARDIR}/.dynamic
fi
@@ -8048,7 +8048,7 @@
if ( @ipsets || @{$globals{SAVED_IPSETS}} || ( $config{SAVE_IPSETS} && have_ipset_rules ) ) {
emit( ' local file' ,
'',
- ' file=$1'
+ ' file=${1:-${VARDIR}/save.ipsets}'
);
if ( @ipsets ) {
@@ -8074,7 +8074,9 @@
emit( '',
" for set in \$(\$IPSET save | grep '$select' | cut -d' ' -f2); do" ,
" \$IPSET save \$set >> \$file" ,
- " done" );
+ " done" ,
+ '',
+ );
} else {
emit ( '' ,
' if [ -f /etc/debian_version ] && [ $(cat /etc/debian_version) = 5.0.3 ]; then' ,
@@ -8091,7 +8093,9 @@
' fi' );
}
- emit("}\n" );
+ emit( " return 0",
+ '',
+ "}\n" );
} elsif ( @ipsets || $globals{SAVED_IPSETS} ) {
emit( '' ,
' rm -f ${VARDIR}/ipsets.tmp' ,
@@ -8113,10 +8117,13 @@
emit( '' ,
" grep -qE -- \"(-N|^create )\" \${VARDIR}/ipsets.tmp && cat \${VARDIR}/ipsets.tmp >> \$file\n" ,
'' ,
+ ' return 0',
+ '' ,
"}\n" );
}
} elsif ( $config{SAVE_IPSETS} ) {
emit( ' error_message "WARNING: No ipsets were saved"',
+ ' return 1',
"}\n" );
} else {
emit( ' true',
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/Perl/Shorewall/Config.pm new/shorewall-4.6.8/Perl/Shorewall/Config.pm
--- old/shorewall-4.6.7/Perl/Shorewall/Config.pm 2015-03-11 19:41:43.000000000 +0100
+++ new/shorewall-4.6.8/Perl/Shorewall/Config.pm 2015-04-02 22:27:47.000000000 +0200
@@ -713,7 +713,7 @@
TC_SCRIPT => '',
EXPORT => 0,
KLUDGEFREE => '',
- VERSION => "4.6.7",
+ VERSION => "4.6.8",
CAPVERSION => 40606 ,
);
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/Perl/Shorewall/Misc.pm new/shorewall-4.6.8/Perl/Shorewall/Misc.pm
--- old/shorewall-4.6.7/Perl/Shorewall/Misc.pm 2015-03-11 19:41:43.000000000 +0100
+++ new/shorewall-4.6.8/Perl/Shorewall/Misc.pm 2015-04-02 22:27:47.000000000 +0200
@@ -48,7 +48,7 @@
generate_matrix
);
our @EXPORT_OK = qw( initialize );
-our $VERSION = '4.6_6';
+our $VERSION = '4.6_8';
our $family;
@@ -2418,7 +2418,7 @@
case $COMMAND in
stop|clear|restore)
if chain_exists dynamic; then
- ${IPTABLES}-save -t filter | grep '^-A dynamic' > ${VARDIR}/.dynamic
+ ${IPTABLES}-save -t filter | grep '^-A dynamic' | fgrep -v -- '-j ACCEPT' > ${VARDIR}/.dynamic
fi
;;
*)
@@ -2433,7 +2433,7 @@
case $COMMAND in
stop|clear|restore)
if chain_exists dynamic; then
- ${IP6TABLES}-save -t filter | grep '^-A dynamic' > ${VARDIR}/.dynamic
+ ${IP6TABLES}-save -t filter | grep '^-A dynamic' | fgrep -v -- '-j ACCEPT' > ${VARDIR}/.dynamic
fi
;;
*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/Perl/Shorewall/Providers.pm new/shorewall-4.6.8/Perl/Shorewall/Providers.pm
--- old/shorewall-4.6.7/Perl/Shorewall/Providers.pm 2015-03-11 19:41:43.000000000 +0100
+++ new/shorewall-4.6.8/Perl/Shorewall/Providers.pm 2015-04-02 22:27:47.000000000 +0200
@@ -1086,10 +1086,8 @@
}
}
-sub add_an_rtrule( ) {
- my ( $source, $dest, $provider, $priority, $originalmark ) =
- split_line( 'rtrules file',
- { source => 0, dest => 1, provider => 2, priority => 3 , mark => 4 } );
+sub add_an_rtrule1( $$$$$ ) {
+ my ( $source, $dest, $provider, $priority, $originalmark ) = @_;
our $current_if;
@@ -1178,6 +1176,17 @@
progress_message " Routing rule \"$currentline\" $done";
}
+sub add_an_rtrule( ) {
+ my ( $sources, $dests, $provider, $priority, $originalmark ) =
+ split_line( 'rtrules file',
+ { source => 0, dest => 1, provider => 2, priority => 3 , mark => 4 } );
+ for my $source ( split_list( $sources, "source" ) ) {
+ for my $dest (split_list( $dests , "dest" ) ) {
+ add_an_rtrule1( $source, $dest, $provider, $priority, $originalmark );
+ }
+ }
+}
+
sub add_a_route( ) {
my ( $provider, $dest, $gateway, $device ) =
split_line( 'routes file',
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/Perl/Shorewall/Raw.pm new/shorewall-4.6.8/Perl/Shorewall/Raw.pm
--- old/shorewall-4.6.7/Perl/Shorewall/Raw.pm 2015-03-11 19:41:43.000000000 +0100
+++ new/shorewall-4.6.8/Perl/Shorewall/Raw.pm 2015-04-02 22:27:47.000000000 +0200
@@ -36,7 +36,7 @@
our @ISA = qw(Exporter);
our @EXPORT = qw( setup_conntrack );
our @EXPORT_OK = qw( handle_helper_rule );
-our $VERSION = '4.6_0';
+our $VERSION = '4.6_8';
our %valid_ctevent = ( new => 1,
related => 1,
@@ -113,7 +113,7 @@
$action = $1;
$disposition = $1;
}
- } elsif ( $action =~ /^IP(6)?TABLES\((.+)\)(:(.*))$/ ) {
+ } elsif ( $action =~ /^IP(6)?TABLES\((.+)\)(:(.*))?$/ ) {
if ( $family == F_IPV4 ) {
fatal_error 'Invalid conntrack ACTION (IP6TABLES)' if $1;
} else {
@@ -125,8 +125,8 @@
fatal_error "Unknown target ($tgt)" unless $target_type;
fatal_error "The $tgt TARGET is not allowed in the raw table" unless $target_type & RAW_TABLE;
$disposition = $tgt;
- $action = 2;
- validate_level( $level = $3 ) if supplied $3;
+ $action = $2;
+ validate_level( $level = $4 ) if supplied $4;
} else {
( $disposition, my ( $option, $args ), $level ) = split ':', $action, 4;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/Perl/prog.footer new/shorewall-4.6.8/Perl/prog.footer
--- old/shorewall-4.6.7/Perl/prog.footer 2015-02-18 21:04:01.000000000 +0100
+++ new/shorewall-4.6.8/Perl/prog.footer 2015-04-02 22:26:51.000000000 +0200
@@ -407,6 +407,7 @@
savesets)
if [ $# -eq 2 ]; then
save_ipsets $2
+ status=$?
else
usage 2
fi
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/changelog.txt new/shorewall-4.6.8/changelog.txt
--- old/shorewall-4.6.7/changelog.txt 2015-03-11 19:41:43.000000000 +0100
+++ new/shorewall-4.6.8/changelog.txt 2015-04-02 22:27:47.000000000 +0200
@@ -1,3 +1,39 @@
+Changes in 4.6.8 Final
+
+1) Update release documents.
+
+2) Apply Matt Darfeuille's uninstall fixes
+
+Changes in 4.6.8 RC 1
+
+1) Update release documents.
+
+2) Correct the Shorewall-init installer.
+
+3) Apply nfw's fix for IP[6]TABLES in the conntrack file.
+
+Changes in 4.6.8 Beta 3
+
+1) Update release documents.
+
+2) Implement ICMP handling in 'open' and 'close'
+
+3) Implement 'savesets' command.
+
+4) Allow comma-separated lists in the rtrules file.
+
+Changes in 4.6.8 Beta 2
+
+1) Update release documents.
+
+2) Improve the 'close' and 'show opens' commands.
+
+Changes in 4.6.8 Beta 1
+
+1) Update release documents.
+
+2) Implement the 'open' and 'close' commands
+
Changes in 4.6.7 Final
1) Update release documents.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/configfiles/rtrules.annotated new/shorewall-4.6.8/configfiles/rtrules.annotated
--- old/shorewall-4.6.7/configfiles/rtrules.annotated 2015-03-11 19:43:05.000000000 +0100
+++ new/shorewall-4.6.8/configfiles/rtrules.annotated 2015-04-02 22:29:06.000000000 +0200
@@ -22,6 +22,9 @@
# to indicate that the source is the primary IP address of the named
# interface.
#
+# Beginning with Shorewall 4.6.8, you may specify a comma-separated list of
+# addresses in this column.
+#
# DEST (Optional) - {-|address}
#
# An ip address (network or host) that matches the destination IP address in
@@ -30,6 +33,9 @@
# If you choose to omit either SOURCE or DEST, place "-" in that column. Note
# that you may not omit both SOURCE and DEST.
#
+# Beginning with Shorewall 4.6.8, you may specify a comma-separated list of
+# addresses in this column.
+#
# PROVIDER - {provider-name|provider-number|main}
#
# The provider to route the traffic through. May be expressed either as the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/configure new/shorewall-4.6.8/configure
--- old/shorewall-4.6.7/configure 2015-03-11 19:41:43.000000000 +0100
+++ new/shorewall-4.6.8/configure 2015-04-02 22:27:47.000000000 +0200
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=4.6.7
+VERSION=4.6.8
case "$BASH_VERSION" in
[4-9].*)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/configure.pl new/shorewall-4.6.8/configure.pl
--- old/shorewall-4.6.7/configure.pl 2015-03-11 19:41:43.000000000 +0100
+++ new/shorewall-4.6.8/configure.pl 2015-04-02 22:27:47.000000000 +0200
@@ -31,7 +31,7 @@
# Build updates this
#
use constant {
- VERSION => '4.6.7'
+ VERSION => '4.6.8'
};
my %params;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/install.sh new/shorewall-4.6.8/install.sh
--- old/shorewall-4.6.7/install.sh 2015-03-11 19:41:43.000000000 +0100
+++ new/shorewall-4.6.8/install.sh 2015-04-02 22:27:47.000000000 +0200
@@ -22,7 +22,7 @@
# along with this program; if not, see http://www.gnu.org/licenses/.
#
-VERSION=4.6.7
+VERSION=4.6.8
#
# Change to the directory containing this script
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/lib.cli-std new/shorewall-4.6.8/lib.cli-std
--- old/shorewall-4.6.7/lib.cli-std 2015-02-18 21:04:01.000000000 +0100
+++ new/shorewall-4.6.8/lib.cli-std 2015-04-02 22:26:51.000000000 +0200
@@ -1645,6 +1645,7 @@
echo " allow <address> ..."
echo " [ check | ck ] [ -e ] [ -r ] [ -p ] [ -r ] [ -T ] [ -i ] [ <directory> ]"
echo " clear"
+ echo " close <source> <dest> [ <protocol> [ <port> ] ]"
echo " [ compile | co ] [ -e ] [ -p ] [ -t ] [ -c ] [ -d ] [ -T ] [ -i ] [ <directory name> ] [ <path name> ]"
echo " delete <interface>[:<host-list>] ... <zone>"
echo " disable <interface>"
@@ -1679,6 +1680,7 @@
echo " noiptrace <ip6tables match expression>"
fi
+ echo " open <source> <dest> [ <protocol> [ <port> ] ]"
echo " refresh [ -d ] [ -n ] [ -T ] [ -D <directory> ] [ <chain>... ]"
echo " reject <address> ..."
echo " reload [ -s ] [ -c ] [ -r <root user> ] [ -T ] [ -i ] [ <directory> ] <system>"
@@ -1689,6 +1691,7 @@
echo " safe-restart [ -t <timeout> ] [ <directory> ]"
echo " safe-start [ -t <timeout> ] [ <directory> ]"
echo " save [ -C ] [ <file name> ]"
+ echo " savesets"
echo " [ show | list | ls ] [ -x ] [ -t {filter|mangle|nat|raw|rawpost} ] [ {chain [<chain> [ <chain> ... ]"
echo " [ show | list | ls ] actions"
echo " [ show | list | ls ] [ -x ] {bl|blacklists}"
@@ -1710,6 +1713,7 @@
echo " [ show | list | ls ] marks"
echo " [ show | list | ls ] [ -x ] mangle|nat|raw|rawpost|routing"
echo " [ show | list | ls ] nfacct"
+ echo " [ show | list | ls ] opens"
echo " [ show | list | ls ] policies"
echo " [ show | list | ls ] routing"
echo " [ show | list | ls ] tc [ device ]"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-accounting.5 new/shorewall-4.6.8/manpages/shorewall-accounting.5
--- old/shorewall-4.6.7/manpages/shorewall-accounting.5 2015-03-11 19:41:48.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-accounting.5 2015-04-02 22:27:50.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-accounting
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ACCOUNTIN" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-ACCOUNTIN" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-actions.5 new/shorewall-4.6.8/manpages/shorewall-actions.5
--- old/shorewall-4.6.7/manpages/shorewall-actions.5 2015-03-11 19:41:49.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-actions.5 2015-04-02 22:27:51.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-actions
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ACTIONS" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-ACTIONS" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-arprules.5 new/shorewall-4.6.8/manpages/shorewall-arprules.5
--- old/shorewall-4.6.7/manpages/shorewall-arprules.5 2015-03-11 19:41:50.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-arprules.5 2015-04-02 22:27:52.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-arprules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ARPRULES" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-ARPRULES" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-blacklist.5 new/shorewall-4.6.8/manpages/shorewall-blacklist.5
--- old/shorewall-4.6.7/manpages/shorewall-blacklist.5 2015-03-11 19:41:52.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-blacklist.5 2015-04-02 22:27:54.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-blacklist
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-BLACKLIST" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-BLACKLIST" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-blrules.5 new/shorewall-4.6.8/manpages/shorewall-blrules.5
--- old/shorewall-4.6.7/manpages/shorewall-blrules.5 2015-03-11 19:41:53.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-blrules.5 2015-04-02 22:27:55.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-blrules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-BLRULES" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-BLRULES" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-conntrack.5 new/shorewall-4.6.8/manpages/shorewall-conntrack.5
--- old/shorewall-4.6.7/manpages/shorewall-conntrack.5 2015-03-11 19:42:00.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-conntrack.5 2015-04-02 22:28:02.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall6-conntrack
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-CONNTRAC" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-CONNTRAC" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-ecn.5 new/shorewall-4.6.8/manpages/shorewall-ecn.5
--- old/shorewall-4.6.7/manpages/shorewall-ecn.5 2015-03-11 19:42:01.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-ecn.5 2015-04-02 22:28:03.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-ecn
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ECN" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-ECN" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-exclusion.5 new/shorewall-4.6.8/manpages/shorewall-exclusion.5
--- old/shorewall-4.6.7/manpages/shorewall-exclusion.5 2015-03-11 19:42:02.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-exclusion.5 2015-04-02 22:28:04.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-exclusion
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-EXCLUSION" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-EXCLUSION" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-hosts.5 new/shorewall-4.6.8/manpages/shorewall-hosts.5
--- old/shorewall-4.6.7/manpages/shorewall-hosts.5 2015-03-11 19:42:04.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-hosts.5 2015-04-02 22:28:06.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-hosts
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-HOSTS" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-HOSTS" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-init.8 new/shorewall-4.6.8/manpages/shorewall-init.8
--- old/shorewall-4.6.7/manpages/shorewall-init.8 2015-03-11 19:42:05.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-init.8 2015-04-02 22:28:07.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-init
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Administrative Commands
.\" Source: Administrative Commands
.\" Language: English
.\"
-.TH "SHOREWALL\-INIT" "8" "03/11/2015" "Administrative Commands" "Administrative Commands"
+.TH "SHOREWALL\-INIT" "8" "04/02/2015" "Administrative Commands" "Administrative Commands"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-interfaces.5 new/shorewall-4.6.8/manpages/shorewall-interfaces.5
--- old/shorewall-4.6.7/manpages/shorewall-interfaces.5 2015-03-11 19:42:07.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-interfaces.5 2015-04-02 22:28:09.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-interfaces
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-INTERFACE" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-INTERFACE" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-ipsets.5 new/shorewall-4.6.8/manpages/shorewall-ipsets.5
--- old/shorewall-4.6.7/manpages/shorewall-ipsets.5 2015-03-11 19:42:08.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-ipsets.5 2015-04-02 22:28:10.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-ipsets
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-IPSETS" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-IPSETS" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-maclist.5 new/shorewall-4.6.8/manpages/shorewall-maclist.5
--- old/shorewall-4.6.7/manpages/shorewall-maclist.5 2015-03-11 19:42:10.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-maclist.5 2015-04-02 22:28:11.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-maclist
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-MACLIST" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-MACLIST" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-mangle.5 new/shorewall-4.6.8/manpages/shorewall-mangle.5
--- old/shorewall-4.6.7/manpages/shorewall-mangle.5 2015-03-11 19:42:11.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-mangle.5 2015-04-02 22:28:13.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-mangle
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-MANGLE" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-MANGLE" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-masq.5 new/shorewall-4.6.8/manpages/shorewall-masq.5
--- old/shorewall-4.6.7/manpages/shorewall-masq.5 2015-03-11 19:42:13.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-masq.5 2015-04-02 22:28:15.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-masq
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-MASQ" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-MASQ" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-modules.5 new/shorewall-4.6.8/manpages/shorewall-modules.5
--- old/shorewall-4.6.7/manpages/shorewall-modules.5 2015-03-11 19:42:14.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-modules.5 2015-04-02 22:28:16.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-modules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-MODULES" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-MODULES" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-nat.5 new/shorewall-4.6.8/manpages/shorewall-nat.5
--- old/shorewall-4.6.7/manpages/shorewall-nat.5 2015-03-11 19:42:16.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-nat.5 2015-04-02 22:28:17.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-nat
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-NAT" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-NAT" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-nesting.5 new/shorewall-4.6.8/manpages/shorewall-nesting.5
--- old/shorewall-4.6.7/manpages/shorewall-nesting.5 2015-03-11 19:42:17.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-nesting.5 2015-04-02 22:28:19.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-nesting
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-NESTING" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-NESTING" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-netmap.5 new/shorewall-4.6.8/manpages/shorewall-netmap.5
--- old/shorewall-4.6.7/manpages/shorewall-netmap.5 2015-03-11 19:42:19.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-netmap.5 2015-04-02 22:28:20.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-netmap
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-NETMAP" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-NETMAP" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-params.5 new/shorewall-4.6.8/manpages/shorewall-params.5
--- old/shorewall-4.6.7/manpages/shorewall-params.5 2015-03-11 19:42:20.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-params.5 2015-04-02 22:28:21.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-params
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-PARAMS" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-PARAMS" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-policy.5 new/shorewall-4.6.8/manpages/shorewall-policy.5
--- old/shorewall-4.6.7/manpages/shorewall-policy.5 2015-03-11 19:42:21.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-policy.5 2015-04-02 22:28:23.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-policy
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-POLICY" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-POLICY" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-providers.5 new/shorewall-4.6.8/manpages/shorewall-providers.5
--- old/shorewall-4.6.7/manpages/shorewall-providers.5 2015-03-11 19:42:23.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-providers.5 2015-04-02 22:28:24.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-providers
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-PROVIDERS" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-PROVIDERS" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-proxyarp.5 new/shorewall-4.6.8/manpages/shorewall-proxyarp.5
--- old/shorewall-4.6.7/manpages/shorewall-proxyarp.5 2015-03-11 19:42:24.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-proxyarp.5 2015-04-02 22:28:26.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-proxyarp
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-PROXYARP" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-PROXYARP" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-routes.5 new/shorewall-4.6.8/manpages/shorewall-routes.5
--- old/shorewall-4.6.7/manpages/shorewall-routes.5 2015-03-11 19:42:27.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-routes.5 2015-04-02 22:28:28.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-routes
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ROUTES" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-ROUTES" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-routestopped.5 new/shorewall-4.6.8/manpages/shorewall-routestopped.5
--- old/shorewall-4.6.7/manpages/shorewall-routestopped.5 2015-03-11 19:42:26.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-routestopped.5 2015-04-02 22:28:27.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-routestopped
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ROUTESTOP" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-ROUTESTOP" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-rtrules.5 new/shorewall-4.6.8/manpages/shorewall-rtrules.5
--- old/shorewall-4.6.7/manpages/shorewall-rtrules.5 2015-03-11 19:42:28.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-rtrules.5 2015-04-02 22:28:30.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-rtrules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-RTRULES" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-RTRULES" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -51,6 +51,8 @@
.sp
Beginning with Shorewall 4\&.5\&.0, you may specify &\fIinterface\fR
in this column to indicate that the source is the primary IP address of the named interface\&.
+.sp
+Beginning with Shorewall 4\&.6\&.8, you may specify a comma\-separated list of addresses in this column\&.
.RE
.PP
\fBDEST\fR (Optional) \- {\fB\-\fR|\fIaddress\fR}
@@ -64,6 +66,8 @@
\fBSOURCE\fR
and
\fBDEST\fR\&.
+.sp
+Beginning with Shorewall 4\&.6\&.8, you may specify a comma\-separated list of addresses in this column\&.
.RE
.PP
\fBPROVIDER\fR \- {\fIprovider\-name\fR|\fIprovider\-number\fR|\fBmain\fR}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-rules.5 new/shorewall-4.6.8/manpages/shorewall-rules.5
--- old/shorewall-4.6.7/manpages/shorewall-rules.5 2015-03-11 19:42:31.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-rules.5 2015-04-02 22:28:33.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-rules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-RULES" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-RULES" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-secmarks.5 new/shorewall-4.6.8/manpages/shorewall-secmarks.5
--- old/shorewall-4.6.7/manpages/shorewall-secmarks.5 2015-03-11 19:42:33.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-secmarks.5 2015-04-02 22:28:34.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-secmarks
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-SECMARKS" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-SECMARKS" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-stoppedrules.5 new/shorewall-4.6.8/manpages/shorewall-stoppedrules.5
--- old/shorewall-4.6.7/manpages/shorewall-stoppedrules.5 2015-03-11 19:42:34.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-stoppedrules.5 2015-04-02 22:28:35.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-stoppedrules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-STOPPEDRU" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-STOPPEDRU" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-tcclasses.5 new/shorewall-4.6.8/manpages/shorewall-tcclasses.5
--- old/shorewall-4.6.7/manpages/shorewall-tcclasses.5 2015-03-11 19:42:35.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-tcclasses.5 2015-04-02 22:28:37.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-tcclasses
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TCCLASSES" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-TCCLASSES" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-tcdevices.5 new/shorewall-4.6.8/manpages/shorewall-tcdevices.5
--- old/shorewall-4.6.7/manpages/shorewall-tcdevices.5 2015-03-11 19:42:37.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-tcdevices.5 2015-04-02 22:28:38.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-tcdevices
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TCDEVICES" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-TCDEVICES" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-tcfilters.5 new/shorewall-4.6.8/manpages/shorewall-tcfilters.5
--- old/shorewall-4.6.7/manpages/shorewall-tcfilters.5 2015-03-11 19:42:38.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-tcfilters.5 2015-04-02 22:28:40.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-tcfilters
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TCFILTERS" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-TCFILTERS" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-tcinterfaces.5 new/shorewall-4.6.8/manpages/shorewall-tcinterfaces.5
--- old/shorewall-4.6.7/manpages/shorewall-tcinterfaces.5 2015-03-11 19:42:40.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-tcinterfaces.5 2015-04-02 22:28:41.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-tcinterfaces
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TCINTERFA" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-TCINTERFA" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-tcpri.5 new/shorewall-4.6.8/manpages/shorewall-tcpri.5
--- old/shorewall-4.6.7/manpages/shorewall-tcpri.5 2015-03-11 19:42:41.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-tcpri.5 2015-04-02 22:28:42.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-tcpri
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TCPRI" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-TCPRI" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-tcrules.5 new/shorewall-4.6.8/manpages/shorewall-tcrules.5
--- old/shorewall-4.6.7/manpages/shorewall-tcrules.5 2015-03-11 19:42:43.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-tcrules.5 2015-04-02 22:28:44.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-mangle
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-MANGLE" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-MANGLE" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-tos.5 new/shorewall-4.6.8/manpages/shorewall-tos.5
--- old/shorewall-4.6.7/manpages/shorewall-tos.5 2015-03-11 19:42:44.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-tos.5 2015-04-02 22:28:46.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-tos
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TOS" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-TOS" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-tunnels.5 new/shorewall-4.6.8/manpages/shorewall-tunnels.5
--- old/shorewall-4.6.7/manpages/shorewall-tunnels.5 2015-03-11 19:42:46.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-tunnels.5 2015-04-02 22:28:47.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-tunnels
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-TUNNELS" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-TUNNELS" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-vardir.5 new/shorewall-4.6.8/manpages/shorewall-vardir.5
--- old/shorewall-4.6.7/manpages/shorewall-vardir.5 2015-03-11 19:42:47.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-vardir.5 2015-04-02 22:28:48.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-vardir
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-VARDIR" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-VARDIR" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall-zones.5 new/shorewall-4.6.8/manpages/shorewall-zones.5
--- old/shorewall-4.6.7/manpages/shorewall-zones.5 2015-03-11 19:42:52.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall-zones.5 2015-04-02 22:28:53.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall-zones
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-ZONES" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-ZONES" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall.8 new/shorewall-4.6.8/manpages/shorewall.8
--- old/shorewall-4.6.7/manpages/shorewall.8 2015-03-11 19:42:50.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall.8 2015-04-02 22:28:52.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Administrative Commands
.\" Source: Administrative Commands
.\" Language: English
.\"
-.TH "SHOREWALL" "8" "03/11/2015" "Administrative Commands" "Administrative Commands"
+.TH "SHOREWALL" "8" "04/02/2015" "Administrative Commands" "Administrative Commands"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -39,6 +39,8 @@
.HP \w'\fBshorewall\fR\ 'u
\fBshorewall\fR [\fBtrace\fR|\fBdebug\fR\ [\fBnolock\fR]] [\-\fIoptions\fR] \fBclear\fR\ [\fB\-f\fR]
.HP \w'\fBshorewall\fR\ 'u
+\fBshorewall\fR [\fBtrace\fR|\fBdebug\fR\ [\fBnolock\fR]] [\-\fIoptions\fR] \fBclose\fR\ {\ \fIopen\-number\fR\ |\ \fIsource\fR\fIdest\fR\ [\fIprotocol\fR\ [\ \fIport\fR\ ]]}\fI\ \fR
+.HP \w'\fBshorewall\fR\ 'u
\fBshorewall\fR [\fBtrace\fR|\fBdebug\fR] [\-\fIoptions\fR] [\fBcompile\ |\ co\ \fR] [\fB\-e\fR] [\fB\-c\fR] [\fB\-d\fR] [\fB\-p\fR] [\fB\-T\fR] [\fB\-i\fR] [\fIdirectory\fR] [\fIpathname\fR]
.HP \w'\fBshorewall\fR\ 'u
\fBshorewall\fR [\fBtrace\fR|\fBdebug\fR\ [\fBnolock\fR]] [\-\fIoptions\fR] \fBdelete\ {\fR \fIinterface\fR[:\fIhost\-list\fR]... \fIzone\fR\fB\ |\fR\fI\ zone\ host\-list\fR\fB\ }\fR
@@ -75,6 +77,8 @@
.HP \w'\fBshorewall\fR\ 'u
\fBshorewall\fR [\fBtrace\fR|\fBdebug\fR] [\-\fIoptions\fR] \fBnoiptrace\fR \fIiptables\ match\ expression\fR
.HP \w'\fBshorewall\fR\ 'u
+\fBshorewall\fR [\-\fIoptions\fR] \fBopen\fR\fI\ source\fR\fI\ dest\fR\ [\ \fIprotocol\fR\ [\ \fIport\fR\ ]\ ]
+.HP \w'\fBshorewall\fR\ 'u
\fBshorewall\fR [\fBtrace\fR|\fBdebug\fR\ [\fBnolock\fR]] [\-\fIoptions\fR] \fBrefresh\fR\ [\fB\-n\fR]\ [\fB\-d\fR]\ [\fB\-T\fR]\ [\fB\-i\fR]\ [\-\fBD\fR\ \fIdirectory\fR\ ]\ [\fIchain\fR...]
.HP \w'\fBshorewall\fR\ 'u
\fBshorewall\fR [\fBtrace\fR|\fBdebug\fR\ [\fBnolock\fR]] [\-\fIoptions\fR] \fBreject\fR \fIaddress\fR
@@ -95,6 +99,8 @@
.HP \w'\fBshorewall\fR\ 'u
\fBshorewall\fR [\fBtrace\fR|\fBdebug\fR\ [\fBnolock\fR]] [\-\fIoptions\fR] \fBsave\fR\ [\fB\-C\fR] [\fIfilename\fR]
.HP \w'\fBshorewall\fR\ 'u
+\fBshorewall\fR [\fBtrace\fR|\fBdebug\fR\ [\fBnolock\fR]] [\-\fIoptions\fR] \fBsavesets\fR
+.HP \w'\fBshorewall\fR\ 'u
\fBshorewall\fR [\fBtrace\fR|\fBdebug\fR] [\-\fIoptions\fR] {\fBshow\ |\ list\ |\ ls\ \fR} [\fB\-x\fR] \fB{bl|blacklists}\fR
.HP \w'\fBshorewall\fR\ 'u
\fBshorewall\fR [\fBtrace\fR|\fBdebug\fR] [\-\fIoptions\fR] {\fBshow\ |\ list\ |\ ls\ \fR} [\fB\-b\fR] [\fB\-x\fR] [\fB\-l\fR] [\fB\-t\fR\ {\fBfilter\fR|\fBmangle\fR|\fBnat\fR|\fBraw|rawpost\fR}] [[\fBchain\fR]\ \fIchain\fR...]
@@ -258,7 +264,7 @@
.sp
The
\fB\-i\fR
-option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the line current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
+option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
\m[blue]\fBshorewall\&.conf\fR\m[]\&\s-2\u[2]\d\s+2(5)\&.
.RE
.PP
@@ -276,6 +282,22 @@
command if that script exists\&.
.RE
.PP
+\fBclose\fR { \fIopen\-number\fR | \fIsource\fR \fIdest\fR [ \fIprotocol\fR [ \fIport\fR ] ] }
+.RS 4
+Added in Shorewall 4\&.5\&.8\&. This command closes a temporary open created by the
+\fBopen\fR
+command\&. In the first form, an
+\fIopen\-number\fR
+specifies the open to be closed\&. Open numbers are displayed in the
+\fBnum\fR
+column of the output of the
+\fBshorewall show opens \fRcommand\&.
+.sp
+When the second form of the command is used, the parameters must match those given in the earlier
+\fBopen\fR
+command\&.
+.RE
+.PP
\fBcompile\fR
.RS 4
Compiles the current configuration into the executable file
@@ -328,7 +350,7 @@
.sp
The
\fB\-i\fR
-option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the line current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
+option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
\m[blue]\fBshorewall\&.conf\fR\m[]\&\s-2\u[2]\d\s+2(5)\&.
.RE
.PP
@@ -535,7 +557,7 @@
.sp
The
\fB\-i\fR
-option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the line current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
+option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
\m[blue]\fBshorewall\&.conf\fR\m[]\&\s-2\u[2]\d\s+2(5)\&.
.RE
.PP
@@ -579,6 +601,56 @@
command being canceled\&.
.RE
.PP
+\fBopen\fR \fIsource\fR \fIdest\fR [ \fIprotocol\fR [ \fIport\fR ] ]
+.RS 4
+Added in Shorewall 4\&.6\&.8\&. This command requires that the firewall be in the started state and that DYNAMIC_BLACKLIST=Yes in
+\m[blue]\fBshorewall\&.conf (5)\fR\m[]\&\s-2\u[2]\d\s+2\&. The effect of the command is to temporarily open the firewall for connections matching the parameters\&.
+.sp
+The
+\fIsource\fR
+and
+\fIdest\fR
+parameters may each be specified as
+\fBall\fR
+if you don\*(Aqt wish to restrict the connection source or destination respectively\&. Otherwise, each must contain a host or network address or a valid DNS name\&.
+.sp
+The
+\fIprotocol\fR
+may be specified either as a number or as a name listed in /etc/protocols\&. The
+\fIport\fR
+may be specified numerically or as a name listed in /etc/services\&.
+.sp
+To reverse the effect of a successful
+\fBopen\fR
+command, use the
+\fBclose\fR
+command with the same parameters or simply restart the firewall\&.
+.sp
+Example: To open the firewall for SSH connections to address 192\&.168\&.1\&.1, the command would be:
+.sp
+.if n \{\
+.RS 4
+.\}
+.nf
+ shorewall open all 192\&.168\&.1\&.1 tcp 22
+.fi
+.if n \{\
+.RE
+.\}
+.sp
+To reverse that command, use:
+.sp
+.if n \{\
+.RS 4
+.\}
+.nf
+ shorewall close all 192\&.168\&.1\&.1 tcp 22
+.fi
+.if n \{\
+.RE
+.\}
+.RE
+.PP
\fBrefresh\fR
.RS 4
All steps performed by
@@ -611,7 +683,7 @@
.sp
The
\fB\-i\fR
-option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the line current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
+option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
\m[blue]\fBshorewall\&.conf\fR\m[]\&\s-2\u[2]\d\s+2(5)\&.
.sp
The
@@ -695,7 +767,7 @@
.sp
The
\fB\-i\fR
-option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the line current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
+option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
\m[blue]\fBshorewall\&.conf\fR\m[]\&\s-2\u[2]\d\s+2(5)\&.
.RE
.PP
@@ -747,7 +819,7 @@
.sp
The
\fB\-i\fR
-option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the line current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
+option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
\m[blue]\fBshorewall\&.conf\fR\m[]\&\s-2\u[2]\d\s+2(5)\&.
.sp
The
@@ -879,6 +951,17 @@
option, added in Shorewall 4\&.6\&.5, causes the iptables packet and byte counters to be saved along with the chains and rules\&.
.RE
.PP
+\fBsavesets\fR
+.RS 4
+Added in shorewall 4\&.6\&.8\&. Performs the same action as the
+\fBstop\fR
+command with respect to saving ipsets (see the SAVE_IPSETS option in
+\m[blue]\fBshorewall\&.conf\fR\m[]\&\s-2\u[2]\d\s+2
+(5))\&. This command may be used to proactively save your ipset contents in the event that a system failure occurs prior to issuing a
+\fBstop\fR
+command\&.
+.RE
+.PP
\fBshow\fR
.RS 4
The show command can have a number of different arguments:
@@ -1005,6 +1088,12 @@
option is passed directly through to iptables and causes actual packet and byte counts to be displayed\&. Without this option, those counts are abbreviated\&.
.RE
.PP
+\fBopens\fR
+.RS 4
+Added in Shorewall 4\&.5\&.8\&. Displays the iptables rules in the \*(Aqdynamic\*(Aq chain created through use of the
+\fBopen \fRcommand\&.\&.
+.RE
+.PP
\fBpolicies\fR
.RS 4
Added in Shorewall 4\&.4\&.4\&. Displays the applicable policy between each pair of zones\&. Note that implicit intrazone ACCEPT policies are not displayed for zones associated with a single network where that network doesn\*(Aqt specify
@@ -1076,7 +1165,7 @@
\fB\-T\fR
option was added in Shorewall 4\&.5\&.3 and causes a Perl stack trace to be included with each compiler\-generated error and warning message\&.
.sp
-The \-i option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the line current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
+The \-i option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
\m[blue]\fBshorewall\&.conf(5)\fR\m[]\&\s-2\u[2]\d\s+2\&.
.sp
The
@@ -1184,7 +1273,7 @@
\fB\-D\fR
option was added in Shorewall 4\&.5\&.11\&. When this option is specified, the compiler will walk through the directories in the CONFIG_PATH replacing FORMAT and COMMENT entries to compiler directives (e\&.g\&., ?FORMAT and ?COMMENT\&. When a file is updated, the original is saved in a \&.bak file in the same directory\&.
.sp
-The \-i option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the line current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
+The \-i option was added in Shorewall 4\&.6\&.0 and causes a warning message to be issued if the current line contains alternative input specifications following a semicolon (";")\&. Such lines will be handled incorrectly if INLINE_MATCHES is set to Yes in
\m[blue]\fBshorewall\&.conf\fR\m[]\&\s-2\u[2]\d\s+2(5)\&.
.sp
The
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/manpages/shorewall.conf.5 new/shorewall-4.6.8/manpages/shorewall.conf.5
--- old/shorewall-4.6.7/manpages/shorewall.conf.5 2015-03-11 19:41:58.000000000 +0100
+++ new/shorewall-4.6.8/manpages/shorewall.conf.5 2015-04-02 22:28:00.000000000 +0200
@@ -2,12 +2,12 @@
.\" Title: shorewall.conf
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.76.1 http://docbook.sf.net/
-.\" Date: 03/11/2015
+.\" Date: 04/02/2015
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\&.CONF" "5" "03/11/2015" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\&.CONF" "5" "04/02/2015" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/shorewall-4.6.7/releasenotes.txt new/shorewall-4.6.8/releasenotes.txt
--- old/shorewall-4.6.7/releasenotes.txt 2015-03-11 19:41:43.000000000 +0100
+++ new/shorewall-4.6.8/releasenotes.txt 2015-04-02 22:27:47.000000000 +0200
@@ -1,7 +1,7 @@
----------------------------------------------------------------------------
- S H O R E W A L L 4 . 6 . 7
+ S H O R E W A L L 4 . 6 . 8
------------------------------------
- M a r c h 0 8 , 2 0 1 5
+ A p r i l 0 4 , 2 0 1 5
----------------------------------------------------------------------------
I. PROBLEMS CORRECTED IN THIS RELEASE
@@ -17,6 +17,22 @@
1) This release includes defect repair from Shorewall 4.6.6.2 and
earlier releases.
+2) Previously, when the -n option was specified and NetworkManager was
+ installed on the target system, the Shorewall-init installer would
+ still create
+ ${DESTDIR}etc/NetworkManager/dispatcher.d/01-shorewall, regardless
+ of the setting of $CONFDIR. That has been corrected such that the
+ directory
+ ${DESTDIR}${CONFDIR}/NetworkManager/dispatcher.d/01-shorewall is
+ created instead.
+
+3) Previously, handling of the IPTABLES and IP6TABLES actions in the
+ conntrack file was broken. nfw provided a fix on IRC.
+
+4) The Shorewall-core and Shorewall6 installers would previously
+ report incorrectly that the product release was not installed. Matt
+ Darfeuille provided fixes.
+
----------------------------------------------------------------------------
I I. K N O W N P R O B L E M S R E M A I N I N G
----------------------------------------------------------------------------
@@ -28,15 +44,63 @@
I I I. N E W F E A T U R E S I N T H I S R E L E A S E
----------------------------------------------------------------------------
-1) The 'tunnels' file now supports 'tinc' tunnels.
+1) The CLI programs (shorewall, shorewall6, etc) now support 'open'
+ and 'close' commands. The 'open' command temporarily opens the
+ firewall for a specified type of connection; the syntax is:
-2) Previously, the SAME action in the mangle file had a fixed timeout
- of 300 seconds (5 minutes). That action now allows specification of
- a different timeout.
+ open <source> <destination> [ <protocol> [ <port> ] ]
-3) It is now possible to add or delete addresses from an ipset with
- entries in the mangle file. The ADD and DEL actions have the same
- behavior in the mangle file as they do in the rules file.
+ The <source> and <destination> may be any of the following:
+
+ - a host IP address
+ - a network IP address
+ - a valid DNS name (usual warnings apply)
+ - the word 'all', indicating that the <source> or <destination> is
+ not restricted
+
+ The protocol may be specified by number or by a name. Same with
+ <port>.
+
+ Example: Open SSH connections to 1.2.3.4 in Shorewall:
+
+ shorewall open all 1.2.3.4 tcp ssh
+
+ The 'close' command reverses the effect of an earlier 'open'
+ command and has two forms:
+
+ close <open-number>
+ close <source> <destination> [