[Shorewall-devel] Shorewall-2.1.8

Tom Eastep teastep at shorewall.net
Wed Sep 8 13:58:42 PDT 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://shorewall.net/pub/shorewall/2.1/shorewall-2.1.8
ftp://shorewall.net/pub/shorewall/2.1/shorewall-2.1.8

New in this release:

1)  Shorewall now verifies that your kernel and iptables have physdev
~    match support if BRIDGING=Yes in shorewall.conf.

2)  Beginning with this release, if your kernel and iptables have
~    iprange match support (see the output from "shorewall check"), then
~    with the exception of the /etc/shorewall/netmap file, anywhere that
~    a network address may appear, an IP address range of the form <low
~    address>-<high address> may also appear.

3)  Support has been added for the iptables CLASSIFY target. That
~    target allows you to classify packets for traffic shaping directly
~    rather than indirectly through fwmark. Simply entry the
~    <major>:<minor> classification in the first column of
~    /etc/shorewall/tcrules:

~    Example:

~       #MARK/      SOURCE       DEST      PROTO     PORT(S)
~       #CLASSIFY
~       1:30        -            -         tcp       25

~    Marking using the CLASSIFY target always occurs in the POSTROUTING
~    chain of the mangle table and is not affected by the setting of
~    MARK_IN_FORWARD_CHAIN in shorewall.conf.

- -Tom
- --
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBP3KCO/MAbZfjDLIRAu+4AJ9FbTMKr3X0ZqO5Lbr32G51f1Uf6gCgiyu1
9E/rHS8aI9Bt/2dQrmtYoWI=
=Wnqq
-----END PGP SIGNATURE-----


More information about the Shorewall-devel mailing list