Re: [Shorewall-announce] [Shorewall-users] Shorewall 4.5.21.7

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On 3/8/2014 8:20 AM, Tom Eastep wrote:

> 
> 2)  The behavior of ADMINISABSENTMINDED=No is corrected.

Here is an expanded version of this change description:

2)  The behavior of ADMINISABSENTMINDED=No is corrected. Previously,
    'shorewall stop' would not block existing connections regardless of
    the setting of this option. Beginning with this release, the
    behavior of ADMINISABSENTMINDED=No depends on whether the
    routestopped or the stoppedrules file defines the allow connections
    while the firewall is stopped.

    If there are entries in /etc/shorewall[6]/routestopped or if there
    are no entries in /etc/shorewall[6]/stoppedrules, then the behavior
    of ADMINISABSENTMINDED=No is as documented (existing connections
    are blocked unles they are allowed by
    /etc/shorewall[6]/routestopped).  If there are no entries in
    /etc/shorewall[6]/stoppedrules but there are entries in
    /etc/shorewall[6]/stoppedrules, then the behavior is as if
    ADMINISABSENTMINDED=Yes and a warning message is generated.

-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________