From: Tom E. <te...@sh...> - 2006-11-10 01:03:31
|
Updates are available at http://www.shorewall.net/pub/shorewall/3.2/shorewall-3.2.5/ 1) If a DNAT or REDIRECT rule was used where the effective policy between the source and final destination zones is ACCEPT, the ACCEPT part of the rule was not generated. This could lead to confusing results if there was a DROP or REJECT rule following. 2) If "all+" appeared in a rule then "all" appearing in following rules was treated like "all+". For both problems, either: a) Replace /usr/share/shorewall/compiler and /usr/share/shorewall/functions with the 'compiler' and 'functions' files from the errata/Shorewall/ sub-directory. b) Patch /usr/share/shorewall/compiler and /usr/share/shorewall/functions with the patch-3.2.5-4.diff patch from the errata/patches directory. -Tom --=20 Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ te...@sh... PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key |