From: Tom E. <te...@sh...> - 2013-01-07 16:14:45
|
4.5.12 Beta 4 is now available for testing. Problems Corrected since Beta 3: 1) A number of problems with processing the arprules file have been corrected. 2) Inline actions in the RELATED and ESTABLISHED sections now work correctly. 3) The 'dropInvalid' built-in function now works correctly. 4) The compiler now generates an error when a protocol list is used in a context where only a single protocol name/number is accepted. New Features since Beta 3: 1) The interpretation of the log tag when LOGTAGONLY=Yes is changed. Previously, the log tag replaced the chain name in the generated log prefix. Now, the tag is interpreted as a chain name and a disposition separated by a comma. So this rule: LOG:info:foo,bar will generate the following log prefix when using the default LOGFORMAT setting: Shorewall:foo:bar: Similarly, LOG:info:,bar net fw will generate Shorewall:net2fw:bar: 2) Rules generated by the RELATED section of the rules file are now in separate chains. For each pair of zones (za,zb), RELATED connections are handled by a chain whose name is "+za2zb" (ZONE_SEPARATOR=2) or "+za-zb" (ZONE_SEPARATOR='-'). This results in only one state match to jump to the new chain rather than a state match for every rule in the section. Thank you for testing, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ |