[Shorewall-users] Shorewall 4.5.12 RC 1

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

RC 1 is now available for testing.

Problems corrected since Beta 5:

1)  Under very rare circumstances, optimize level 4 could leave a rule
    that jumped to a non-existant chain, causing iptables-restore to
    fail.

2)  If an error was raised while compiling a default action, the
    following Perl diagnostic could appear and the Shorewall error
    message would not be printed.

3)  It is once again possible to use DNS names in rules without an
    interface name.

New Features since Beta 5:

1)  A new DEFER_DNS_RESOLUTION option has been added to shorewall.conf.

    Up to this time, when a DNS name appears in the SOURCE, DEST or
    ORIGINAL DEST column of a configuration file, the compiler verifies
    that the name can be resolved and then passes the name on to the
    generated script. This means that ip[6]tables-restore must resolve
    the name when the script runs.

    When DEFER_DNS_RESOLUTION=Yes (the default) this old behavior is
    retained. When DEFER_DNS_RESOLUTION=No, the compiler resolves the
    name and uses the address(es) in the generated script.

Thank you for testing,
-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________