From: Tom Eastep <teastep@sh...> - 2012-05-31 21:50:39
Shorewall 22.214.171.124 is now available for download.
Note: The third problem corrected below was inadvertently omitted from
the release notes included with the 126.96.36.199 tarballs and rpms.
1) Beginning with Shorewall 4.4.22, the 'pptpserver' tunnel type has
been configured as a PPTP client running on the firewall rather
than as a server on the firewall. It is now correctly configured as
2) The shorewall-accounting (5) and shorewall6-accounting (5)
documentation for the IPSEC column is incorrect. Rather than
'accountin' and 'accountout', the chain names should be
'accipsecin' and 'accipsecout'.
3) IPSEC accounting did not work if the accounting file was sectioned.
Beginning with this release, the IPSEC column can be specified in
any section. As always, the IPSEC column contains a comma-separated
list of items. In the FORWARD chain, the first (or only) item in
the list must be either 'in' or 'out' to indicate whether the rule
matches incoming packets that have been decrypted ('in') or
outgoing packets that will be encrypted ('out'). There are no
restrictions with respect to which chain IPSEC rules can appear in
a sectioned file.
Thank you for using Shorewall,
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car