diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/changelog.txt shorewall6-5.0.11/changelog.txt
--- shorewall6-5.0.10/changelog.txt 2016-06-30 17:54:28.792426829 -0700
+++ shorewall6-5.0.11/changelog.txt 2016-08-06 07:57:47.277241125 -0700
@@ -1,3 +1,29 @@
+Changes in 5.0.11 Beta 2
+
+1) Update release documents
+
+2) Default DSCP rules to the POSTROUTING chain.
+
+3) Correct 'trace' handing of in-rule comments.
+
+4) Correct handling of a provider interface that matches a wildcard.
+
+5) Re-add a handle to flow classifiers.
+
+Changes in 5.0.11 Beta 1
+
+1) Update release documents
+
+2) Allow 'comment' in alternate input.
+
+Changes in 5.0.10.1
+
+1) Update release documents
+
+2) Update Debian SysV init scripts (Roberto Sánchez).
+
+3) Implement LOGFILE=systemd (Scott Shumate).
+
Changes in 5.0.10
1) Update release documents
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/configfiles/mangle.annotated shorewall6-5.0.11/configfiles/mangle.annotated
--- shorewall6-5.0.10/configfiles/mangle.annotated 2016-06-30 17:55:32.047618829 -0700
+++ shorewall6-5.0.11/configfiles/mangle.annotated 2016-08-06 07:59:03.320730656 -0700
@@ -221,7 +221,8 @@
# EF => 0x2e
#
# To indicate more than one class, add their hex values together and
-# specify the result.
+# specify the result. By default, DSCP rules are placed in the
+# POSTROUTING chain.
#
# HL([-|+]number)[:P]
#
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/configfiles/shorewall6.conf.annotated shorewall6-5.0.11/configfiles/shorewall6.conf.annotated
--- shorewall6-5.0.10/configfiles/shorewall6.conf.annotated 2016-06-30 17:55:35.414982829 -0700
+++ shorewall6-5.0.11/configfiles/shorewall6.conf.annotated 2016-08-06 07:59:07.292703992 -0700
@@ -179,12 +179,13 @@
#
LOGFILE=/var/log/messages
#
-# LOGFILE=[pathname]
+# LOGFILE=[pathname|systemd]
#
# This parameter tells the /sbin/shorewall6 program where to look for
# Shorewall6 messages when processing the dump, logwatch, show log, and hits
# commands. If not assigned or if assigned an empty value, /var/log/messages
-# is assumed.
+# is assumed. Beginning with Shorewall 5.0.10.1, you may specify systemd to
+# use journelctl -r to read the log.
#
LOGFORMAT="Shorewall:%s:%s:"
#
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/configure shorewall6-5.0.11/configure
--- shorewall6-5.0.10/configure 2016-06-30 17:54:28.792426829 -0700
+++ shorewall6-5.0.11/configure 2016-08-06 07:57:47.273241152 -0700
@@ -28,7 +28,7 @@
#
# Build updates this
#
-VERSION=5.0.10
+VERSION=5.0.11
case "$BASH_VERSION" in
[4-9].*)
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/configure.pl shorewall6-5.0.11/configure.pl
--- shorewall6-5.0.10/configure.pl 2016-06-30 17:54:28.792426829 -0700
+++ shorewall6-5.0.11/configure.pl 2016-08-06 07:57:47.273241152 -0700
@@ -31,7 +31,7 @@
# Build updates this
#
use constant {
- VERSION => '5.0.10'
+ VERSION => '5.0.11'
};
my %params;
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/init.debian.sh shorewall6-5.0.11/init.debian.sh
--- shorewall6-5.0.10/init.debian.sh 2016-06-30 17:49:43.000000000 -0700
+++ shorewall6-5.0.11/init.debian.sh 2016-08-04 11:03:36.000000000 -0700
@@ -4,7 +4,7 @@
# Required-Start: $network $remote_fs
# Required-Stop: $network $remote_fs
# Default-Start: S
-# Default-Stop: 0 6
+# Default-Stop: 0 1 6
# Short-Description: Configure the firewall at boot time
# Description: Configure the firewall according to the rules specified in
# /etc/shorewall6
@@ -97,10 +97,11 @@
# stop the firewall
shorewall6_stop () {
- echo -n "Stopping \"Shorewall6 firewall\": "
if [ "$SAFESTOP" = 1 ]; then
+ echo -n "Stopping \"Shorewall6 firewall\": "
$SRWL $SRWL_OPTS stop >> $INITLOG 2>&1 && echo "done." || echo_notdone
else
+ echo -n "Clearing all \"Shorewall6 firewall\" rules: "
$SRWL $SRWL_OPTS clear >> $INITLOG 2>&1 && echo "done." || echo_notdone
fi
return 0
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/install.sh shorewall6-5.0.11/install.sh
--- shorewall6-5.0.10/install.sh 2016-06-30 17:54:28.796430829 -0700
+++ shorewall6-5.0.11/install.sh 2016-08-06 07:57:47.277241125 -0700
@@ -22,7 +22,7 @@
# along with this program; if not, see .
#
-VERSION=5.0.10
+VERSION=5.0.11
#
# Change to the directory containing this script
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6.8 shorewall6-5.0.11/manpages/shorewall6.8
--- shorewall6-5.0.10/manpages/shorewall6.8 2016-06-30 17:55:29.312886830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6.8 2016-08-06 07:58:59.948753292 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Administrative Commands
.\" Source: Administrative Commands
.\" Language: English
.\"
-.TH "SHOREWALL6" "8" "06/30/2016" "Administrative Commands" "Administrative Commands"
+.TH "SHOREWALL6" "8" "08/06/2016" "Administrative Commands" "Administrative Commands"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-accounting.5 shorewall6-5.0.11/manpages/shorewall6-accounting.5
--- shorewall6-5.0.10/manpages/shorewall6-accounting.5 2016-06-30 17:55:09.785378829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-accounting.5 2016-08-06 07:58:36.780908814 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-accounting
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-ACCOUNTI" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-ACCOUNTI" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-actions.5 shorewall6-5.0.11/manpages/shorewall6-actions.5
--- shorewall6-5.0.10/manpages/shorewall6-actions.5 2016-06-30 17:55:10.273866829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-actions.5 2016-08-06 07:58:37.344905028 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-actions
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-ACTIONS" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-ACTIONS" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-blrules.5 shorewall6-5.0.11/manpages/shorewall6-blrules.5
--- shorewall6-5.0.10/manpages/shorewall6-blrules.5 2016-06-30 17:55:10.858450829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-blrules.5 2016-08-06 07:58:37.960900893 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-blrules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-BLRULES" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-BLRULES" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6.conf.5 shorewall6-5.0.11/manpages/shorewall6.conf.5
--- shorewall6-5.0.10/manpages/shorewall6.conf.5 2016-06-30 17:55:12.740330829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6.conf.5 2016-08-06 07:58:40.128886339 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6.conf
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\&.CONF" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\&.CONF" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -978,14 +978,18 @@
.RE
.RE
.PP
-\fBLOGFILE=\fR[\fIpathname\fR]
+\fBLOGFILE=\fR[\fIpathname\fR|\fBsystemd\fR]
.RS 4
This parameter tells the /sbin/shorewall6 program where to look for Shorewall6 messages when processing the
\fBdump\fR,
\fBlogwatch\fR,
\fBshow log\fR, and
\fBhits\fR
-commands\&. If not assigned or if assigned an empty value, /var/log/messages is assumed\&.
+commands\&. If not assigned or if assigned an empty value, /var/log/messages is assumed\&. Beginning with Shorewall 5\&.0\&.10\&.1, you may specify
+\fBsystemd\fR
+to use
+\fBjournelctl \-r\fR
+to read the log\&.
.RE
.PP
\fBLOGFORMAT=\fR[\fB"\fR\fIformattemplate\fR\fB"\fR]
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-conntrack.5 shorewall6-5.0.11/manpages/shorewall6-conntrack.5
--- shorewall6-5.0.10/manpages/shorewall6-conntrack.5 2016-06-30 17:55:13.336926830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-conntrack.5 2016-08-06 07:58:40.816881720 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-conntrack
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-CONNTRAC" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-CONNTRAC" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-exclusion.5 shorewall6-5.0.11/manpages/shorewall6-exclusion.5
--- shorewall6-5.0.10/manpages/shorewall6-exclusion.5 2016-06-30 17:55:13.829418829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-exclusion.5 2016-08-06 07:58:41.384877908 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-exclusion
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-EXCLUSIO" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-EXCLUSIO" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-hosts.5 shorewall6-5.0.11/manpages/shorewall6-hosts.5
--- shorewall6-5.0.10/manpages/shorewall6-hosts.5 2016-06-30 17:55:14.329918829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-hosts.5 2016-08-06 07:58:41.972873961 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-hosts
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-HOSTS" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-HOSTS" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-interfaces.5 shorewall6-5.0.11/manpages/shorewall6-interfaces.5
--- shorewall6-5.0.10/manpages/shorewall6-interfaces.5 2016-06-30 17:55:14.890478830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-interfaces.5 2016-08-06 07:58:42.676869235 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-interfaces
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-INTERFAC" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-INTERFAC" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-ipsets.5 shorewall6-5.0.11/manpages/shorewall6-ipsets.5
--- shorewall6-5.0.10/manpages/shorewall6-ipsets.5 2016-06-30 17:55:15.398986829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-ipsets.5 2016-08-06 07:58:43.292865100 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall-ipsets
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL\-IPSETS" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL\-IPSETS" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-maclist.5 shorewall6-5.0.11/manpages/shorewall6-maclist.5
--- shorewall6-5.0.10/manpages/shorewall6-maclist.5 2016-06-30 17:55:15.899486830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-maclist.5 2016-08-06 07:58:43.912860938 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-maclist
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-MACLIST" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-MACLIST" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-mangle.5 shorewall6-5.0.11/manpages/shorewall6-mangle.5
--- shorewall6-5.0.10/manpages/shorewall6-mangle.5 2016-06-30 17:55:16.680266830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-mangle.5 2016-08-06 07:58:44.860854574 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-mangle
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-MANGLE" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-MANGLE" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -317,7 +317,7 @@
.RE
.\}
.sp
-To indicate more than one class, add their hex values together and specify the result\&.
+To indicate more than one class, add their hex values together and specify the result\&. By default, DSCP rules are placed in the POSTROUTING chain\&.
.RE
.PP
\fBHL\fR([\fB\-\fR|\fB+\fR]\fInumber\fR)[:P]
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-masq.5 shorewall6-5.0.11/manpages/shorewall6-masq.5
--- shorewall6-5.0.10/manpages/shorewall6-masq.5 2016-06-30 17:55:17.236822830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-masq.5 2016-08-06 07:58:45.524850117 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-masq
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-MASQ" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-MASQ" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-modules.5 shorewall6-5.0.11/manpages/shorewall6-modules.5
--- shorewall6-5.0.10/manpages/shorewall6-modules.5 2016-06-30 17:55:17.717302830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-modules.5 2016-08-06 07:58:46.140845982 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-modules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-MODULES" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-MODULES" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-nat.5 shorewall6-5.0.11/manpages/shorewall6-nat.5
--- shorewall6-5.0.10/manpages/shorewall6-nat.5 2016-06-30 17:55:18.197782829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-nat.5 2016-08-06 07:58:46.688842303 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-nat
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-NAT" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-NAT" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-nesting.5 shorewall6-5.0.11/manpages/shorewall6-nesting.5
--- shorewall6-5.0.10/manpages/shorewall6-nesting.5 2016-06-30 17:55:18.678262829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-nesting.5 2016-08-06 07:58:47.236838624 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-nesting
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-NESTING" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-NESTING" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-netmap.5 shorewall6-5.0.11/manpages/shorewall6-netmap.5
--- shorewall6-5.0.10/manpages/shorewall6-netmap.5 2016-06-30 17:55:19.170754829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-netmap.5 2016-08-06 07:58:47.800834839 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-netmap
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-NETMAP" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-NETMAP" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-params.5 shorewall6-5.0.11/manpages/shorewall6-params.5
--- shorewall6-5.0.10/manpages/shorewall6-params.5 2016-06-30 17:55:19.663246829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-params.5 2016-08-06 07:58:48.352831133 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-params
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-PARAMS" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-PARAMS" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-policy.5 shorewall6-5.0.11/manpages/shorewall6-policy.5
--- shorewall6-5.0.10/manpages/shorewall6-policy.5 2016-06-30 17:55:20.199782830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-policy.5 2016-08-06 07:58:48.932827239 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-policy
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-POLICY" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-POLICY" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-providers.5 shorewall6-5.0.11/manpages/shorewall6-providers.5
--- shorewall6-5.0.10/manpages/shorewall6-providers.5 2016-06-30 17:55:20.744326829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-providers.5 2016-08-06 07:58:49.516823319 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-providers
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-PROVIDER" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-PROVIDER" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-proxyndp.5 shorewall6-5.0.11/manpages/shorewall6-proxyndp.5
--- shorewall6-5.0.10/manpages/shorewall6-proxyndp.5 2016-06-30 17:55:21.248830830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-proxyndp.5 2016-08-06 07:58:50.072819587 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-proxyndp
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-PROXYNDP" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-PROXYNDP" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-routes.5 shorewall6-5.0.11/manpages/shorewall6-routes.5
--- shorewall6-5.0.10/manpages/shorewall6-routes.5 2016-06-30 17:55:21.741322829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-routes.5 2016-08-06 07:58:50.608815989 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-routes
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-ROUTES" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-ROUTES" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-rtrules.5 shorewall6-5.0.11/manpages/shorewall6-rtrules.5
--- shorewall6-5.0.10/manpages/shorewall6-rtrules.5 2016-06-30 17:55:22.221802829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-rtrules.5 2016-08-06 07:58:51.156812310 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-rtrules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-RTRULES" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-RTRULES" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-rules.5 shorewall6-5.0.11/manpages/shorewall6-rules.5
--- shorewall6-5.0.10/manpages/shorewall6-rules.5 2016-06-30 17:55:23.202782829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-rules.5 2016-08-06 07:58:52.280804766 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-rules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-RULES" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-RULES" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-secmarks.5 shorewall6-5.0.11/manpages/shorewall6-secmarks.5
--- shorewall6-5.0.10/manpages/shorewall6-secmarks.5 2016-06-30 17:55:23.715294829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-secmarks.5 2016-08-06 07:58:52.872800791 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-secmarks
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-SECMARKS" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-SECMARKS" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-stoppedrules.5 shorewall6-5.0.11/manpages/shorewall6-stoppedrules.5
--- shorewall6-5.0.10/manpages/shorewall6-stoppedrules.5 2016-06-30 17:55:24.215794829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-stoppedrules.5 2016-08-06 07:58:53.416797139 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-stoppedrules
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-STOPPEDR" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-STOPPEDR" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-tcclasses.5 shorewall6-5.0.11/manpages/shorewall6-tcclasses.5
--- shorewall6-5.0.10/manpages/shorewall6-tcclasses.5 2016-06-30 17:55:24.780358829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-tcclasses.5 2016-08-06 07:58:54.072792736 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-tcclasses
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-TCCLASSE" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-TCCLASSE" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-tcdevices.5 shorewall6-5.0.11/manpages/shorewall6-tcdevices.5
--- shorewall6-5.0.10/manpages/shorewall6-tcdevices.5 2016-06-30 17:55:25.288866830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-tcdevices.5 2016-08-06 07:58:54.692788573 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-tcdevices
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-TCDEVICE" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-TCDEVICE" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-tcfilters.5 shorewall6-5.0.11/manpages/shorewall6-tcfilters.5
--- shorewall6-5.0.10/manpages/shorewall6-tcfilters.5 2016-06-30 17:55:25.805382830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-tcfilters.5 2016-08-06 07:58:55.336784250 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-tcfilters
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-TCFILTER" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-TCFILTER" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-tcinterfaces.5 shorewall6-5.0.11/manpages/shorewall6-tcinterfaces.5
--- shorewall6-5.0.10/manpages/shorewall6-tcinterfaces.5 2016-06-30 17:55:26.293870830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-tcinterfaces.5 2016-08-06 07:58:55.928780277 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-tcinterfaces
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-TCINTERF" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-TCINTERF" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-tcpri.5 shorewall6-5.0.11/manpages/shorewall6-tcpri.5
--- shorewall6-5.0.10/manpages/shorewall6-tcpri.5 2016-06-30 17:55:26.786362829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-tcpri.5 2016-08-06 07:58:56.500776437 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-tcpri
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-TCPRI" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-TCPRI" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-tunnels.5 shorewall6-5.0.11/manpages/shorewall6-tunnels.5
--- shorewall6-5.0.10/manpages/shorewall6-tunnels.5 2016-06-30 17:55:27.298874829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-tunnels.5 2016-08-06 07:58:57.168771953 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-tunnels
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-TUNNELS" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-TUNNELS" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-vardir.5 shorewall6-5.0.11/manpages/shorewall6-vardir.5
--- shorewall6-5.0.10/manpages/shorewall6-vardir.5 2016-06-30 17:55:27.787362830 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-vardir.5 2016-08-06 07:58:57.776767871 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-vardir
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-VARDIR" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-VARDIR" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/manpages/shorewall6-zones.5 shorewall6-5.0.11/manpages/shorewall6-zones.5
--- shorewall6-5.0.10/manpages/shorewall6-zones.5 2016-06-30 17:55:29.885458829 -0700
+++ shorewall6-5.0.11/manpages/shorewall6-zones.5 2016-08-06 07:59:00.632748699 -0700
@@ -2,12 +2,12 @@
.\" Title: shorewall6-zones
.\" Author: [FIXME: author] [see http://docbook.sf.net/el/author]
.\" Generator: DocBook XSL Stylesheets v1.78.1
-.\" Date: 06/30/2016
+.\" Date: 08/06/2016
.\" Manual: Configuration Files
.\" Source: Configuration Files
.\" Language: English
.\"
-.TH "SHOREWALL6\-ZONES" "5" "06/30/2016" "Configuration Files" "Configuration Files"
+.TH "SHOREWALL6\-ZONES" "5" "08/06/2016" "Configuration Files" "Configuration Files"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/releasenotes.txt shorewall6-5.0.11/releasenotes.txt
--- shorewall6-5.0.10/releasenotes.txt 2016-06-30 17:54:28.796430829 -0700
+++ shorewall6-5.0.11/releasenotes.txt 2016-08-06 07:57:47.277241125 -0700
@@ -1,7 +1,7 @@
----------------------------------------------------------------------------
- S H O R E W A L L 5 . 0 . 1 0
+ S H O R E W A L L 5 . 0 . 1 1
----------------------------
- J u n e 3 0 , 2 0 1 6
+ A u g u s t 1 2 , 2 0 1 6
----------------------------------------------------------------------------
I. PROBLEMS CORRECTED IN THIS RELEASE
@@ -14,26 +14,27 @@
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
-1) This release includes defect repair through Shorewall 5.0.9.2.
+1) This release contains defect repair through Shorewall 5.0.10.1.
-2) Previously, the 'update' commmand could result in updated files
- having the user's default permissions rather than the permissions
- of the original file. That has been corrected.
+2) In Shorewall 5.0, the default chain for DSCP rules was
+ inadvertently chained to PREROUTING (FORWARD, if
+ MARK_IN_FORWARD_CHAIN=Yes).
-3) A number of update and update-compatibility issues have been
- corrected:
+ The default is now restored to POSTROUTING, its earlier value.
- a) : (e.g., "fred:") is once again accepted in USER columns.
- b) The USER column in the mangle file can once again be specified
- when :T is the chain designator.
- c) The 'notrack' file is now correctly appended to the 'mangle'
- file during update.
- d) IPMARK entries in 'tcrules' are now correctly converted into
- the 'mangle' file.
+3) When 'trace' was specified, prevously the output of ip[6]tables
+ rules containing a comment were displayed incorrectly. The "-m
+ comment --comment" specification was missing and the comment was
+ not enclosed in double quotes. This has been corrected.
-4) When multiple zones are configured on an interface, the 'tcpflags',
- 'nosmurfs' and 'maclist' options could previously result in silly
- duplicate rules. That problem has been corrected.
+4) Previously, if a provider interface matched only a wildcard entry
+ (one whose physical interface name ended in '+'), then the
+ generated script would always find the interface to be
+ unusable. That has been corrected.
+
+5) A change released in 5.0.9.1 and that allowed simple traffic
+ shaping to support more than 9 interfaces prevented some users'
+ configurations from starting. That has been corrected.
----------------------------------------------------------------------------
I I. K N O W N P R O B L E M S R E M A I N I N G
@@ -50,34 +51,21 @@
I I I. N E W F E A T U R E S I N T H I S R E L E A S E
----------------------------------------------------------------------------
-1) The 'allow' command can now remove entries from the ipset-based
- dynamic blacklists.
-
- allow ...
+1) When using the alternate input form, it is now possible to specify
+ a comment to be attached to the generated ip[6]tables rule. Simply
+ use the 'comment' keyword. If the comment contains embedded white
+ space, then it must be enclosed in double quotes. Any double
+ quotes embedded in the comment must be escaped using a backslash.
-2) A new 'dbl' (Dynamic Blacklist) option is now available in the
- 'interfaces' file. Possible settings are:
+ Example:
- none - equivalent to specifying 'nodbl'.
- src - packets entering the firewall on the interface have their
- source IP address checked against the ipset-based
- blacklist.
- dst - packets entering the firewall on the interface have their
- destination IP address checked against the ipset-based
- blacklist.
- src-dst - packets entering the firewall on the interface have their
- source IP address checked against the ipset-based
- blacklist. Packets originating on the fireawll and
- leaving through the interface have their destination IP
- address checked against the ipset-based blacklist.
+ ACCEPT net $FW { proto=tcp, dport=22, comment="Accept \"SSH\"" }
- The normal setting for an internet-facing interface will be either
- 'src' or 'src-dst'. The normal setting for an internal interface
- will be either 'none' or 'dst'.
+2) OPTIMIZE level 16 no longer deletes duplicate COUNT rules, allowing
+ multiple similar COUNT rules in a chain.
-3) The RPMs from shorewall.net are now created to assume that systemd
- is being used. They are targeted specifically at OpenSuSE and have
- been verified on OpenSuSE 42.1.
+3) Beginning with this release, source RPMs are available on the
+ download sites.
----------------------------------------------------------------------------
I V. M I G R A T I O N I S S U E S
@@ -238,6 +226,91 @@
----------------------------------------------------------------------------
V. N O T E S F R O M O T H E R 5 . 0 R E L E A S E S
----------------------------------------------------------------------------
+ P R O B L E M S C O R R E C T E D I N 5 . 0 . 1 0
+----------------------------------------------------------------------------
+
+5.0.10.1
+
+1) Several issues with the Debian SysV init scripts have been
+ corrected:
+
+ a) The scripts now issue progress messages for the 'stop' command
+ based on the setting of SAFESTOP in /etc/default/shorewall*.
+
+ b) The firewall is now stopped or cleared in runlevel 1 (minimal),
+ based on the setting of SAFESTOP.
+
+ c) A typo in the Shorewall init script prevented the force-stop
+ command from working correctly.
+
+ Roberto Sánchez.
+
+5.0.10
+
+1) This release includes defect repair through Shorewall 5.0.9.2.
+
+2) Previously, the 'update' commmand could result in updated files
+ having the user's default permissions rather than the permissions
+ of the original file. That has been corrected.
+
+3) A number of update and update-compatibility issues have been
+ corrected:
+
+ a) : (e.g., "fred:") is once again accepted in USER columns.
+ b) The USER column in the mangle file can once again be specified
+ when :T is the chain designator.
+ c) The 'notrack' file is now correctly appended to the 'mangle'
+ file during update.
+ d) IPMARK entries in 'tcrules' are now correctly converted into
+ the 'mangle' file.
+
+4) When multiple zones are configured on an interface, the 'tcpflags',
+ 'nosmurfs' and 'maclist' options could previously result in silly
+ duplicate rules. That problem has been corrected.
+
+----------------------------------------------------------------------------
+ N E W F E A T U R E S I N 5 . 0 . 1 0
+----------------------------------------------------------------------------
+
+5.0.10.1
+
+1) You can now specify LOGFILE=systemd to cause 'journelctl -r' to be
+ used to read the system log (journel).
+
+ Scott Sumate.
+
+5.0.10
+
+1) The 'allow' command can now remove entries from the ipset-based
+ dynamic blacklists.
+
+ allow ...
+
+2) A new 'dbl' (Dynamic Blacklist) option is now available in the
+ 'interfaces' file. Possible settings are:
+
+ none - equivalent to specifying 'nodbl'.
+ src - packets entering the firewall on the interface have their
+ source IP address checked against the ipset-based
+ blacklist.
+ dst - packets entering the firewall on the interface have their
+ destination IP address checked against the ipset-based
+ blacklist.
+ src-dst - packets entering the firewall on the interface have their
+ source IP address checked against the ipset-based
+ blacklist. Packets originating on the fireawll and
+ leaving through the interface have their destination IP
+ address checked against the ipset-based blacklist.
+
+ The normal setting for an internet-facing interface will be either
+ 'src' or 'src-dst'. The normal setting for an internal interface
+ will be either 'none' or 'dst'.
+
+3) The RPMs from shorewall.net are now created to assume that systemd
+ is being used. They are targeted specifically at OpenSuSE and have
+ been verified on OpenSuSE 42.1.
+
+----------------------------------------------------------------------------
P R O B L E M S C O R R E C T E D I N 5 . 0 . 9
----------------------------------------------------------------------------
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/Samples6/one-interface/shorewall6.conf.annotated shorewall6-5.0.11/Samples6/one-interface/shorewall6.conf.annotated
--- shorewall6-5.0.10/Samples6/one-interface/shorewall6.conf.annotated 2016-06-30 17:55:38.762326829 -0700
+++ shorewall6-5.0.11/Samples6/one-interface/shorewall6.conf.annotated 2016-08-06 07:59:11.340676819 -0700
@@ -180,12 +180,13 @@
#
LOGFILE=
#
-# LOGFILE=[pathname]
+# LOGFILE=[pathname|systemd]
#
# This parameter tells the /sbin/shorewall6 program where to look for
# Shorewall6 messages when processing the dump, logwatch, show log, and hits
# commands. If not assigned or if assigned an empty value, /var/log/messages
-# is assumed.
+# is assumed. Beginning with Shorewall 5.0.10.1, you may specify systemd to
+# use journelctl -r to read the log.
#
LOGFORMAT="Shorewall:%s:%s:"
#
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/Samples6/three-interfaces/shorewall6.conf.annotated shorewall6-5.0.11/Samples6/three-interfaces/shorewall6.conf.annotated
--- shorewall6-5.0.10/Samples6/three-interfaces/shorewall6.conf.annotated 2016-06-30 17:55:40.235798829 -0700
+++ shorewall6-5.0.11/Samples6/three-interfaces/shorewall6.conf.annotated 2016-08-06 07:59:13.096665031 -0700
@@ -179,12 +179,13 @@
#
LOGFILE=/var/log/messages
#
-# LOGFILE=[pathname]
+# LOGFILE=[pathname|systemd]
#
# This parameter tells the /sbin/shorewall6 program where to look for
# Shorewall6 messages when processing the dump, logwatch, show log, and hits
# commands. If not assigned or if assigned an empty value, /var/log/messages
-# is assumed.
+# is assumed. Beginning with Shorewall 5.0.10.1, you may specify systemd to
+# use journelctl -r to read the log.
#
LOGFORMAT="Shorewall:%s:%s:"
#
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/Samples6/two-interfaces/shorewall6.conf.annotated shorewall6-5.0.11/Samples6/two-interfaces/shorewall6.conf.annotated
--- shorewall6-5.0.10/Samples6/two-interfaces/shorewall6.conf.annotated 2016-06-30 17:55:41.977538829 -0700
+++ shorewall6-5.0.11/Samples6/two-interfaces/shorewall6.conf.annotated 2016-08-06 07:59:15.192650961 -0700
@@ -179,12 +179,13 @@
#
LOGFILE=/var/log/messages
#
-# LOGFILE=[pathname]
+# LOGFILE=[pathname|systemd]
#
# This parameter tells the /sbin/shorewall6 program where to look for
# Shorewall6 messages when processing the dump, logwatch, show log, and hits
# commands. If not assigned or if assigned an empty value, /var/log/messages
-# is assumed.
+# is assumed. Beginning with Shorewall 5.0.10.1, you may specify systemd to
+# use journelctl -r to read the log.
#
LOGFORMAT="Shorewall:%s:%s:"
#
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/Samples6/Universal/shorewall6.conf.annotated shorewall6-5.0.11/Samples6/Universal/shorewall6.conf.annotated
--- shorewall6-5.0.10/Samples6/Universal/shorewall6.conf.annotated 2016-06-30 17:55:43.747306829 -0700
+++ shorewall6-5.0.11/Samples6/Universal/shorewall6.conf.annotated 2016-08-06 07:59:17.248637159 -0700
@@ -179,12 +179,13 @@
#
LOGFILE=
#
-# LOGFILE=[pathname]
+# LOGFILE=[pathname|systemd]
#
# This parameter tells the /sbin/shorewall6 program where to look for
# Shorewall6 messages when processing the dump, logwatch, show log, and hits
# commands. If not assigned or if assigned an empty value, /var/log/messages
-# is assumed.
+# is assumed. Beginning with Shorewall 5.0.10.1, you may specify systemd to
+# use journelctl -r to read the log.
#
LOGFORMAT="Shorewall:%s:%s:"
#
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/shorewall6.spec shorewall6-5.0.11/shorewall6.spec
--- shorewall6-5.0.10/shorewall6.spec 2016-06-30 17:54:28.788422830 -0700
+++ shorewall6-5.0.11/shorewall6.spec 2016-08-06 07:57:47.273241152 -0700
@@ -1,5 +1,5 @@
%define name shorewall6
-%define version 5.0.10
+%define version 5.0.11
%define release 0base
Summary: Shoreline Firewall 6 is an ip6tables-based firewall for Linux systems.
@@ -119,6 +119,16 @@
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn ipv6 Samples6
%changelog
+* Sat Aug 06 2016 Tom Eastep tom@shorewall.net
+- Updated to 5.0.11-0base
+* Sat Jul 30 2016 Tom Eastep tom@shorewall.net
+- Updated to 5.0.11-0RC1
+* Wed Jul 27 2016 Tom Eastep tom@shorewall.net
+- Updated to 5.0.11-0Beta2
+* Tue Jul 19 2016 Tom Eastep tom@shorewall.net
+- Updated to 5.0.11-0Beta1
+* Fri Jul 08 2016 Tom Eastep tom@shorewall.net
+- Updated to 5.0.10-1
* Sat Jun 25 2016 Tom Eastep tom@shorewall.net
- Updated to 5.0.10-0base
* Tue Jun 21 2016 Tom Eastep tom@shorewall.net
diff -Naurdw -X /home/teastep/shorewall/tools/build/exclude.txt shorewall6-5.0.10/uninstall.sh shorewall6-5.0.11/uninstall.sh
--- shorewall6-5.0.10/uninstall.sh 2016-06-30 17:54:28.788422830 -0700
+++ shorewall6-5.0.11/uninstall.sh 2016-08-06 07:57:47.269241178 -0700
@@ -26,7 +26,7 @@
# You may only use this script to uninstall the version
# shown below. Simply run this script to remove Shorewall Firewall
-VERSION=5.0.10
+VERSION=5.0.11
PRODUCT=shorewall6
Product=Shorewall6