Shorewall 5.2.3.4 Released

Shorewall 5.2.3.4 is now available for download. Shorewall is a gateway/firewall configuration tool for GNU/Linux, written in Perl.

Problems Corrected:

1) If multi-queue NFQUEUE (e.g., NFQUEUE(0:1) ) WAS used as a policy, an error such as the following was previously incorrectly raised.

ERROR: Invalid policy (NFQUEUE(0) /etc/shorewall/policy (line
15)

That has been corrected such that no error is raised.

2) If multi-queue NFQUEUE( e.g., NFQUEUE(0:1,bypass) ) was passed to a
macro, an error such as the following was previously incorrectly
raised:

ERROR: Invalid ACTION (PARAM:1c,bypass)))
/usr/share/shorewall/macro.BitTorrent (line 12)
from /etc/shorewall/rules (line 40)

Now, the NFQUEUE action is correctly substituted for PARAM in
the Macro body.

3) If shorewall[6].conf didn't set AUTOMAKE, the 'update' command
previously produced a new file with 'AUTOMAKE=Yes'. This resulted
in an unexpected change of behavior. Now, the new file contains
'AUTOMAKE=No', which preserves the pre-update behavior.

4) Shorewall-rules(5) incorrectly stated that the 'bypass' option to
NFQUEUE causes the rule to be silently bypassed if there is no
application attached to the queue. The actual behavior is that the
rule acts like ACCEPT in that case. Shorewall-rules(5) has been
corrected.

Leave a comment

About Dean

user-pic I blog about Perl. Need an open source firewall or some perl work in Australia? Give me a call!