Overview
Request 137409 accepted
- Update to 4.5.8.1 For more details see changelog.txt and
releasenotes.txt
* When ipset version 5 or later was installed, the 'shorewall show
dynamic <zone>' command produced no outout and the 'add' command
failed with this error message:
Zone <zone>, interface <interface> does not have a dynamic
host list"
* When generating ipset names for dynamic zones, the compiler was
dropping dashes ('-') from the interface name and adding a unique
suffix. For example the ipset for zone 'foo' and interface 'bar-if'
might be 'foo_barif_1'. Dashes are now retained so that the
generated set name in this example will be 'foo_bar-if'. This change
also allows the 'add' and 'delete' commands to work correctly when
the interface name contains one or more dashes.
Although dash is documented as being an accepted character in ipset
names, names containing a dash would generate an error in some
contexts. That has also been corrected.
* In most contexts, Shorewall6 has required IPv6 addresses to be
enclosed in either angled brackets ( <....> , deprecated) or in
square brackets ([....]). This includes network addresses, where
both the IPv6 address and the VLSM are required to be within the
brackets (e.g., [2001;470:b:787::/64]). This differs from the
industry-standard network form in which the IPv6 address is enclosed
in square brackets and the VLSM is outside of the brackets (e.g.,
[2001:470:b:787::]/64). Beginning with this release, the
industry-standard representation is also accepted by Shorewall6.
Note: Those of you who read the patches will probably have noticed
that much of this change was actually in 4.5.8; because the change
was commited late in the 4.5.8 release cycle, we chose not to
document the change until it had undergone additional testing. (forwarded request 137407 from toganm)
Request History
toganm created request
- Update to 4.5.8.1 For more details see changelog.txt and
releasenotes.txt
* When ipset version 5 or later was installed, the 'shorewall show
dynamic <zone>' command produced no outout and the 'add' command
failed with this error message:
Zone <zone>, interface <interface> does not have a dynamic
host list"
* When generating ipset names for dynamic zones, the compiler was
dropping dashes ('-') from the interface name and adding a unique
suffix. For example the ipset for zone 'foo' and interface 'bar-if'
might be 'foo_barif_1'. Dashes are now retained so that the
generated set name in this example will be 'foo_bar-if'. This change
also allows the 'add' and 'delete' commands to work correctly when
the interface name contains one or more dashes.
Although dash is documented as being an accepted character in ipset
names, names containing a dash would generate an error in some
contexts. That has also been corrected.
* In most contexts, Shorewall6 has required IPv6 addresses to be
enclosed in either angled brackets ( <....> , deprecated) or in
square brackets ([....]). This includes network addresses, where
both the IPv6 address and the VLSM are required to be within the
brackets (e.g., [2001;470:b:787::/64]). This differs from the
industry-standard network form in which the IPv6 address is enclosed
in square brackets and the VLSM is outside of the brackets (e.g.,
[2001:470:b:787::]/64). Beginning with this release, the
industry-standard representation is also accepted by Shorewall6.
Note: Those of you who read the patches will probably have noticed
that much of this change was actually in 4.5.8; because the change
was commited late in the 4.5.8 release cycle, we chose not to
document the change until it had undergone additional testing. (forwarded request 137407 from toganm)
factory-auto added a reviewer
Please review sources
a_jaeger approved review
ok
coolo accepted request
checkin
licensedigger accepted review
{"approve": "preliminary, version number changed"}
factory-auto accepted review
Builds for repo Kernel_HEAD
a_jaeger accepted review
ok
