Shorewall 是一个基于 iptables 的Linux防火墙,具有配置简单灵活的特点,可以用来作为防火墙、网关以及路由器的功能。
新版本的改进内容包括:
1. Support for the shell-based configuration compiler (shorewall-shell) has been discontinued.
2. Support for the Hierarchical Fair Service Curve (HFSC) queuing discipline has been... added.
3. Support for the 'flow' classifier has been added.
4. Support for per-IP traffic shaping/QOS has been added.
5. Dynamic zones are once again available for IPv4.
6. Dynamic zone support is based on ipsets.
7. Connection rate-limiting by both source and destination IP address is now available | 
