search for: variosecur

...1.4.7 Beta and 1.4.6c releases respectively. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net -------------- next part -------------- An embedded message was scrubbed... From: "Eric E. Bowles" <bowles@VarioSecure.Net> Subject: [Shorewall-devel] Getting confused by IPv6 addresses Date: Thu, 28 Aug 2003 15:39:34 +0900 Size: 4299 Url: http://lists.shorewall.net/pipermail/shorewall-users/attachments/20030828/8fc43844/attachment.eml

Hello! We were just wondering if it would be possible to modify Shorewall in a future version so that the ORIGINAL DEST field in the "rules" file could take zones, or better, the full grammar normally allowed in the DEST field when matching other types of firewall rules. The advantage is that it would allow aggregation of destination information in cases where we need to apply

Hi, [Summary] There seems to be a bug when using the "+" wildcard notation in the interfaces file, in that rules are not generated in the fwd chain to permit traffic going out an interface with a "+" in it. [Details] The interface entries: loc tun0 detect routeback,newnotsyn loc tun1 detect routeback,newnotsyn loc tun2

Hi there, Shorewall 1.4.6b will emit an error message if you configure static NAT entries (in the "nat" file) on an interface that has IPv6 addresses assigned. Here''s the error message from "shorewall restart": [...] Activating Rules... Adding IP Addresses... /usr/share/shorewall/firewall: line 244: 0 | fe80::20d:48ff:fe17:58 : syntax error in expression (error

Hello! We''re seeing a problem that I think is more of a Netfilter or kernel issue than anything to do with Shorewall, but I thought I would ask about it here, too, to see if anyone has suggestions. What we''re seeing is that, when we do a very fast port scan of a system on the other side of a firewall with Shorewall installed and various common rules, a majority of the denied