Shorewall 1.3.3 is now available for download. In this release: 1. Entries in /etc/shorewall/interface that use the wildcard character ("+") now have the "multi" option assumed. 2. The ''rfc1918'' chain in the mangle table has been renamed ''man1918'' to make log messages generated from that chain distinguishable from those generated by the ''rfc1918'' chain in the filter table. 3. Interface names appearing in the hosts file are now validated against the interfaces file. 4. The TARGET column in the rfc1918 file is now checked for correctness. 5. The ''hits'' command has been enhanced. 6. The structure of chains in the nat table has been changed to reduce the number of rules that packets must traverse and to correct problems with NAT_BEFORE_RULES=No. For those of you who have installed the 1.3.3 Beta: a) If you installed the .tgz, you may simply wish to replace the firewall, shorewall and rfc1918 files: cd shorewall-1.3.3 cp -a shorewall /sbin cp -a firewall /var/lib/shorewall cp -a rfc1918 /etc/shorewall b) If you installed the .rpm: rpm -Uvh --force shorewall-1.3.3-1.noarch.rpm -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net