thr3ads.net - Shorewall announce - [Shorewall-users] Shorewall 1.4.3a [May 2003]

If this information is useful, please help other people find it:
Share via:

Tom Eastep

2003-May-20 08:55 UTC

[Shorewall-users] Shorewall 1.4.3a

This version primarily corrects the documentation included in the .tgz and 
in the .rpm. In addition:

1) (This change is in 1.4.3 but is not documented) If you are running 
iptables 1.2.7a and kernel 2.4.20, then Shorewall will return reject 
replies as follows:
   a) tcp - RST
   b) udp - ICMP port unreachable
   c) icmp - ICMP host unreachable
   d) Otherwise - ICMP host prohibited
  If you are running earlier software, Shorewall will follow it''s 
traditional convention:
   a) tcp - RST
   b) Otherwise - ICMP port unreachable

2) UDP port 135 is now silently dropped in the common.def chain. Remember 
that this chain is traversed just before a DROP or REJECT policy is 
enforced.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://www.shorewall.net
Washington USA  \ teastep@shorewall.net

Possibly Parallel Threads

Search for more seemingly similar threads

Shorewall announce - May 2003 - Shorewall 1.4.3a

[Shorewall-users] Shorewall 1.4.3a

Possibly Parallel Threads

Wisdom of the Ancients