RC 1 is now available for testing.
Fixes several bugs present in earlier releases and implements a couple
of new features:
1) Blacklisting can now be done by destination IP address as well as
by source address.
The /etc/shorewall/blacklist and /etc/shorewall6/blacklist files
now have an optional OPTIONS column. Initially, this column can
contain either ''from'' (the default) or
''to''; the latter causes the
address(es) in the ADDRESS/SUBNET column to be interpreted as a
DESTINATION address rather than a source address.
Note that static blacklisting is still restricted to traffic
ARRIVING on an interface that has the ''blacklist'' option
set. So to
block traffic from your local network to an internet host, you must
specify ''blacklist'' on your internal interface.
Similarly, dynamic blacklisting has been enhanced to recognize the
''from'' and ''to'' keywords.
Example:
shorewall drop to 1.2.3.4
This command will silently drop connection requests to1.2.3.4.
The reciprocal of that command would be:
shorewall allow to 1.2.3.4
2) The status command now displays the directory containing the .conf
file (shorewall.conf or shorewall6.conf) when the running
configuration was compiled.
Example:
gateway:/etc/shorewall# shorewall status
Shorewall-4.4.12-RC1 Status at gateway - Thu Aug 12 19:41:51 ...
Shorewall is running
State:Started (Thu Aug 12 19:41:48 PDT 2010) from /etc/shorewall/
gateway:/etc/shorewall#
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
This SF.net email is sponsored by
Make an app they can''t live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev
Tom If the following commands are issued: shorewall6 forget firewall shorewall6 start the following messages are produced: /bin/sh: /var/lib/shorewall6/firewall: No such file or directory /usr/share/shorewall6/lib.common: line 73: [: -lt: unary operator expected /bin/sh: /var/lib/shorewall6/firewall: No such file or directory Note: This only happens with shorewall6 not shorewall. Steven. ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can''t live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
On 8/14/10 6:42 AM, Steven Jan Springl wrote:> Tom > > If the following commands are issued: > > shorewall6 forget firewall > shorewall6 start > > the following messages are produced: > > /bin/sh: /var/lib/shorewall6/firewall: No such file or directory > /usr/share/shorewall6/lib.common: line 73: [: -lt: unary operator expected > /bin/sh: /var/lib/shorewall6/firewall: No such file or directory > > Note: This only happens with shorewall6 not shorewall.Steven, I''m unable to reproduce this problem. If you can readily reproduce it, then please use ''sh -x /sbin/shorewall6 start 2>trace'' and send me the trace file. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can''t live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
On 8/14/10 7:08 AM, Tom Eastep wrote:> On 8/14/10 6:42 AM, Steven Jan Springl wrote: >> Tom >> >> If the following commands are issued: >> >> shorewall6 forget firewall >> shorewall6 start >> >> the following messages are produced: >> >> /bin/sh: /var/lib/shorewall6/firewall: No such file or directory >> /usr/share/shorewall6/lib.common: line 73: [: -lt: unary operator expected >> /bin/sh: /var/lib/shorewall6/firewall: No such file or directory >> >> Note: This only happens with shorewall6 not shorewall. > > Steven, > > I''m unable to reproduce this problem. If you can readily reproduce it, > then please use ''sh -x /sbin/shorewall6 start 2>trace'' and send me the > trace file.Never mind -- it occurs when AUTOMAKE=Yes is specified. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can''t live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
On 8/14/10 7:20 AM, Tom Eastep wrote:> > Never mind -- it occurs when AUTOMAKE=Yes is specified.Commit 72b8393c3acbc6d98ea1f2e69dbe910969bb6d49 seems to fix it. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can''t live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
On Saturday 14 August 2010 15:56:50 Tom Eastep wrote:> On 8/14/10 7:20 AM, Tom Eastep wrote: > > Never mind -- it occurs when AUTOMAKE=Yes is specified. > > Commit 72b8393c3acbc6d98ea1f2e69dbe910969bb6d49 seems to fix it. > > -TomTom Do you have a link to this commit as Sourceforge is saying the last commit was 12 hours ago? Steven. ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can''t live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
On 8/14/10 8:27 AM, Steven Jan Springl wrote:> On Saturday 14 August 2010 15:56:50 Tom Eastep wrote: >> On 8/14/10 7:20 AM, Tom Eastep wrote: >>> Never mind -- it occurs when AUTOMAKE=Yes is specified. >> >> Commit 72b8393c3acbc6d98ea1f2e69dbe910969bb6d49 seems to fix it. >> >> -Tom > > Tom > > Do you have a link to this commit as Sourceforge is saying the last commit was > 12 hours ago?Sorry, Steven -- I neglected to push it. It is there now. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can''t live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
On Saturday 14 August 2010 16:40:42 Tom Eastep wrote:> On 8/14/10 8:27 AM, Steven Jan Springl wrote: > > On Saturday 14 August 2010 15:56:50 Tom Eastep wrote: > >> On 8/14/10 7:20 AM, Tom Eastep wrote: > >>> Never mind -- it occurs when AUTOMAKE=Yes is specified. > >> > >> Commit 72b8393c3acbc6d98ea1f2e69dbe910969bb6d49 seems to fix it. > >> > >> -Tom > > > > Tom > > > > Do you have a link to this commit as Sourceforge is saying the last > > commit was 12 hours ago? > > Sorry, Steven -- I neglected to push it. It is there now. > > -TomTom I can confirm the patches seem to work. Thank you. Steven. ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can''t live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
can someone pls tell me how to unsubscribe? Am 14.08.2010 18:19, schrieb Steven Jan Springl:> On Saturday 14 August 2010 16:40:42 Tom Eastep wrote: > >> On 8/14/10 8:27 AM, Steven Jan Springl wrote: >> >>> On Saturday 14 August 2010 15:56:50 Tom Eastep wrote: >>> >>>> On 8/14/10 7:20 AM, Tom Eastep wrote: >>>> >>>>> Never mind -- it occurs when AUTOMAKE=Yes is specified. >>>>> >>>> Commit 72b8393c3acbc6d98ea1f2e69dbe910969bb6d49 seems to fix it. >>>> >>>> -Tom >>>> >>> Tom >>> >>> Do you have a link to this commit as Sourceforge is saying the last >>> commit was 12 hours ago? >>> >> Sorry, Steven -- I neglected to push it. It is there now. >> >> -Tom >> > Tom > > I can confirm the patches seem to work. Thank you. > > Steven. > > ------------------------------------------------------------------------------ > This SF.net email is sponsored by > > Make an app they can''t live without > Enter the BlackBerry Developer Challenge > http://p.sf.net/sfu/RIM-dev2dev > _______________________________________________ > Shorewall-devel mailing list > Shorewall-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-devel >------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can''t live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
--- On Sat, 8/14/10, David Butsch <david.butsch@arcor.de> wrote:> can someone pls tell me how to > unsubscribe?search for "List-Unsubscribe" in e-mail headers. ------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can''t live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev