This is a minor release of Shorewall. In this release: 1. A "shorewall try" command has been added. This command attempts to restart Shorewall using an alternate configuration and if that attempt fails, Shorewall is automatically started with the default configuration. This is useful for remote administration where a failed restart of Shorewall can leave you isolated from the firewall. 2. If ADD_SNAT_ALIASES=Yes, aliases for SNAT will now be automatically added. 3. A copyright has been added to all documentation. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net
Tom, the new "try" option doesn''t seem to be implemented in the rpm version I just downloaded from your site. As far as I could see it is not an option in the source code. I haven''t try other format. Thought you might like to know that Pascal On Wed, 2002-03-20 at 06:51, Tom Eastep wrote:> This is a minor release of Shorewall. > > In this release: > > 1. A "shorewall try" command has been added. This command attempts to > restart Shorewall using an alternate configuration and if that > attempt fails, Shorewall is automatically started with the default > configuration. This is useful for remote administration where a > failed restart of Shorewall can leave you isolated from the > firewall. > > 2. If ADD_SNAT_ALIASES=Yes, aliases for SNAT will now be automatically > added. > > 3. A copyright has been added to all documentation. > > -Tom > -- > Tom Eastep \ Shorewall - iptables made easy > AIM: tmeastep \ http://www.shorewall.net > ICQ: #60745924 \ teastep@shorewall.net > > > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@shorewall.net > http://www.shorewall.net/mailman/listinfo/shorewall-users
Pascal, Are you sure that you have version 1.2.10? What does "shorewall version" show? -Tom ----- Original Message ----- From: "Pascal DeMilly" <list.shorewall@newgenesys.com> To: "Shorewall users list" <shorewall-users@shorewall.net> Sent: Wednesday, March 20, 2002 8:46 AM Subject: Re: [Shorewall-users] Shorewall 1.2.10> Tom, > > the new "try" option doesn''t seem to be implemented in the rpm version I > just downloaded from your site. As far as I could see it is not an > option in the source code. I haven''t try other format. > > Thought you might like to know that > > Pascal > > > On Wed, 2002-03-20 at 06:51, Tom Eastep wrote: > > This is a minor release of Shorewall. > > > > In this release: > > > > 1. A "shorewall try" command has been added. This command attempts to > > restart Shorewall using an alternate configuration and if that > > attempt fails, Shorewall is automatically started with the default > > configuration. This is useful for remote administration where a > > failed restart of Shorewall can leave you isolated from the > > firewall. > > > > 2. If ADD_SNAT_ALIASES=Yes, aliases for SNAT will now be automatically > > added. > > > > 3. A copyright has been added to all documentation. > > > > -Tom > > -- > > Tom Eastep \ Shorewall - iptables made easy > > AIM: tmeastep \ http://www.shorewall.net > > ICQ: #60745924 \ teastep@shorewall.net > > > > > > > > _______________________________________________ > > Shorewall-users mailing list > > Shorewall-users@shorewall.net > > http://www.shorewall.net/mailman/listinfo/shorewall-users > > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@shorewall.net > http://www.shorewall.net/mailman/listinfo/shorewall-users >
I scp''ed the rpm from the web/ftp server to my firewall and did the following: [root@gateway root]# rpm -Uvh --oldpackage --force shorewall-1.2-10.noarch.rpm Preparing... ########################################### [100%] 1:shorewall ########################################### [100%] [root@gateway root]# shorewall help Usage: shorewall [debug] [nolock] [-c <directory>] <command> where <command> is one of: show [<chain>|connections|log|nat|tc|tos] start stop reset restart status clear refresh hits monitor [<refresh interval>] version check try <directory> [root@gateway root The ''try'' command sure seems to be there.... -Tom ----- Original Message ----- From: "Pascal DeMilly" <list.shorewall@newgenesys.com> To: "Shorewall users list" <shorewall-users@shorewall.net> Sent: Wednesday, March 20, 2002 8:46 AM Subject: Re: [Shorewall-users] Shorewall 1.2.10> Tom, > > the new "try" option doesn''t seem to be implemented in the rpm version I > just downloaded from your site. As far as I could see it is not an > option in the source code. I haven''t try other format. > > Thought you might like to know that > > Pascal > > > On Wed, 2002-03-20 at 06:51, Tom Eastep wrote: > > This is a minor release of Shorewall. > > > > In this release: > > > > 1. A "shorewall try" command has been added. This command attempts to > > restart Shorewall using an alternate configuration and if that > > attempt fails, Shorewall is automatically started with the default > > configuration. This is useful for remote administration where a > > failed restart of Shorewall can leave you isolated from the > > firewall. > > > > 2. If ADD_SNAT_ALIASES=Yes, aliases for SNAT will now be automatically > > added. > > > > 3. A copyright has been added to all documentation. > > > > -Tom > > -- > > Tom Eastep \ Shorewall - iptables made easy > > AIM: tmeastep \ http://www.shorewall.net > > ICQ: #60745924 \ teastep@shorewall.net > > > > > > > > _______________________________________________ > > Shorewall-users mailing list > > Shorewall-users@shorewall.net > > http://www.shorewall.net/mailman/listinfo/shorewall-users > > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@shorewall.net > http://www.shorewall.net/mailman/listinfo/shorewall-users >