No need to upgrade to this release if you already have the new bogons file or don''t use that file. The primary change is a fix to the install.sh script which previously gave an error on a new install. http://shorewall.net/pub/shorewall/2.0/shorewall-2.0.11 ftp://shorewall.net/pub/shorewall/2.0/shorewall-2.0.11 Problems corrected in 2.0.11 1) The INSTALL file now include special instructions for Slackware users. 2) The bogons file has been updated. 3) Service names are replaced by port numbers in /etc/shorewall/tos. 4) A typo in the install.sh file that caused an error during a new install has been corrected. New Features in 2.0.11 1) The AllowNNTP action now allows NNTP over SSL/TLS (NTTPS). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Tom Eastep wrote:> 3) Service names are replaced by port numbers in /etc/shorewall/tos.what was the reason for this? names are more readable:-( -- Levente "Si vis pacem para bellum!"
On Mon, 2004-11-22 at 21:20 +0100, Farkas Levente wrote:> Tom Eastep wrote: > > 3) Service names are replaced by port numbers in /etc/shorewall/tos. > > what was the reason for this? names are more readable:-( >Because there is no consistency among distributions as to the contents (or even the presense) of /etc/services. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Tom Eastep wrote: >>> > 3) Service names are replaced by port numbers in > /etc/shorewall/tos. > >> what was the reason for this? names are more readable:-( > >Because there is no consistency among distributions as to the contents >(or even the presense) of /etc/services. At the risk of mentioning something that''s been thought of, has it been considered to have a variable in shorewall.conf that could be pointed to the file?
On Tue, 2004-11-23 at 16:42 -0500, Mark A. Hoover wrote:> Tom Eastep wrote: > > >>> > 3) Service names are replaced by port numbers in > > /etc/shorewall/tos. > > > >> what was the reason for this? names are more readable:-( > > > >Because there is no consistency among distributions as to the contents > >(or even the presense) of /etc/services. > > At the risk of mentioning something that''s been thought of, has it been > considered to have a variable in shorewall.conf that could be pointed to > the file?I''ve not seen any case where this would help (/etc/services installed in some other location). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
On Tue, 2004-11-23 at 14:51 -0800, Tom Eastep wrote:> On Tue, 2004-11-23 at 16:42 -0500, Mark A. Hoover wrote: > > Tom Eastep wrote: > > > > >>> > 3) Service names are replaced by port numbers in > > > /etc/shorewall/tos. > > > > > >> what was the reason for this? names are more readable:-( > > > > > >Because there is no consistency among distributions as to the contents > > >(or even the presense) of /etc/services. > > > > At the risk of mentioning something that''s been thought of, has it been > > considered to have a variable in shorewall.conf that could be pointed to > > the file? > > I''ve not seen any case where this would help (/etc/services installed in > some other location).And besides, it is iptables that needs this file; Shorewall doesn''t use it directly. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Tom Eastep wrote: >>> > >>> > 3) Service names are replaced by port numbers in >>> > > /etc/shorewall/tos. >>> > > >>> > >> what was the reason for this? names are more readable:-( >>> > > >>> > >Because there is no consistency among distributions as to the contents >>> > >(or even the presense) of /etc/services. >>> > >>> > At the risk of mentioning something that''s been thought of, has it >>> > been considered to have a variable in shorewall.conf that could be >>> > pointed to the file? >> I''ve not seen any case where this would help (/etc/services installed >> in some other location). > And besides, it is iptables that needs this file; Shorewall doesn''t > use it directly. My apologies then. I thought it was Shorewall that couldn''t find the file, not iptables. I had assumed that Shorewall was reading the /etc/services file and translating that to a port number that it was then passing to iptables. -- ----------------------------------------------------- Have Fun, Suffer and Survive, or Get Lost in the Net! Mark Hoover mahoover@ispaceonline.org