Shorewall users - Nov 2011 - Shorewall 4.4.25.3

Shorewall 4.4.25.3 is now available for download.

Problems Corrected:

1)  Previously, the following configuration produced an incorrect
    ruleset:

    zones:

	host	firewall
	uw	ipv4
	net	ipv4

    interfaces:

	-	enet		detect		physical=+

    hosts:

	net	enet:0.0.0.0/0
	uw	enet:$N_ALL_UW_AFFILIATED

    Here''s an example of the problem; from ''shorewall show
INPUT'':

    	Chain INPUT (policy DROP 0 packets, 0 bytes)
    	pkts  bytes  target     prot opt in     out     source ...
    	1678  54427  dynamic    all  --  *      *       0.0.0.0/0 ...
    	33631 4085K  enet_in    all  --  *      *       0.0.0.0/0 ...
        0     0      ACCEPT     all  --  lo     *       0.0.0.0/0 ...
        0     0      enet_in    all  --  *      *       0.0.0.0/0 ...
    	...

    Note that the ACCEPT rule for the loopback device occurs after
    an unconditional jump to ''enet_in'' and that there are two
    such jumps.

    Now, this sequence is generated:

    	Chain INPUT (policy DROP 0 packets, 0 bytes)
    	pkts  bytes  target     prot opt in     out     source ...
    	1678  54427  dynamic    all  --  *      *       0.0.0.0/0 ...
        0     0      ACCEPT     all  --  lo     *       0.0.0.0/0 ...
    	33631 4085K  enet_in    all  --  *      *       0.0.0.0/0 ...
    	...

2)  The Debian init scripts (with the exception of Shorewall-init) now
    support the ''status'' command.

Thank you for using Shorewall,
-Tom

Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________




------------------------------------------------------------------------------
RSA(R) Conference 2012
Save $700 by Nov 18
Register now
http://p.sf.net/sfu/rsa-sfdev2dev1