Shorewall 4.6.4 Beta 2 is now available for testing. It comes shortly
after Beta 1, but there are a couple of changes that I want feedback on.
Problems Corrected since Beta 1:
1) A warning message generated during stoppedrules processing
previously referred to the file as routestopped.
2) Previously, the stoppedrules file did not work properly when
ADMINISABSENTMINDED=No.
- A warning message was issued stating that the file would be
processed as if ADMINISABSENTMINDED=Yes, and it was.
- Unfortunately, part of the surrounding rule-generating logic
proceded as if ADMINISABSENTMINDED=No, leading to an unusable
ruleset.
This problem has been corrected by changing the way that
stoppedrules works with ADMINISABSENTMINDED=No. In the new
implementation:
- All existing connections continue to work.
- Response packets and related connection requests to new accepted
connections are accepted (in other words, the resulting ruleset
is stateful).
See shorewall[6].conf(5) for additional details.
New Features since Beta 1:
3) A LOG_BACKEND option has been added to allow specification of the
default logging backends. See shorewall.conf(5) and
shorewall6.conf(5) for details.
Comments and suggestions are welcome.
Thanks for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk