Displaying 20 results from an estimated 6000 matches similar to: "Shorewall 4.4.14 RC 1"
2010 Oct 21
10
KVM and bridge
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
An Ubuntu 10.04 server running Shorewall 4.4.6.1 hosts three KVM
virtual servers on the default libvrt virbr0 bridge at the default
vnet+ bridge ports. The bridge and ports are on a separate private
subnet (192.168.122.0/24). Each bridge port and the bridge itself are
in the dmz, there are two physical interfaces and private local
subnets in loc, and
2010 Nov 25
0
Shorewall in OpenSuSE repositories
Togan Muftuoglu has just informed me that Shorewall is now available in
the following repositories:
<http://download.opensuse.org/repositories/security:/netfilter/openSUSE_11.2>
<http://download.opensuse.org/repositories/security:/netfilter/openSUSE_11.3>
<http://download.opensuse.org/repositories/security:/netfilter/openSUSE_Factory>
Thanks Togan!!
-Tom
--
Tom Eastep
2013 Mar 07
0
Shorewall 4.5.14 RC 1
In case you haven''t guessed by recent development list traffic, RC 1 is
now available for testing.
There are no new features since Beta 3 -- Just bug fixes.
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
2013 Mar 07
0
Shorewall 4.5.14 RC 1
In case you haven''t guessed by recent development list traffic, RC 1 is
now available for testing.
There are no new features since Beta 3 -- Just bug fixes.
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
2010 Jul 09
0
Shorewalll 4.4.11 RC 1
RC 1 is now available for testing. This version corrects several
problems in Beta 3:
1) Release notes now correctly refer to FORWARD_CLEAR_MARK rather than
CLEAR_FORWARD_MARK.
2) The NET3 column in /etc/shorewall/netmap now works correctly.
3) A missing closing quote in the generated script when using
REQUIRE_INTERFACE=Yes has been corrected.
4) The compiler now correctly detects the
2010 Jul 09
0
Shorewalll 4.4.11 RC 1
RC 1 is now available for testing. This version corrects several
problems in Beta 3:
1) Release notes now correctly refer to FORWARD_CLEAR_MARK rather than
CLEAR_FORWARD_MARK.
2) The NET3 column in /etc/shorewall/netmap now works correctly.
3) A missing closing quote in the generated script when using
REQUIRE_INTERFACE=Yes has been corrected.
4) The compiler now correctly detects the
2009 Jul 12
2
Shorewall 4.4.0 Beta 4
Beta 4 is now ready for testing.
http://www.shorewall.net/pub/shorewall/development/4.4/shorewall-4.4.0-Beta4/
ftp://ftp.shorewall.net/pub/shorewall/development/4.4/shorewall-4.4.0-Beta4/
----------------------------------------------------------------------------
P R O B L E M S C O R R E C T E D I N 4 . 4 . 0 Beta 4
2013 Jun 10
0
Shorewall 4.5.18 Beta 2
Beta 2 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) This release includes all defect repair from Shorewall 4.5.17.1.
2) The following warning message could be emitted
2011 Jun 18
0
Shorewall 4.4.21 Beta 1
Beta 1 is now available for testing.
New Features:
1) AUTOMAKE=Yes now causes all directories on the CONFIG_PATH to be
searched for files newer than the script that last
started/restarted the firewall.
2) FORMAT-2 actions may now specify default parameter values using the
DEFAULTS directive.
DEFAULTS <def1>,<def2>,...
Where <def1> is the default
2011 Jun 18
0
Shorewall 4.4.21 Beta 1
Beta 1 is now available for testing.
New Features:
1) AUTOMAKE=Yes now causes all directories on the CONFIG_PATH to be
searched for files newer than the script that last
started/restarted the firewall.
2) FORMAT-2 actions may now specify default parameter values using the
DEFAULTS directive.
DEFAULTS <def1>,<def2>,...
Where <def1> is the default
2012 Jul 04
0
Shorewall 4.5.6 RC 1
Shorewall 4.5.6 RC 1 is now available for testing.
Problems corrected since Beta 4:
1) In the generated script, the logic for handling wildcard interfaces
with the ''wait=n'' option was incorrect. For each matching interface,
the script would check its readiness n times in rapid
succession. The script now sleeps 1 second between checks.
2) Previously, the tcrules
2012 Jul 04
0
Shorewall 4.5.6 RC 1
Shorewall 4.5.6 RC 1 is now available for testing.
Problems corrected since Beta 4:
1) In the generated script, the logic for handling wildcard interfaces
with the ''wait=n'' option was incorrect. For each matching interface,
the script would check its readiness n times in rapid
succession. The script now sleeps 1 second between checks.
2) Previously, the tcrules
2009 Dec 19
0
Route Filtering with Kernel 2.6.31 and later
In kernel 2.6.31, the handling of the rp_filter interface option was
changed incompatibly. Previously, the effective value was determined
by the setting of net.ipv4.config.dev.proxy_arp logically ANDed with
the setting of net.ipv4.config.all.proxy_arp.
Beginning with kernel 2.6.31, the value is the arithmetic MAX of
those two values. Additionally, a ''loose'' routefiltering
2010 Nov 23
4
ERROR: Duplicate Host Group
Hello,
This is using version 4.4.11.3 (Debian).
The following error occurs:
ERROR: Duplicate Host Group (eth1:10.128.23.34/16) in zone loc :
The configuration is a test config. Commented lines removed to keep
it clear:
# cat zones
fw firewall
loc ipv4
# cat interfaces
loc eth1 -
# cat hosts
loc eth1:10.128.23.34/16
# cat policy
all all ACCEPT
2010 Dec 02
4
rules with multiple users/groups
Hi All,
I''m using shorewall 4.0.15-1 on debian 5.0.5 and It works fine.
I want to start using rules based on users. This is supported in the
shorewall-rules file, However it seems that each rule can only be
associated with one user or group.
Does this mean that I cannot have a rule apply to several users which
belong to several groups?
Will creating duplicate rules for each user
2008 Nov 13
3
Does code in /etc/shorewall/start exec before or after Shorewall starts?
In the docs at http://www.shorewall.net/Shorewall-perl.html,
"Your ipsets must be loaded before Shorewall starts. You are free to
try to do that with the following code in /etc/shorewall/start"
implies that code in /etc/shorewall/start is executed BEFORE Shorewall starts.
In the default /etc/shorewall/start
# /etc/shorewall/start
#
# Add commands below that you want to be
2012 Apr 07
27
Shorewall 4.5.2 RC 2
RC 2 is ready for testing.
Problems corrected:
1) The 4.5.1 Shorewall Lite and Shorewall6 Lite installers install the
wrong SysV init script on Debian and derivatives. That has been
corrected.
2) The getparams program now reads the installed shorewallrc file
rather than ~/.shorewallrc.
3) The ''load'' and ''reload'' now copy the
2012 Apr 07
27
Shorewall 4.5.2 RC 2
RC 2 is ready for testing.
Problems corrected:
1) The 4.5.1 Shorewall Lite and Shorewall6 Lite installers install the
wrong SysV init script on Debian and derivatives. That has been
corrected.
2) The getparams program now reads the installed shorewallrc file
rather than ~/.shorewallrc.
3) The ''load'' and ''reload'' now copy the
2008 Oct 22
1
Shorewall log analyzer
Hi all,
I am looking for an easy shorewall log analyzer, nothing too fancy, just the
most blocked traffic on a firewall by IP and port, preferably in daily reports
or so. Which tool are you using?
Thanks in adv,
Erwin
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer''s challenge
Build the
2008 Oct 31
1
Improvements in shorewall-interfaces.man & etc.
Tom & others,
Two suggestions for small improvements in shorewall-interfaces.man.
1. Option dhcp, criterion 3., change
"you have a static IP but are on a LAN segment with lots of DHCP clients."
to
"the interface has a static IP but is on a LAN segment with lots of DHCP clients."
2. Can the effect of the dhcp option be described briefly in one or