Displaying 20 results from an estimated 50000 matches similar to: "New in CVS"
2003 Jan 14
3
Shorewall-1.3.13
Just some stuff that was laying around in CVS:
1. Added ''DNAT-'' target.
2. Print policies in ''check'' command.
3. Added CLEAR_TC option.
4. Added SHARED_DIR option.
[teastep@wookie Shorewall]$ cat releasenotes.txt
This is a minor release of Shorewall that has a couple of new features.
New features include:
1) A new ''DNAT-'' action has been
2004 Dec 15
3
[Fwd: 2 ftp serwers problem]
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
2002 Dec 05
7
New in CVS
The ''firewall'' script currently in the /Shorewall CVS project:
a) Is approximately 15% faster starting/restarting on my configuration --
please report your experiences with it.
b) Reloads Traffic Control/Shaping as part of "shorewall refresh"
c) Turns off the shell trace after an error has occured (except when the
command being traced is "stop" or
2004 Apr 17
4
LinuxFest NW
For those of you going to LinuxFest, I''ll be speaking today at 10:00 in
G-106. And if you miss the talk but see me wandering around the campus
later, don''t hesitate to flag me down to say "Hi".
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2003 Jun 29
3
Snapshot 20030629
Problems Corrected:
1) A problem seen on RH7.3 systems where Shorewall encountered start
errors when started using the "service" mechanism has been worked
around.
2) A problem introduced in earlier snapshots has been corrected. This
problem caused incorrect netfilter rules to be created when the
destination zone in a rule was qualified by an address in CIDR
format.
2004 Sep 29
4
Re: start error]
thanks again for your sharp eye and speedy response. i have corrected the typos in the IP in the masq file. I am sorry to have to ask for more help but my pc''s on the local network can''t reach the dmz webserver using the webserver''s local or Public IP address. I need to be able to do this in order to test the split DNS setup for the network. Using ethereal on the
2003 Jul 04
3
Shorewall 1.4.6 Beta 1
Beta 1 is now available at:
http://shorewall.net/pub/shorewall/testing
ftp://shorewall.net/pub/shorewall/testing
This is a minor release of Shorewall.
Problems Corrected:
1) A problem seen on RH7.3 systems where Shorewall encountered start
errors when started using the "service" mechanism has been worked
around.
2) Where a list of IP addresses appears in the DEST column of a
2005 Mar 11
2
Port Forwarding, followed all the forums and FAQs
I apologize before hand for my newbie question, but I have done the research and I still cant find a solution.
Shoreline 1.4.8
Problem: Firewall isent allowing me to port forward to server
Port Open = 3389 (RDP)
Line added for Port Forwarding:DNAT net loc:192.168.42.5 tcp 3389
Error Produced:
Mar 11 06:37:40 net2allROP:IN=ppp0 OUT=eth1 SRC=64.x.x.xxx DST=192.168.42.2 LEN=48 TOS=0x00
2003 Mar 05
3
Shorewall 1.4.0 RC1
The first release candidate is now available at:
http://www.shorewall.net/pub/shorewall/Beta
ftp://ftp.shorewall.net/pub/shorewall/Beta
The only change between Beta 1 and RC1 is that the ''check'' command is back
in RC1.
Function from 1.3 that has been omitted from this version includes:
1) The MERGE_HOSTS variable in shorewall.conf is no longer
supported. Shorewall 1.4
2004 Oct 03
1
RE: Shorewall-users Digest, Vol 23, Issue 4
Yes thank you for answering so fast !
I have corrected it, here the new diagram and the new routing table. But it
still doesn''t work.
>From the router i can access to 192.168.11.254
I have add the rules :
DNAT loc priv:192.168.11.254:22 tcp 22
But i can''t connect to 192.168.11.254 from LAN
The DNAT fonction doesn''t work, but i can DROP packet arriving on eth0 (loc)
2003 Aug 06
3
New in CVS
The generic tunnel support that I posted about yesterday has been
updated:
a) A bug that caused [re]start errors has been corrected.
b) A list of zones may now be included in the third column of
/etc/shorewall/tunnels; the semantics are the same as for ipsec tunnels.
In addition, the ADDRESS column in /etc/shorewall/masq may now contain a
comma-separated list of IP ranges/addresses. This enables
2004 Apr 01
5
DNAT PPTP questions
I have two/three PPTP servers on my network and each one of them are on
their own subnet and I want to be able to send traffic to each and
everyone.
My rules file entry is as follows
DNAT net loc:1.1.1.1 tcp 1723
DNAT net loc:1.1.1.1 47
and
DNAT net loc:2.2.2.2 tcp 1723
DNAT net loc:2.2.2.2 47
however all the traffic only goes to 1.1.1.1 because its the first
DNAT entry.
I tried the
2004 Sep 15
15
re: start error
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The original post was over 300,000kb so I didn''t spam the list with it -TE.
|
|
| Thank you for your quick and helpful response.
|
| I didn''t understand that the virtual interface eth0:1 doesn''t count as
a separate instance from eth0.
| I am sorry to ask for further assistance and would appreciate any
help. The error
2004 Mar 06
16
Bridging Update
The bridging documentation (http://shorewall.net/2.0/bridge.html) has been
expanded and there is a refresh of the bridging code
(ftp://shorewall.net/pub/shorewall/Bridging and
http://shorewall.net/pub/shorewall/Bridging).
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2004 Sep 16
4
DNAT works, yet extremely slow
Hello all
I wanted to forward all incoming requests in port 80 to a server in my LAN,
and by using DNAT lines, it actually works. However, it is unstable, in the
sense that in the beggining of each connection (one or two seconds) it is
extremely fast, then it sometimes pauses and waits 30 seconds or so, then it
starts again and so on.
The line i used is :
DNAT net loc:192.168.0.210 tcp 80
DNAT
2003 Feb 22
2
Webmin Shorewall Patch
My description of the incorrect use of the term ''SNAT'' on the Static NAT
Webmin page was apparently misunderstood. Attached is a patch against the
Webmin-1.070 Shorewall module that corrects this problem and also adds the
''DNAT-'' action for rules.
To apply the patch, you will need the ''patch'' utility:
cd <webmin shorewall directory - on
2005 May 09
8
Shorewall protection?
Hy shorewall users :))
I have the following config in my shorewall:
DNAT net:200.137.193.2 loc:192.168.0.55 udp
135,445 - 200.137.193.38
DNAT net:200.137.193.2 loc:192.168.0.55 udp
137:139 - 200.137.193.38
DNAT net:200.137.193.2 loc:192.168.0.55 tcp
135,139,445 - 200.137.193.38
The IP
2005 Jul 01
3
Cable Modem and Bridging
I''m not subscribed to the users list but I''ve been reading the archives. The
OP should NOT try using bridging with either FC 3 or FC 4 at this time
because the combination of Netfilter and bridging is currently broken in the
kernel''s included with those distros (as reported in another thread on the
list).
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently
2004 Sep 29
10
DNAT + Masq Problem - Yes I read the FAQ I promise
I have a debian woody machine acting as a firewall for a small
network. I am trying to do a simple DNAT to port 80 on the protected
webserver and masquerade all traffic from the protect subnet outbound.
After having read the FAQ and various posts regarding problems with
DNAT I''m afraid I''m no closer to a solution. Based on the output from
"shorewall show nat" I
2004 Jan 21
3
FW: DNAT and masq problem with kernel 2.4.23
Hi,
after kernel upgrade to 2.4.23 my existing configuration of shorewal 1.4.8
will not start / it fail on DNAT and/or masq with message: "iptables:
Invalid argument" /
I founded some similar problems description - see links bellow, but there is
no solution how to get work shorewall with DNAT and masq with 2.4.23 kernel.
http://www.ussg.iu.edu/hypermail/linux/kernel/0312.0/0268.html