similar to: Thoughts on Shorewall 2.0

Displaying 20 results from an estimated 10000 matches similar to: "Thoughts on Shorewall 2.0"

2003 Feb 21
0
Shorewall 1.4.0 Beta 1
The first 1.4.0 Beta is now available at: http://www.shorewall.net/pub/shorewall/Beta ftp://ftp.shorewall.net/pub/shorewall/Beta Function from 1.3 that has been omitted from this version includes: 1) The MERGE_HOSTS variable in shorewall.conf is no longer supported. Shorewall 1.4 behavior is the same as 1.3 with MERGE_HOSTS=Yes. 2. Interface names of the form
2003 Feb 19
0
Proposed Shorewall 1.4.0 Content
Here is the proposed content -- I''m looking for a Beta to start in the next week or so with release around the middle of next month. The main focus of 1.4 will be to provide external behavior similar to the upcoming 2.0 release. Function from 1.3 that has been omitted from this version includes: 1) The MERGE_HOSTS variable in shorewall.conf is no longer supported. Shorewall 1.4
2003 Mar 05
3
Shorewall 1.4.0 RC1
The first release candidate is now available at: http://www.shorewall.net/pub/shorewall/Beta ftp://ftp.shorewall.net/pub/shorewall/Beta The only change between Beta 1 and RC1 is that the ''check'' command is back in RC1. Function from 1.3 that has been omitted from this version includes: 1) The MERGE_HOSTS variable in shorewall.conf is no longer supported. Shorewall 1.4
2003 Feb 27
6
Shorewall 1.4.0 Beta 2
The second Beta is now available at: http://www.shorewall.net/pub/shorewall/Beta ftp://ftp.shorewall.net/pub/shorewall/Beta Function from 1.3 that has been omitted from this version includes: 1) The ''check'' command is no longer supported. 2) The MERGE_HOSTS variable in shorewall.conf is no longer supported. Shorewall 1.4 behavior is the same as 1.3 with MERGE_HOSTS=Yes.
2003 Jan 25
0
Shorewall 1.3.14 Beta 1
Beta 1 is now available at: http://www.shorewall.net/pub/shorewall/Beta ftp://ftp.shorewall.net/pub/shorewall/Beta Features include: 1) An OLD_PING_HANDLING option has been added to shorewall.conf. When set to Yes, Shorewall ping handling is as it has always been (see http://www.shorewall.net/ping.html). When OLD_PING_HANDLING=No, icmp echo (ping) is handled via rules and
2003 Feb 04
11
About Shorewall 1.3.14
It is my plan that the upcoming release of Shorewall (1.3.14) will definitely be the last of the 1.3.x releases and will very probably be the last release of Shorewall 1.x.x. I will continue to support Shorewall 1.3 but will be making no more enhancements to it. I will be devoting my time to Shorewall 2. If anyone is interested in taking over the development of Shorewall 1, please let me
2005 Mar 15
2
New feature for Shorewall 2.2.3
The following is taken from the Release notes for 2.2.3 (which will be released in a month or so). 2) There has been ongoing confusion about how the /etc/shorewall/routestopped file works. People understand how it works with the ''shorewall stop'' command but when they read that ''shorewall restart'' is logically equivalent to ''shorewall
2003 Feb 08
1
Shorewall 1.3.14
Shorewall 1.3.14 is now available. Thanks go to Francesca Smith for helping with updating the sample configurations. New in 1.3.14: 1) An OLD_PING_HANDLING option has been added to shorewall.conf. When set to Yes, Shorewall ping handling is as it has always been (see http://www.shorewall.net/ping.html). When OLD_PING_HANDLING=No, icmp echo (ping) is handled via rules and
2005 Apr 07
4
Shorewall 2.2.3
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.3 ftp://shorewall.net/pub/shorewall/2.2/shorewall-2.2.3 Problems Corrected: 1) If a zone is defined in /etc/shorewall/hosts using <interface>:!<network> in the HOSTS column then startup errors occur on "shorewall [re]start". 2) Previously, if "shorewall status" was run on a system whose kernel lacked
2002 Aug 26
0
"shorewall refresh" bug in Shorewall 1.3.7a
"shorewall refresh" is not handling FORWARDPING=Yes properly in 1.3.7a. After a refresh, the configuration is the same as it would be with FORWARDPING=No. There''s a corrected firewall script available from http://www.shorewall.net/errata.htm. Sorry for the inconvenience... -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ:
2002 Aug 22
0
Shorewall 1.3.7
This is a bug-fix roleup together with changes to the way ICMP is handled= =2E 1) The ''icmp.def'' file is now empty! The rules in that file were required in ipchains firewalls but are not required in Shorewall. Users who have ALLOWRELATED=3DNo in shorewall.conf should see the Upgrade Issues. 2) A ''FORWARDPING'' option has been added to shorewall.conf.
2004 Sep 16
0
Shorewall-2.1.9
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://shorewall.net/pub/shorewall/2.1/shorewall-2.1.9 ftp://shorewall.net/pub/shorewall/2.1/shorewall-2.1.9 Problems Corrected: 1) IP ranges in the routestopped and tunnels files now work. 2) Rules where an IP range appears in both the source and destination ~ now work correctly. 3) With complex proxy arp configurations involving two or
2002 Dec 19
0
Another Little Patch
--==========1943392778========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Here''s another little patch that corrects a couple of silly mistakes. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net --==========1943392778==========
2003 Jun 17
0
Shorewall 1.4.5
This has been sitting around for a while so I''ve decided to release it. Problems Corrected: 1) The command "shorewall debug try <directory>" now correctly traces the attempt. 2) The INCLUDE directive now works properly in the zones file; previously, INCLUDE in that file was ignored. 3) /etc/shorewall/routestopped records with an empty second column are no
2003 Mar 11
0
Shorewall 1.3.14a
This is a roll up of the following fixes: * There is an updated rfc1918 file that reflects the resent allocation of 222.0.0.0/8 and 223.0.0.0/8. * The documentation for the routestopped file claimed that a comma-separated list could appear in the second column while the code only supported a single host or network address. * Log messages produced by ''logunclean'',
2002 Jul 16
1
Shorewall 1.3.4
Shorewall 1.3.4 is available: 1. A new /etc/shorewall/routestopped file has been added. This file is intended to eventually replace the routestopped option in the /etc/shorewall/interface and /etc/ shorewall/hosts files. This new file makes remote firewall administration easier by allowing any IP or subnet to be enabled while Shorewall is stopped. 2. An /etc/shorewall/stopped
2002 May 14
3
[Shorewall-users] Redirect loc::80 to fw::3128 not work (fwd)
I''m beginning to believe that the use of the last column in the rules file to designate redirection/forwarding is too subtle for many users. For 1.3, I think I''ll do something like the following: Current rule: ACCEPT net loc:192.168.1.3 tcp 80 - all New rule: FORWARD net loc:192.168.1.3 tcp 80 Current rule: ACCEPT net fw::3128 tcp 80 - all New rule: REDIRECT net
2003 Jul 31
0
Snapshot 1.4.6_20030731
http://shorewall.net/pub/shorewall/Snapshots ftp://shorewall.net/pub/shorewall/Snapshots Problems Corrected since version 1.4.6: 1) Corrected problem in 1.4.6 where the MANGLE_ENABLED variable was being tested before it was set. 2) Corrected handling of MAC addresses in the SOURCE column of the tcrules file. Previously, these addresses resulted in an invalid iptables command.
2002 Jun 17
0
Another 1.3.x Bug
Another bug with similar symptoms to the last one has been found by Renato Tirol. The bug fixed by the earlier errata update affects the following options: dhcp dropunclean logunclean norfc1918 routefilter multi filterping noping The bug reported by Renato and fixed in the current errata update affects: routestopped The new update is available at:
2002 Jul 25
5
Shorewall 1.3.5
This will be the last Shorewall release for a while as I''m going to be focusing on Documentation. In this release: 1. Empty and invalid source and destination qualifiers are now detected in the rules file. It is a good idea to use the ''shorewall check'' command before you issue a ''shorewall restart'' command be be sure that you don''t