Displaying 20 results from an estimated 10000 matches similar to: "Shorewall 1.3.3 Beta Available"
2002 Jul 06
0
Shorewall 1.3.3
Shorewall 1.3.3 is now available for download.
In this release:
1. Entries in /etc/shorewall/interface that use the wildcard character
("+") now have the "multi" option assumed.
2. The ''rfc1918'' chain in the mangle table has been renamed ''man1918''
to make log messages generated from that chain distinguishable from
those generated
2002 May 14
3
[Shorewall-users] Redirect loc::80 to fw::3128 not work (fwd)
I''m beginning to believe that the use of the last column in the rules file
to designate redirection/forwarding is too subtle for many users. For 1.3,
I think I''ll do something like the following:
Current rule:
ACCEPT net loc:192.168.1.3 tcp 80 - all
New rule:
FORWARD net loc:192.168.1.3 tcp 80
Current rule:
ACCEPT net fw::3128 tcp 80 - all
New rule:
REDIRECT net
2002 Aug 22
0
Shorewall 1.3.7
This is a bug-fix roleup together with changes to the way ICMP is handled=
=2E
1) The ''icmp.def'' file is now empty! The rules in that file were
required in ipchains firewalls but are not required in Shorewall.
Users who have ALLOWRELATED=3DNo in shorewall.conf should see the
Upgrade Issues.
2) A ''FORWARDPING'' option has been added to shorewall.conf.
2002 Aug 26
0
Shorewall-1.3.7b
This is just a role up of the "shorewall refresh" bug fix plus the change that
reversed the order of "dhcp" and "rfc1918" filtering.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
2002 Jun 01
0
Shorewall 1.3.1
As promised, 1.3.1 is now available:
1. The handling of "all <zone> CONTINUE" policies has been corrected. Use
of these policies greatly simplifies whitelisting and other nested zone
configuration.
2. Added an /etc/shorewall/rfc1918 configuration file for defining the
behavior of the ''norfc1918'' interface option.
-Tom
--
Tom Eastep \ Shorewall -
2002 Feb 23
0
Shorewall 1.2.7
This is a minor release of Shorewall.
In this release:
1. RFC1918 checking in the mangle table has been streamlined to no
longer require packet marking.
2. A ''check'' command has been added that does a cursory validation of
the zones, interfaces, hosts, rules and policy files.
3. UPnP probes (UDP port 1900) are now silently dropped unless
explictly ACCEPTed.
4. The
2002 Jun 04
1
IANA Reserved Addresses Tool
Andy Wiggin has contribued a Python program that reads
http://www.iana.org/assignments/ipv4-address-space and creates a list of
reserved subnets suitable for inclusion in /etc/shorewall/rfc1918. The
list produced by Andy''s program will be included in the rfc1918 file
included in version 1.3.2 (it''s available now from CVS).
Thanks Andy!
-Tom
--
Tom Eastep \ Shorewall -
2002 Jul 08
0
Shorewall 1.3.3 Debian Packages
Lorenzo Marignoni reports that the packages are available at
http://security.dsi.unimi.it/~lorenzo/debian.html.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
2002 Jan 26
1
Shorewall 1.2.4 Beta
Shorewall 1.2.4 will have the following changes:
a) ''#'' comments now allowed at end-of-line in all config files.
b) Firewall zone may be renamed
c) Protection against concurrent state-changing operations (start, stop,
restart, refresh, clear)
d) ''shorewall start'' no longer fails if ''detect'' is specified for an
interface with netmask
2002 Apr 28
0
[Documentation] Re: [Shorewall-users] Logging is done to console (fwd)
This is becoming a FAQ and should probably be added to the docs.
Thanks,
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
---------- Forwarded message ----------
Date: Sun, 28 Apr 2002 16:09:01 -0700 (Pacific Daylight Time)
From: Tom Eastep <teastep@shorewall.net>
To: Carl Spelkens
2002 Mar 03
0
Fwd: Re: strange UDP scan results on a Shorewall firewall
---------- Forwarded Message ----------
Subject: Re: [Shorewall-users] strange UDP scan results on a Shorewall=20
firewall
Date: Sun, 3 Mar 2002 08:33:20 -0800
From: Tom Eastep <teastep@shorewall.net>
To: "Scott Duncan" <sduncan@cytechconsult.com>
On Saturday 02 March 2002 04:30 am, Scott Duncan wrote:
> Yes, the net->all policy is the same on all three (REJECT log
2002 Oct 24
0
Shorewall 1.3.10 Beta 1
There''s a lot new in 1.3.10:
1) You may now define the contents of a zone dynamically with the
"shorewall add" and "shorewall delete" commands. These commands are
expected to be used primarily within FreeS/Wan updown scripts.
2) Shorewall can now do MAC verification on ethernet segments. You can
specify the set of allowed MAC addresses on the segment and you can
2002 May 18
0
Shorewall 1.3 Beta 2
o There are lots of changes in the firewall structure -- beware if you use
/etc/shorewall/start to insert rules into the Shorewall-generated ruleset.
o Sub-zones may now be excluded from DNAT and REDIRECT rules.
o The names of the columns in a number of configuration files have been
changed to be more consistent and self-explanatory.
o The sample configuration files have been updated for 1.3.
2004 Nov 02
3
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2004 Feb 10
1
Preparing for Shorewall 2.0
Shorewall 2.0.0 is now in Beta so this is a good time to begin thinking about
preparing to migrate to the 2.0 Shorewall series.
Shorewall 2.0 makes a number of incompatible changes in the configuration
files. Luckily, you will be able to make changes ahead of time to your 1.4
configuration that will ease the migration when the time comes.
a) Shorewall 2.0 doesn''t allow you to specify
2004 Nov 04
0
Preparing for Shorewall 2.2
Shorewall 2.2.0 is expected to be released in the February/March
timeframe so it is now time to begin thinking about preparing to
upgrade. This is particularly important for those of you still running
Shorewall 1.4 since support for that version will end with the release
of 2.2.
For those of you still running Shorewall 1.4, here are some things that
you can do ahead of time to ease the upgrade to
2004 Nov 02
0
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2002 Sep 29
3
Shorewall 1.3.9
Shorewall 1.3.9 is available.
In this release:
1. DNS Names are now allowed in Shorewall config files (I still recommend
against using them however).
2. The connection SOURCE may now be qualified by both interface
and IP address in a Shorewall rule.
3. Shorewall startup is now disabled after initial installation until
the file /etc/shorewall/startup_disabled is removed.
4. The
2002 May 14
2
Shorewall.net is back up
Let me know if there are any problems.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
2004 Nov 09
1
Shorewall 2.2.0 Beta 3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta3
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta3
Problems Corrected:
1. Missing ''#'' in the rfc1918 file has been corrected.
2. The INSTALL file now includes special instructions for Slackware
users.
New Features:
1. In CLASSIFY rules