similar to: [Documentation] Re: [Shorewall-users] Logging is done to console (fwd)

Displaying 20 results from an estimated 10000 matches similar to: "[Documentation] Re: [Shorewall-users] Logging is done to console (fwd)"

2002 Sep 29
3
Shorewall 1.3.9
Shorewall 1.3.9 is available. In this release: 1. DNS Names are now allowed in Shorewall config files (I still recommend against using them however). 2. The connection SOURCE may now be qualified by both interface and IP address in a Shorewall rule. 3. Shorewall startup is now disabled after initial installation until the file /etc/shorewall/startup_disabled is removed. 4. The
2002 Mar 03
0
Fwd: Re: strange UDP scan results on a Shorewall firewall
---------- Forwarded Message ---------- Subject: Re: [Shorewall-users] strange UDP scan results on a Shorewall=20 firewall Date: Sun, 3 Mar 2002 08:33:20 -0800 From: Tom Eastep <teastep@shorewall.net> To: "Scott Duncan" <sduncan@cytechconsult.com> On Saturday 02 March 2002 04:30 am, Scott Duncan wrote: > Yes, the net->all policy is the same on all three (REJECT log
2002 May 14
2
Shorewall.net is back up
Let me know if there are any problems. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net
2002 May 17
0
[Documentation] Shorewall 1.3
The 1.3 Beta Documentation has now been commited to CVS. There will be minor additions to the Documentation between now and release (currently, I''m shooting for release around the middle of next month). Hopefully the new rules syntax will be easier for you folks to deal with in the docs. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net
2002 Jun 19
1
Shorewall Documentation in PDF Format
Thank''s to Mike Martinez, the Shorewall Documentation is now available in PDF format at: http://www.shorewall.net/pub/shorewall/Shorewall_Users_Guide-1.3.2.pdf Thanks again Mike!! -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net
2002 May 14
3
[Shorewall-users] Redirect loc::80 to fw::3128 not work (fwd)
I''m beginning to believe that the use of the last column in the rules file to designate redirection/forwarding is too subtle for many users. For 1.3, I think I''ll do something like the following: Current rule: ACCEPT net loc:192.168.1.3 tcp 80 - all New rule: FORWARD net loc:192.168.1.3 tcp 80 Current rule: ACCEPT net fw::3128 tcp 80 - all New rule: REDIRECT net
2002 Jan 26
1
Shorewall 1.2.4 Beta
Shorewall 1.2.4 will have the following changes: a) ''#'' comments now allowed at end-of-line in all config files. b) Firewall zone may be renamed c) Protection against concurrent state-changing operations (start, stop, restart, refresh, clear) d) ''shorewall start'' no longer fails if ''detect'' is specified for an interface with netmask
2002 Aug 25
1
Shorewall 1.3.7a Debian Packages Available
Apt-get sources are listed at: http://wecurity.dsi.unimi.it/~lorenzo/debian.html -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net
2002 Jul 16
1
Shorewall 1.3.4
Shorewall 1.3.4 is available: 1. A new /etc/shorewall/routestopped file has been added. This file is intended to eventually replace the routestopped option in the /etc/shorewall/interface and /etc/ shorewall/hosts files. This new file makes remote firewall administration easier by allowing any IP or subnet to be enabled while Shorewall is stopped. 2. An /etc/shorewall/stopped
2002 Jun 08
1
Shorewall.net back on line
The maintenance (adding RAM) took a little longer than I planned: 1) Shutdown - 1 minute 2) Open Case - 30 seconds At this point, I emember that I can''t add RAM to this box without removing the Mother Board (hinge-mounted in case) - slap forehead. 3) Remove cables, PCI NIC & MB - 2 minutes 4) Add RAM - 1 Minute 5) Get the %$#@ MB back in the case and aligned -- 15 Minutes 6)
2002 Apr 16
1
Shorewall Debian News
Lorenzo Marignoni reports that: o Shorewall 1.2.10 is in the Debian Testing Branch o Shorewall 1.2.11 is in the Debian Unstable Branch Thanks, Lorenzo! -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net
2002 Jun 15
4
Serious Bug found in Shorewall 1.3.x
Rafa³ Dutko has just discovered a potentially serious bug in version 1.3.0 and 1.3.1. In both versions, where an interface option appears on multiple interfaces, the option may only be applied to the first interface on which it appears. A corrected firewall script for 1.3.1 is available at: http://www.shorewall.net/pub/shorewall/errata/1.3.1/firewall and
2002 Apr 13
2
Shorewall 1.2.11 Available
In this release: 1. The ''try'' command now accepts an optional timeout. If the timeout is given in the command, the standard configuration will automatically be restarted after the new configuration has been running for that length of time. This prevents a remote admin from being locked out of the firewall in the case where the new configuration starts but prevents
2002 Mar 20
3
Shorewall 1.2.10
This is a minor release of Shorewall. In this release: 1. A "shorewall try" command has been added. This command attempts to restart Shorewall using an alternate configuration and if that attempt fails, Shorewall is automatically started with the default configuration. This is useful for remote administration where a failed restart of Shorewall can leave you isolated from
2002 Sep 16
3
Shorewall 1.3.8
This is a minor release of Shorewall which rolls up a number of bug fixes. New features include: 1. A NEWNOTSYN option has been added to shorewall.conf. This option determines whether Shorewall accepts TCP packets which are not part of an established connection and that are not ''SYN'' packets (SYN flag on and ACK flag off). 2. The need for the
2002 Aug 26
0
"shorewall refresh" bug in Shorewall 1.3.7a
"shorewall refresh" is not handling FORWARDPING=Yes properly in 1.3.7a. After a refresh, the configuration is the same as it would be with FORWARDPING=No. There''s a corrected firewall script available from http://www.shorewall.net/errata.htm. Sorry for the inconvenience... -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ:
2002 Aug 07
2
Re: [Shorewall-users] Common Rules
John, I''m taking the liberty of copying the Shorwall Development list since I believe that these issues will be of interest. On Tue, 6 Aug 2002, Links at Momsview wrote: > Tom, > I''m not sure if you ever saw this document but it describes some of the > reasons you are seeing strange packets > after setting up NEW not SYN >
2002 Sep 14
0
Spam Filtering of Shorewall List Posts
I have now configured Postfix to filter all email sent to shorewall.net with SpamAssassin. I have also configured GNU Mailman so that any list email that appears to be Spam will be held for my approval. Hopefully, this will prevent Spam from becoming a problem on our lists. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \
2002 Aug 07
0
Re: [Shorewall-users] Common Rules
On Tue, 6 Aug 2002, Links at Momsview wrote: > Tom, > I''m not sure if you ever saw this document but it describes some of the > reasons you are seeing strange packets > after setting up NEW not SYN > http://www.linuxsecurity.com/resource_files/firewalls/IPTables-Tutorial/ipta > bles-tutorial.html#NEWNOTSYN > > If the section titled " State NEW packets but no
2002 Jul 05
0
Shorewall 1.3.3 Beta Available
Beta code is available at: ftp://ftp.shorewall.net/pub/shorewall/Beta http://www.shorewall.net/pub/shorewall/Beta In this release: 1. Entries in /etc/shorewall/interface that use the wildcard character ("+") now have the "multi" option assumed. 2. The ''rfc1918'' chain in the mangle table has been renamed ''man1918'' to make log