Displaying 20 results from an estimated 10000 matches similar to: "Shorewall 2.2.2 (Corrected)"
2005 Mar 12
0
Shorewall 2.2.2
Shorewall 2.2.2 is now available.
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.2
ftp://shorewall.net/pub/shorewall/2.2/shorewall-2.2.2
Problems Corrected:
1. The SOURCE column in the /etc/shorewall/tcrules file now correctly
allows IP ranges (assuming that your iptables and kernel support
ranges).
2. If A is a user-defined action and you have file /etc/shorewall/A
2007 Jul 29
12
Shorewall 4.0.0 + Kernel 2.6.21.5-grsec
Hello,
My hoster updated its kernel packages... It contained some old problems
that should have been fixed. My servers have now a wonderful 2.6.21.5
kernel + grsec running.
Both are running Debian 4.0 (stable release).
mx:/etc/shorewall# iptables --version
iptables v1.3.6
mx:/etc/shorewall# uname -a
Linux mx.network-hosting.com 2.6.21.5-grsec-xxxx-grs-ipv4-32 #1 SMP Fri
Jul 27 17:18:23 CEST
2004 Apr 20
0
outdated bogons table in current Shorewall...
Hi,
according to:
http://www.iana.org/assignments/ipv4-address-space
the bogons table is outdated...
tha attached patch fixes that... (done against 2.0.1)
--
Regards
Thomas
PS.
please CC me as I''m not subscribed to the list
-------------- next part --------------
--- usr/share/shorewall/bogons.old 2004-04-19 18:28:00.000000000 +0300
+++ usr/share/shorewall/bogons 2004-04-20
2003 Oct 21
0
Shorewall 1.4.7a
This is a bugfix roll up of the following:
1) Tuomo Soini has supplied a correction to a problem that occurs using
some versions of ''ash''. The symptom is that "shorewall start" fails
with:
local: --limit: bad variable name
iptables v1.2.8: Couldn''t load match `-j'':/lib/iptables/libipt_-j.so:
cannot open shared object file: No such
2004 Dec 30
4
Shorewall 2.2.0 RC3
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC3
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC3
Just a few bug fixes:
* The following error message could appear during "shorewall stop"
clear":
local: lo:: bad variable name
*
* The rate limiting example in /etc/shorewall/rules has been
changed to use the RATE
2003 Mar 25
7
DNAT not working after changing BIND to use views
Hello all:
I''ve got a confusing issue. I had a working shorewall configuration
(based on the two interface model) using DNAT for redirection to my HTTP
server. The HTTP server is on my inside network (I know - bad juju, but
one thing at a time). I changed my configuration this morning to use
views in my BIND (named) configuration. Everyone outside the firewall
is able to get in
2003 Oct 30
0
Shorewall 1.4.8 RC1
10/30/2003 - Shorewall 1.4.8 RC1
Given the small number of new features and the relatively few lines of
code that were changed, there will be no Beta for 1.4.8.
I am particularly interested in people testing:
a) The interface to ''ftwall''
b) Handling of <zone>_frwd chains (those of you who had problems with
1.4.7b or that have reported extra rules in these chains).
2003 Nov 07
0
Shorewall 1.4.8
Currently at:
http://shorewall.net/pub/shorewall/shorewall-1.4.8
ftp://shorewall.net/pub/shorewall/shorewall-1.4.8
Coming soon to a mirror near you.
This is a minor release of Shorewall.
Problems Corrected since version 1.4.7:
1) Tuomo Soini has supplied a correction to a problem that occurs using
some versions of ''ash''. The symptom is that "shorewall start"
2009 Jun 27
1
Transparent Proxy Problem with Squid3 and Shorewall
Hi all,
I have a strange problem in trying to install a transparent proxy (in my
internal net not on the shorewall server) according to the instructions
as outlined in http://www.shorewall.net/Shorewall_Squid_Usage.html#Local
My Network looks the following:
Internal Net: 10.0.0.0/24 Squid Server listening on port 3128
(ip 10.0.0.152, DNS name server01)
| |
2005 May 05
4
Shorewall 2.3.0
http://shorewall.net/pub/shorewall/2.3/shorewall-2.3.0
ftp://shorewall.net/pub/shorewall/2.3/shorewall-2.3.0
WARNING: This is a development release and may be unstable
New Features in version 2.3.0
1) Shorewall 2.3.0 supports the ''cmd-owner'' option of the owner match
facility in Netfilter. Like all owner match options, ''cmd-owner'' may
only be applied to
2009 Mar 13
0
Polices, Rules and Configurations - No Success (#/etc/shorewall/policy)
Hello,
I forgot to put my #/etc/shorewall/policy file:
# /etc/shorewall/policy
###############################################################################
#SOURCE DEST POLICY LOG LIMIT: CONNLIMIT:
# LEVEL BURST MASK
#
adm net DROP info
tlm net DROP info
#
net adm DROP
2005 Jan 07
1
Shorewall 2.2.0 RC4
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC4
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC4
New Features:
1. A listing of loaded iptables kernel modules is now included in the
output of "shorewall status".
Problems Corrected.
1. Several problems associated with processing the IPSEC column in
/etc/shorewall/masq have been corrected.
-Tom
--
2012 Jan 11
0
Shorewall 4.5.0 Beta 3
Beta 3 is now available for testing.
Problems Corrected:
1) The value ''0'' is once again accepted in the IN_BANDWIDTH columns of
tcinterfaces and tcrules, and causes no ingress policing to be
configured.
2) MARK_IN_FORWARD_CHAIN=Yes no longer generates an error when
$FW:<address> is entered in the SOURCE column of the tcrules file.
New Features:
1) The
2012 Jan 11
0
Shorewall 4.5.0 Beta 3
Beta 3 is now available for testing.
Problems Corrected:
1) The value ''0'' is once again accepted in the IN_BANDWIDTH columns of
tcinterfaces and tcrules, and causes no ingress policing to be
configured.
2) MARK_IN_FORWARD_CHAIN=Yes no longer generates an error when
$FW:<address> is entered in the SOURCE column of the tcrules file.
New Features:
1) The
2003 Aug 26
1
ADSL router, two nics, web server not visible from internet
I have an ADSL router, a linux box with two NICS connected to the
router and another PC connected to the router.
I installed shorewall using the two interface method.
I can ping and see the webserver on the linux box from the local
network, but not from the internet.
Sys info as follows:
[root@wilma root]# shorewall version
1.4.6b
[root@wilma root]# ip addr show
1: lo: <LOOPBACK,UP> mtu
2005 May 31
11
More Tests for 2.4.0-RC2 - strange behaviour
Hi all,
I was trying to test ROUTE specific code with a multi-isp serviced box.
There is a bug somewhere, but I''m not able to understand what the real
problem is:
when I issue a "shorewall show capabilities" I get:
Loading /usr/share/shorewall/functions...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Shorewall has
2005 Feb 16
1
Shorewall 2.2.1
This release just rolls up the fixes for the few problems that have
surfaced in the first two to three weeks of Shorewall 2.2 availability.
If 2.2.0 is working ok for you, there is no reason to upgrade.
So far I''ve been very pleased with the stability of the 2.2 release and
attribute much of that to the new release model.
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.1
2005 Feb 02
1
Shorewall 2.0.16
This release back-ports the DROPINVALID shorewall.conf option from 2.2.0.
1) Recent 2.6 kernels include code that evaluates TCP packets based on
TCP Window analysis. This can cause packets that were previously
classified as NEW or ESTABLISHED to be classified as INVALID.
The new kernel code can be disabled by including this command in
your /etc/shorewall/init file:
echo 1
2005 Jun 05
1
Shorewall 2.4.0
Note: Because of the short time that has elapsed since the release of
Shorewall 2.2.0, Shorewall 2.0 will be supported until 1 December 2005 or
until the release of Shorewall 2.6.0, whichever occurs first.
http://shorewall.net/pub/shorewall/2.4/shorewall-2.4.0
ftp://shorewall.net/pub/shorewall/2.4/shorewall-2.4.0
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
2005 May 20
1
Shorewall 2.2.5
This will be my last 2.2 release. It contains a couple of small bug
fixes that I had laying around.
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.5
ftp://shorewall.net/pub/shorewall/2.2/shorewall-2.2.5
1) Previously, if PKTTYPE=No in shorewall.conf then pkttype match would
still be used if the kernel supported it.
2) A typo in the ''tunnel'' script has been corrected