Displaying 20 results from an estimated 10000 matches similar to: "Shorewall 2.0.16"
2004 Dec 11
0
Shorewall 2.2.0 Beta 8
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta8
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta8
Problems Corrected:
1. A typo in the /etc/shorewall/interfaces file has been corrected.
2. Previously, the "add" and "delete" commands were generating
incorrect policy matches when policy match support was
available.
New
2005 Feb 03
8
SMB Problem
I''m having a problem where transferring files accross our IPsec gateway
to another host on a remote network is failing. I see no packets being
rejected in the logs.
Attached is a packet trace, showing the problem. In this case,
10.100.0.0/24 is the local network and 10.100.14.0/24 is the remote
network. The trace was taken on the local gateway.
In the trace, there is a set of TCP
2004 Dec 30
4
Shorewall 2.2.0 RC3
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC3
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC3
Just a few bug fixes:
* The following error message could appear during "shorewall stop"
clear":
local: lo:: bad variable name
*
* The rate limiting example in /etc/shorewall/rules has been
changed to use the RATE
2005 Jan 07
1
Shorewall 2.2.0 RC4
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC4
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC4
New Features:
1. A listing of loaded iptables kernel modules is now included in the
output of "shorewall status".
Problems Corrected.
1. Several problems associated with processing the IPSEC column in
/etc/shorewall/masq have been corrected.
-Tom
--
2005 Mar 12
1
Shorewall 2.2.2 (Corrected)
I forgot to add the last new feature to the previous announcement.
Shorewall 2.2.2 is now available.
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.2
ftp://shorewall.net/pub/shorewall/2.2/shorewall-2.2.2
Problems Corrected:
1. The SOURCE column in the /etc/shorewall/tcrules file now correctly
allows IP ranges (assuming that your iptables and kernel support
ranges).
2.
2005 Jun 05
1
Shorewall 2.4.0
Note: Because of the short time that has elapsed since the release of
Shorewall 2.2.0, Shorewall 2.0 will be supported until 1 December 2005 or
until the release of Shorewall 2.6.0, whichever occurs first.
http://shorewall.net/pub/shorewall/2.4/shorewall-2.4.0
ftp://shorewall.net/pub/shorewall/2.4/shorewall-2.4.0
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
2005 May 20
1
Shorewall 2.2.5
This will be my last 2.2 release. It contains a couple of small bug
fixes that I had laying around.
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.5
ftp://shorewall.net/pub/shorewall/2.2/shorewall-2.2.5
1) Previously, if PKTTYPE=No in shorewall.conf then pkttype match would
still be used if the kernel supported it.
2) A typo in the ''tunnel'' script has been corrected
2005 Jan 12
1
Shorewall 2.0.15
My sincere apologies for the messed up 2.0.14. I didn''t realize that I
had merged a change from 2.2.0 but hadn''t tested it.
http://shorewall.net/pub/shorewall/2.0/shorewall-2.0.15
ftp://shorewall.net/pub/shorewall/2.0/shorewall-2.0.15
1. The range of ports opened by the AllowTrcrt action has been expanded
to 33434:33524 to allow for a maximum of 30 hops.
2. Code mis-ported
2005 Jan 17
1
Shorewall 2.2.0 RC5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I''m hoping that this will be the last RC and that I can release 2.2.0 on
February 1. I appreciate your help in testing this RC.
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC5
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC5
Problems Corrected:
1. The AllowTrcrt action has been changed to allow up to 30
2005 Jan 03
3
Shorewall 2.0.14
http://shorewall.net/pub/shorewall/2.0/shorewall-2.0.14
ftp://shorewall.net/pub/shorewall/2.0/shorewall-2.0.14
New Features:
1. Previously, when rate-limiting was specified
in /etc/shorewall/policy (LIMIT:BURST column), any traffic which
exceeded the specified rate was silently dropped. Now, if a log
level is given in the entry (LEVEL column) then drops are logged
2005 Feb 16
1
Shorewall 2.2.1
This release just rolls up the fixes for the few problems that have
surfaced in the first two to three weeks of Shorewall 2.2 availability.
If 2.2.0 is working ok for you, there is no reason to upgrade.
So far I''ve been very pleased with the stability of the 2.2 release and
attribute much of that to the new release model.
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.1
2007 Mar 26
0
Re: Expected handling of [SYN] when expecting[SYN, ACK]?
Hi Tom,
Many thanks for that, that''s really helped. Netfilter is indeed dropping
the packets as invalid.
Thanks and regards,
Frances
-----Original Message-----
From: Tom Eastep [mailto:teastep@shorewall.net]
Sent: 23 March 2007 18:05
To: Shorewall Users
Subject: Re: [Shorewall-users] Expected handling of [SYN] when
expecting[SYN, ACK]?
Frances Flood wrote:
> Basically, if the
2005 Apr 07
4
Shorewall 2.2.3
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.3
ftp://shorewall.net/pub/shorewall/2.2/shorewall-2.2.3
Problems Corrected:
1) If a zone is defined in /etc/shorewall/hosts using
<interface>:!<network> in the HOSTS column then startup errors occur
on "shorewall [re]start".
2) Previously, if "shorewall status" was run on a system whose kernel
lacked
2005 May 02
1
Shorewall 2.2.4
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.4
ftp://shorewall.net/pub/shorewall/2.2/shorewall-2.2.4
Problems Corrected:
1. The error message:
Error: No appropriate chain for zone <z1> to zone <z2>
has been changed to one that is more self-explanatory:
Error: No policy defined for zone <z1> to zone <z2>
2. When only an
2004 Nov 30
2
RE: [Shorewall-devel] SFTP
On Tue, 2004-11-30 at 12:17 +0700, Matthew Hodgett wrote:
>
> As for the 169.254 issue I tried to search the archives but got nothing.
> I then tried to search on generic words, nothing. I then tried some
> really common words like ''help'', ''initiated'', ''masq'' - nothing. I think
> the index might be corrupt because I get no
2007 Mar 23
1
Expected handling of [SYN] when expecting [SYN, ACK]?
Hi,
I''ve been developing a peer-to-peer application, and have recently been
trying to add STUNT
(http://www.cis.nctu.edu.tw/~gis87577/xDreaming/XSTUNT/Docs/XSTUNT%20Ref
erence.htm) to allow firewall/NAT traversal. I got a box with Shorewall
to use for testing, and am now trying to work out whether Shorewall is
actually designed to prevent such connections? I notice in the FAQs that
2008 May 29
1
shorewall & ipsec rules with "FORWARD:DROP" packets
I have been working really hard configuring and researching very
extensively, trying to figure why we are getting
"Shorewall:FORWARD:DROP" packets. IPSEC works just fine without the
iptable rules created by our shorewall configs but when starting
shorewall and creating the iptables I noticed the packets are dropped.
I know it is a config situation but I am totally racking my brain as
2006 Feb 08
15
[Bug 443] 2.6 kernel failing in NAT with significant outbound traffic
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=443
------- Additional Comments From nothingel@hotmail.com 2006-02-08 05:35 MET -------
I also, the situation described in bug ID 322 seemed related and I tried the
patch from Phil Oester but it did not make a difference.
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving
2004 Nov 07
2
Shorewall.net is available again.
Although it took considerably longer than I had planned, the upgrade of my
firewall has been completed.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
2005 May 05
4
Shorewall 2.3.0
http://shorewall.net/pub/shorewall/2.3/shorewall-2.3.0
ftp://shorewall.net/pub/shorewall/2.3/shorewall-2.3.0
WARNING: This is a development release and may be unstable
New Features in version 2.3.0
1) Shorewall 2.3.0 supports the ''cmd-owner'' option of the owner match
facility in Netfilter. Like all owner match options, ''cmd-owner'' may
only be applied to