similar to: Redhat/Fedora specific RPMs

Simon Matter has graciously volunteered to provide RPMs taylored for Redhat and Fedora. You can download Simon''s RPMs from http://www.invoca.ch/pub/packages/shorewall/ Thanks, Simon! -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \

FYI... ---------- Forwarded Message ---------- Subject: RE: [Shorewall-users] 2.6 kernel ipsec and shorewall Date: Thursday 23 September 2004 07:44 From: "Jonathan Schneider" <jon@clearconcepts.ca> To: "''Tom Eastep''" <teastep@shorewall.net> I must have been up too late working on this, looking at it the next day I noticed I completely forgot

I''m pleased to announce that Shorewall 3.4.0 Beta 1 is available at ftp://shorewall.net/pub/shorewall/development/3.4/shorewall-3.4.0-Beta1 and at mirror sites world wide. The release notes can be viewed at ftp://shorewall.net/pub/shorewall/development/3.4/shorewall-3.4.0-Beta1/releasenotes.txt Release Highlights 1) Shorewall can now be taylored to reduce its footprint on embedded

FYI This bug will prevent ''shorewall restore'' from working if you have "!<single IP address>" in the ORIGINAL DEST column. -Tom ---------- Forwarded Message ---------- Subject: [PATCH] Another iptables-save buglet Date: Wednesday 14 September 2005 15:09 From: Tom Eastep <teastep@shorewall.net> To: netfilter-devel@lists.netfilter.org The conntrack

Hi I have 2nic firewall . I had to open some ranges of udp and tcp ports . I faced a problem that although all the ports are open Some functionality was not working . Any body used shorewall with H323 Voip traffic DNATed . Any help is appretiated . Thanks ----- Original Message ----- From: <shorewall-users-request@lists.shorewall.net> To: <shorewall-users@lists.shorewall.net> Sent:

http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 Problems Corrected: 1. The "shorewall check" command results in the (harmless) error message: /usr/share/shorewall/firewall: line 2753: check_dupliate_zones: command not found 2. The

http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 Problems Corrected: 1. The "shorewall check" command results in the (harmless) error message: /usr/share/shorewall/firewall: line 2753: check_dupliate_zones: command not found 2. The

http://shorewall.net/pub/shorewall/2.0/shorewall-2.0.14 ftp://shorewall.net/pub/shorewall/2.0/shorewall-2.0.14 New Features: 1. Previously, when rate-limiting was specified in /etc/shorewall/policy (LIMIT:BURST column), any traffic which exceeded the specified rate was silently dropped. Now, if a log level is given in the entry (LEVEL column) then drops are logged

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As I pointed out to Wilson in a private message, this appears to show that no other connection requests (other than port 3000) are being sent from the client to the server (or at least no other connection requests are being received by the Shorewall box). Wilson: Are you sure that the client is supposed to open port 3001 on the server and not the

The current CVS Project Shorewall2/ contains my implementation of this feature. Thanks go to Xavier for ideas about the design. Xavier -- please give my code a try and see if it works ok for you. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net

Thanks for such a quick reply Tom! Any suggestions then as to what I might do other than putting a second nic in the SBS and opening it up for web access? I don''t like the idea, but since MS SBS includes fireall that is actually what MS suggests. Boyd -----Original Message----- From: Tom Eastep [mailto:teastep@shorewall.net] Sent: January 3, 2005 3:05 PM To: Shorewall Users Cc: Boyd

>-----Original Message----- >From: Ama Kalu [mailto:ama.kalu@cwlgroup.net] >Sent: Wednesday, November 19, 2003 9:07 PM >To: ''Tom Eastep'' >Subject: RE: [Shorewall-users] logwatch > >Thanks Tom and Andrew, > >About 2 months ago, I setup the most current (at the time) version of >logwatch, it required a service filter for IPTABLES which I did not have

Hi Tom, Many thanks for that, that''s really helped. Netfilter is indeed dropping the packets as invalid. Thanks and regards, Frances -----Original Message----- From: Tom Eastep [mailto:teastep@shorewall.net] Sent: 23 March 2007 18:05 To: Shorewall Users Subject: Re: [Shorewall-users] Expected handling of [SYN] when expecting[SYN, ACK]? Frances Flood wrote: > Basically, if the

As most of you already know, I have decided to terminate my involvement with the Shorewall project. Many of you have written to me expressing concern about the future of Shorewall and some of you have offered to help in various ways. I''m sending this post to assure you that Shorewall is not going away and that capable people are commited to ensuring that Shorewall continues. Paul Gear

Plus I would like to let you know that it works like a charm. Snort can now see those packets. -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of Thibodeau, Jamie L. Sent: Wednesday, March 30, 2005 9:25 AM To: Mailing List for Shorewall Users Subject: RE: [Shorewall-users] Shorewall and an inline

No, i did it normally. So it seems a router misconfiguration, doesn`t it? if so, tomorrow i will call the customer support. Glad it is not my fault :-) -- Ciao Nico ----- Messaggio originale ----- Da: "Tom Eastep"<teastep@shorewall.net> Inviato: 07/06/04 20.27.28 A: "Mailing List for Shorewall Users"<shorewall-users@lists.shorewall.net> Oggetto: Re:

In policy $FW Net ACCEPT Dump.rar join THX -----Message d''origine----- De : shorewall-users-bounces@lists.sourceforge.net [mailto:shorewall-users-bounces@lists.sourceforge.net] De la part de Tom Eastep Envoyé : jeudi 12 octobre 2006 21:22 À : Shorewall Users Objet : Re: [Shorewall-users] Tc rules Help with multiISP + squid& squidguard... Joffrey FLEURICE wrote: > > >

Yessssssssssssssssssss !! THANKSS it Works !!!! Thanks a lot, if you come to Lille,France I''ll Offer you a big Beer) Joffrey -----Message d''origine----- De : shorewall-users-bounces@lists.sourceforge.net [mailto:shorewall-users-bounces@lists.sourceforge.net] De la part de Tom Eastep Envoyé : jeudi 19 octobre 2006 21:46 À : Shorewall Users Objet : Re: [Shorewall-users] Tcrules

In policy : -----Message d''origine----- De : shorewall-users-bounces@lists.sourceforge.net [mailto:shorewall-users-bounces@lists.sourceforge.net] De la part de Tom Eastep Envoyé : jeudi 12 octobre 2006 21:22 À : Shorewall Users Objet : Re: [Shorewall-users] Tc rules Help with multiISP + squid& squidguard... Joffrey FLEURICE wrote: > > > All works, but no surf with

Shoot! Sorry Tom. I thought I replaced your e-mail address with the shorewall list address. I got it working!!! I finally figured out what I was doing wrong. Pays to write down what I want to accomplish versus flying by the seat mof my pants. The ACCEPT+ is G R E A T! Took care of some of my issues along with removing the redirect rule (yeah, yeah...I should have thought it over more