Displaying 20 results from an estimated 10000 matches similar to: "Shorewall 2.0.6"
2005 Feb 02
1
Shorewall 2.0.16
This release back-ports the DROPINVALID shorewall.conf option from 2.2.0.
1) Recent 2.6 kernels include code that evaluates TCP packets based on
TCP Window analysis. This can cause packets that were previously
classified as NEW or ESTABLISHED to be classified as INVALID.
The new kernel code can be disabled by including this command in
your /etc/shorewall/init file:
echo 1
2004 Dec 11
0
Shorewall 2.2.0 Beta 8
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta8
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta8
Problems Corrected:
1. A typo in the /etc/shorewall/interfaces file has been corrected.
2. Previously, the "add" and "delete" commands were generating
incorrect policy matches when policy match support was
available.
New
2005 May 20
1
Shorewall 2.2.5
This will be my last 2.2 release. It contains a couple of small bug
fixes that I had laying around.
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.5
ftp://shorewall.net/pub/shorewall/2.2/shorewall-2.2.5
1) Previously, if PKTTYPE=No in shorewall.conf then pkttype match would
still be used if the kernel supported it.
2) A typo in the ''tunnel'' script has been corrected
2004 Jul 21
2
Small Modification to the Shorewall Release Model
After gaining some experience with the new release model, it has become
apparent to me that a small adjustment is warrented. I previously
announced that updates to the stable release would only contain bug
fixes. I''m modifying that slightly to allow for small low-risk
enhancements; large and/or risky enhancements will still be restricted
to the development release.
We have seen this
2004 Aug 28
0
Shorewall 2.1.7
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
In this release:
1) Dynamic Ipsec Zones now work.
2) Output Traffic Accounting by user/group is supported (thanks to
Tuomas Jormola).
3) The following negative test options are added in /etc/shorewall/ipsec
and /etc/shorewall/masq:
reqid!=<number>
spi!=<number>
proto!=esp|ah|ipcomp
mode!=tunnel|transport
2004 Sep 27
1
Re: routing between networks on same
Hi Tom,
Thank you for your quick reply.
I aplied changes as you suppose, and now users can
comunicate each with others. - thank you very much.
I have just one aditional question regarding
PKTTYPE=No variable.
I didnt find it in shorewall.conf so I simply add it
at the end of conf file (above #Last line :-) ) So
question is it is standard feature of shorewall, and
from which version it is
2004 Nov 02
0
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2004 Nov 02
3
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2004 Sep 23
0
Fwd: RE: 2.6 kernel ipsec and shorewall
FYI...
---------- Forwarded Message ----------
Subject: RE: [Shorewall-users] 2.6 kernel ipsec and shorewall
Date: Thursday 23 September 2004 07:44
From: "Jonathan Schneider" <jon@clearconcepts.ca>
To: "''Tom Eastep''" <teastep@shorewall.net>
I must have been up too late working on this, looking at it the next day I
noticed I completely forgot
2005 Dec 08
3
trouble with shorewall on Mandriva 2006 (2nd)
(Sorry, my previous post was sent in HTML format)
I am having a hell of a time with shorewall...
I have a Dlink DCM202 Cable modem with the Ethernet connected directly to
eth0 on the linux box. Then I have a second nic on the linux box connected
to a hub for
the internal network.
I am trying to allow traffic from the internet connect to my FTP and WEB
servers on my Winbloze box on the lan.
2004 Sep 29
0
Re: Shorewall-users Digest, Vol 22, Issue 65
Hi
I have 2nic firewall . I had to open some ranges of udp and tcp ports . I
faced a problem that although all the ports are open Some functionality was
not working . Any body used shorewall with H323 Voip traffic DNATed . Any
help is appretiated .
Thanks
----- Original Message -----
From: <shorewall-users-request@lists.shorewall.net>
To: <shorewall-users@lists.shorewall.net>
Sent:
2004 Jan 12
0
Shorewall2 -- now running on gateway.shorewall.net
I''ve gotten the basic code working on my firewall.
So that I can quickly get back online if I screw up, I''m currently calling it
shorewall2. That way if it screws up I can just "shorewall restart".
/sbin/shorewall2 -- command interpreter
/etc/shorewall2/ -- configuration files
/usr/share/shorewall2/ -- shared files
Both Shorewall and Shorewall2 use the
2005 May 31
2
Local machine not through firewall
Currently I have shorewal 2.2 installed om my debian 2.6.8 kernel. The firewall machine can access the internet via a ethernet modem fine. The firewall can ping the local network. The local network can ping the firewall server, see the samba files. Howeven teh local network cannot access the internet through the firewall
Any suggestions?
Rob van Overbruggen
Settings and stats:
Server:
Eth1 :
2006 Jan 28
3
Shorewall/Xen setup (correct from-address this time)
(if this post gets line-feed-mangled please read
http://www.dl.reneschmidt.de/shorewallxenpost.txt - that''s an unmangled
version, thank you)
Hello,
first I would like to thank the Mr. Eastep and contributors for this great piece
of software and superb documentation.
I have a SOHO server (Debian testing) that I''m using for several purposes so
I''ve set up a Xen
2005 Jan 03
1
RE: Outlook Web Access behind shorewall firewalldoesn''t work
Thanks for such a quick reply Tom!
Any suggestions then as to what I might do other than putting a second
nic in the SBS and opening it up for web access? I don''t like the idea,
but since MS SBS includes fireall that is actually what MS suggests.
Boyd
-----Original Message-----
From: Tom Eastep [mailto:teastep@shorewall.net]
Sent: January 3, 2005 3:05 PM
To: Shorewall Users
Cc: Boyd
2005 May 25
9
Newbie going through a probably stupid thing
Believe me:
Read the FAQ
Checked over and over
This might be toooooo stupid to be documented.
Please bear with me. Any help ?
Situation: single card standalone "firewall" (used like a "personal
firewall"). Have sshd running on the FW. Want the sshd daemon to be
accessible only from 2 LANs:
1) My other home LAN machine
2) IBM intranet machines (9.0.0.0)
Whatever I have
2005 Aug 15
0
[Fwd: Shorewall in (IN)SECURE Magazine]
FYI -- A small blurb on page 45.
-------- Original Message --------
Subject: Shorewall in (IN)SECURE Magazine
Date: Tue, 16 Aug 2005 00:10:51 +0200
From: Mirko Zorz <mirko.zorz@net-security.org>
To: teastep@shorewall.net
Hello Tom,
I thought you would be interested to know that Shorewall has been
featured in the Software Spotlight section of the third issue of
(IN)SECURE, a free security
2005 Mar 30
1
RE: Shorewall and an inline IDS(snort-inlineorhogwash)
Plus I would like to let you know that it works like a charm.
Snort can now see those packets.
-----Original Message-----
From: shorewall-users-bounces@lists.shorewall.net
[mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of
Thibodeau, Jamie L.
Sent: Wednesday, March 30, 2005 9:25 AM
To: Mailing List for Shorewall Users
Subject: RE: [Shorewall-users] Shorewall and an inline
2005 Mar 14
0
New Home for www.shorewall.net/ftp.shorewall.net
Alex Martin has completed installation of a new server in the San Jose
area and we''ve switched the DNS CNAME records for www.shorewall.net and
ftp.shorewall.net to point to that new server.
Please let us know if there are problems.
My personal thanks go to Alex for his continuing contribution to Shorewall.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
2005 Mar 22
0
Re: [Shorewall-devel] Shorewall
Carl Raeside wrote:
> Tom,
>
> How is it going? Quick questions.
>
> 1. the link to the Mandrake rpms seems to not have the shorewall rpm in
> it.
http://www.monkeynoodle.org/comp/net/shorewall/
>
> 2. this link seems to be dead any other sources ? Iproute ?
>
> Iproute ("ip" utility). The iproute package is included with most
> distributions