Displaying 20 results from an estimated 20000 matches similar to: "Shorewall 2.0.0b"
2004 Sep 23
0
Fwd: RE: 2.6 kernel ipsec and shorewall
FYI...
---------- Forwarded Message ----------
Subject: RE: [Shorewall-users] 2.6 kernel ipsec and shorewall
Date: Thursday 23 September 2004 07:44
From: "Jonathan Schneider" <jon@clearconcepts.ca>
To: "''Tom Eastep''" <teastep@shorewall.net>
I must have been up too late working on this, looking at it the next day I
noticed I completely forgot
2004 Nov 02
0
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2004 Nov 02
3
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2004 Aug 16
2
Re: [Shorewall-announce] Shorewall 2.1.4
Magnus Hyllander wrote:
>
> I guess what I''m wondering is, how does Shorewall (netfilter) know which
> zone a certain road warrior belongs to?
I''ve just completed getting dynamic zones working with ipsec again. A
dynamic IPSEC zone is defined in /etc/shorewall/zones by following the
short name (first column) with ":ipsec". The code is in CVS.
There are a
2004 Sep 29
0
Re: Shorewall-users Digest, Vol 22, Issue 65
Hi
I have 2nic firewall . I had to open some ranges of udp and tcp ports . I
faced a problem that although all the ports are open Some functionality was
not working . Any body used shorewall with H323 Voip traffic DNATed . Any
help is appretiated .
Thanks
----- Original Message -----
From: <shorewall-users-request@lists.shorewall.net>
To: <shorewall-users@lists.shorewall.net>
Sent:
2004 Apr 16
0
Shorewall 1.4.10e
This change rolls up the fix for the long-standing ProxyARP/IPSEC
incompatibility. The fix has been available for some time on the 1.4
Errata page.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2004 Aug 19
0
Shorewall 2.1.5
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://shorewall.net/pub/shorewall/2.1/shorewall-2.1.5
ftp://shorewall.net/pub/shorewall/2.1/shorewall-2.1.5
This completes the implementation of Kernel 2.6 IPSEC support in Shorewall.
Documentation is still minimal -- see the releasenotes and
http://shorewall.net/IPSEC-2.6.html
- -Tom
- --
Tom Eastep \ Nothing is foolproof to a sufficiently
2004 Aug 14
0
Shorewall 2.1.4
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://shorewall.net/pub/shorewall/2.1/shorewall-2.1.4
ftp://shorewall.net/pub/shorewall/2.1/shorewall-2.1.4
Contains improvements to the support for kernel 2.6 IPSEC.
Warning: The Netfilter IPSEC changes that this version of Shorewall
depends on do not appear to work properly with bridging. I therefore
recommend that you not try ipsec to/from a
2004 Aug 07
1
Shorewall 2.1.3
http://shorewall.net/pub/shorewall/2.1/shorewall-2.1.3
ftp://shorewall.net/pub/shorewall/2.1/shorewall-2.1.3
This version includes my first cut at IPSEC support for 2.6 Kernels with
the new policy match facility. That facility must be installed using
patch-o-matic-ng as described on the Netfilter site. I''m anticipating
that the facility will be part of standard kernels by the time
2005 Jan 15
2
Re: Shorewall - Bridging with Gentoo
Joshua Schmidlkofer wrote:
> Tom Eastep wrote:
>
>> Joshua Schmidlkofer wrote:
>>
>>> Tom,
>>>
>>> Here is the setup method w/ Bridging on Gentoo.
>>>
>>
>> Thanks, Joshua
>>
>> -Tom
>
>
> Off topic - Has anyone cooked up a good web front end? I am messing w/
> IPCop, because one of my clients uses it.
2005 Jan 07
1
Shorewall 2.2.0 RC4
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC4
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC4
New Features:
1. A listing of loaded iptables kernel modules is now included in the
output of "shorewall status".
Problems Corrected.
1. Several problems associated with processing the IPSEC column in
/etc/shorewall/masq have been corrected.
-Tom
--
2004 Nov 27
2
Shorewall 2.2.0 Beta 6
Ok -- I''m wearing the brown bag tonight (I''ve airmailed one to Tuomas as
well :-) ).
The IPTABLES patch had some problems when IPTABLES was not set
in /etc/shorewall/shorewall.conf. Beta 6 fixes those (I hope) and also
corrects a rather obscure problem with "shorewall add" when the "mss"
option appears in /etc/shorewall/ipsec.
-Tom
--
Tom Eastep \
2004 Nov 19
0
Shorewall 2.2.0 Beta 4
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta4
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta4
Problems Corrected:
1. A cut and paste error resulted in some nonsense in the
description of the IPSEC column in /etc/shorewall/masq.
2. A typo in /etc/shorewall/rules has been corrected.
3. The bogons file has been updated.
4. The
2004 Oct 24
0
Shorewall 2.2.0 Beta 1
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The first beta in the 2.2 series is now available. Download location is:
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta1
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta1
The features available in this release and the migration considerations
are covered in the release notes. Highlights include:
1. The behavior
2004 Feb 03
0
Shorewall 2.0 and Routing
There have been a number of questions recently about Shorewall 2.0 and
routing. In earlier posts, I said that Shorewall 2.0 would no longer alter
the routing table as part of setting up Proxy ARP.
I have been persuaded to take a different approach.
In Shorewall 2.0.0-Alpha2, the HAVEROUTE column has been restored to the
proxyarp file and a new PERSISTENT column has been added. If the
2005 Jan 04
0
IPSEC-Netfilter patch for 2.6.10
A merged patch usable on 2.6.10 has been placed in:
http://shorewall.net/pub/shorewall/contrib/IPSEC/ipsec-nat-2.6.10.patch
ftp://shorewall.net/pub/shorewall/contrib/IPSEC/ipsec-nat-2.6.10.patch
This patch was posted today on the Netfilter Development list -- I have
not tested it.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
2004 Jan 22
5
Shorewall 1.4.10 RC1
I''m doing more releases of 1.4.* to try to work around the absurd way in which
the 2.6 kernel supports ipsec.
1.4.10 will provide a means for excluding multiple destination hosts/subnets
from masquerade/SNAT.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2005 Apr 01
6
Shorewall and SuSE 9.3
The basic functionality of Shorewall 2.2.2 works fine with the
soon-to-be-released SuSE 9.3 (I have an early copy). I''ll be trying it
over the weekend with more complex configurations involving IPSEC and
OpenVPN.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \
2004 Sep 16
0
Shorewall-2.1.9
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://shorewall.net/pub/shorewall/2.1/shorewall-2.1.9
ftp://shorewall.net/pub/shorewall/2.1/shorewall-2.1.9
Problems Corrected:
1) IP ranges in the routestopped and tunnels files now work.
2) Rules where an IP range appears in both the source and destination
~ now work correctly.
3) With complex proxy arp configurations involving two or
2005 Mar 12
0
Shorewall 2.2.2
Shorewall 2.2.2 is now available.
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.2
ftp://shorewall.net/pub/shorewall/2.2/shorewall-2.2.2
Problems Corrected:
1. The SOURCE column in the /etc/shorewall/tcrules file now correctly
allows IP ranges (assuming that your iptables and kernel support
ranges).
2. If A is a user-defined action and you have file /etc/shorewall/A