Displaying 20 results from an estimated 6000 matches similar to: "Shorewall 1.4.7 RC2"
2004 Jan 09
32
Ideas for Shorewall 2.0
I''m beginning to think again about what will be different in 2.0. Here
are some thoughts.
a) User-defined actions will be emphasized.
- A library of actions will be available with names such as:
AcceptSSH
AcceptDNS
DropWindows (drops all SMB noise)
DropBroadcasts (Silently drop all Broadcast traffic)
...
The possibilities are nearly endless but should
2003 Oct 06
2
Shorewall 1.4.7
Shorewall 1.4.7 is now available at:
http://shorewall.net/pub/shorewall/shorewall-1.4.7
ftp://shorewall.net/pub/shorewall/shorewall-1.4.7
It will be available at your favorite mirror shortly.
The release notes are attached.
As always, many thanks go to Francesca Smith for updating the sample
configurations for this release.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently
2002 May 14
3
[Shorewall-users] Redirect loc::80 to fw::3128 not work (fwd)
I''m beginning to believe that the use of the last column in the rules file
to designate redirection/forwarding is too subtle for many users. For 1.3,
I think I''ll do something like the following:
Current rule:
ACCEPT net loc:192.168.1.3 tcp 80 - all
New rule:
FORWARD net loc:192.168.1.3 tcp 80
Current rule:
ACCEPT net fw::3128 tcp 80 - all
New rule:
REDIRECT net
2006 Mar 02
4
The inaugural Shorewall survey!
Greetings to all of the Shorewall community!
We''d like to find out a little more about the environments in which
Shorewall runs, and to this end i''ve created a survey. It is mostly
designed to allow Shorewall users to see how their environment compares
with that of the average Shorewall user (if such a thing exists!), but
the results may be used by the Shorewall team to assist
2004 Dec 26
1
Preparing for Shorewall 2.2 -- End of Support for Shorewall 1.4 is near!
Shorewall 2.2.0 is expected to be released in the February/March
timeframe so it is now time to begin thinking about preparing to
upgrade. This is particularly important for those of you still running
Shorewall 1.4 since support for that version will end with the release
of 2.2.
For those of you still running Shorewall 1.4, here are some things that
you can do ahead of time to ease the upgrade to
2004 Feb 10
1
Preparing for Shorewall 2.0
Shorewall 2.0.0 is now in Beta so this is a good time to begin thinking about
preparing to migrate to the 2.0 Shorewall series.
Shorewall 2.0 makes a number of incompatible changes in the configuration
files. Luckily, you will be able to make changes ahead of time to your 1.4
configuration that will ease the migration when the time comes.
a) Shorewall 2.0 doesn''t allow you to specify
2004 Nov 04
0
Preparing for Shorewall 2.2
Shorewall 2.2.0 is expected to be released in the February/March
timeframe so it is now time to begin thinking about preparing to
upgrade. This is particularly important for those of you still running
Shorewall 1.4 since support for that version will end with the release
of 2.2.
For those of you still running Shorewall 1.4, here are some things that
you can do ahead of time to ease the upgrade to
2005 May 27
3
Re: Shorewall development web site (Mike Noyes)
Hello,
I leave for a couple days .. (Well months) and look at what has
happened. :-)
I would throw my support in behind Xoops .. to be honest ..
If a portal is what we are trying to achieve here.
I just happen to think that sometimes .. More work goes into web design
etc than goes into actual Code.
But thats because I am a lamer at web design :-)
I am coming in here a bit late .. But tell
2004 Jan 31
5
Shorewall 2.0.0 Alpha 1
http://shorewall.net/pub/shorewall/Alpha/shorewall-2.0.0
ftp://shorewall.net/pub/shorewall/Alpha/shorewall-2.0.0
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2003 Aug 25
5
Shorewall 1.4.7 Beta 1
http://shorewall.net/pub/shorewall/Beta
ftp://shorewall.net/pub/shorewall/Beta
Problems Corrected since version 1.4.6:
1) Corrected problem in 1.4.6 where the MANGLE_ENABLED variable was
being tested before it was set.
2) Corrected handling of MAC addresses in the SOURCE column of the
tcrules file. Previously, these addresses resulted in an invalid
iptables command.
3) The
2005 Jun 30
10
Long Shorewall Startup Times Revisited
Hello,
With reference to the problems listed below. I too am having
incredibly long start up times. I''m talking minutes here (around 5
minutes).
My configuration is not complex I don''t think. We are you using ldap
too and the settings are bellow. The network is up as I''m restarting
shorewall whilst the machine is running.
Any suggestions? Is there no way to
2005 Jun 01
5
use of shell code in shorewall/params
The params file appears to be simply "sourced" by the firewall script,
which means one can put any Bourne shell code into it and it will
execute it. This feature isn''t documented, so I''m wondering if it can
be documented and thus guaranteed to always work. I''d like to dig out
the IP parameters of my interface cards from the ifcfg-eth? files and
set shorewall
2005 Jan 05
22
Shorewall and IPV6
As 2.2.0 is nearing release, I''ve begun to think about what I''ll do for
2.3 and I think that it is time for Shorewall to add support for IPV6.
Because of parsing ambiguities, the need to maintain upward
compatibility with both Shorewall and 6Wall, and different available
functionality in IPV4 and IPV6 Netfilter, I believe that it is going to
be necessary for some files to be
2004 Nov 09
9
Dyndns
Hi,
I''ve a little problem, I hope so..
First a hint, I haven''t a static IP - Adress and so I used a dyndns
Provider.
In DMZ runs a sftp server. It should accessible from net. My router is
forwarding the traffic from port 22 to the machine in DMZ. Now, in
basic installation I have rfc1918-dropping configured by net
interface.
My problem:
If rfc1918 dropping is on I
2005 Mar 04
9
strange behaviour with rulesets
hi,
i have a strange situtation. i try to connect to my machine with ssh and
the packets are dropped but i have at the top of my rules an accept.
the configuration looks like:
rules-file:
-----------
ACCEPT net fw tcp 22 -
TCPDUMP-log:
------------
12:16:08.153934 84.153.98.30.1322 > [my-destination-machine].ssh: S
3717288415:3717288415(0) win 64240 <mss
2002 Jun 04
1
IANA Reserved Addresses Tool
Andy Wiggin has contribued a Python program that reads
http://www.iana.org/assignments/ipv4-address-space and creates a list of
reserved subnets suitable for inclusion in /etc/shorewall/rfc1918. The
list produced by Andy''s program will be included in the rfc1918 file
included in version 1.3.2 (it''s available now from CVS).
Thanks Andy!
-Tom
--
Tom Eastep \ Shorewall -
2005 Jul 03
2
Bridging and Shorewall.
Hi Folks,
Can i transform my firewall into a bridge (Mean Nic to Nic), in the
ethernet level (Not protocal, Ip''s etc) and also use shorewall ?
Than make a Layer 2 Switch with netfilter rules to all Ip''s in my network ?
I have 4 whole real classes and want to protect the people inside.
With proxyarp works but sometimes fail (People loose connection etc)
Just with switchs and my
2004 Nov 30
2
RFC1918 all of a sudden?
Is my RFC1918 file obsolete? I have been assigned an ip in the
83.0.0.0/8 range, and of cource a lot of Shorewall systems drop me with
a RFC1918 error.
So, is my ISP actually giving me a RFC1918 IP, or am I missing
something?
.
2005 Jun 24
4
Chat servers?
Anyone know how/where we can get some?
It has been raised before:
http://lists.shorewall.net/pipermail/shorewall-users/2004-July/013594.html
I''d like to see an IRC or Jabber service for both support and development.
--
Paul
<http://paulgear.webhop.net>
--
Did you know? OpenOffice.org has built-in PDF creation. Better yet,
it''s compatible with Microsoft Office, and
2004 Apr 19
3
multiples firewall, rules repartitions
Hello,
Usually when i''ve a hole to poke through firewalls,
i have many hosts to update :
workstation firewall, lan firewall, the other lan firewall, and the
server behind the last firewall.
all of them are managed with shorewall...
Is there a smart way to update them all at once ?
What you guys do on your firewalls ?
thanks.
--
xavier