similar to: Snapshot 20030637

Displaying 20 results from an estimated 10000 matches similar to: "Snapshot 20030637"

2003 Jun 29
3
Snapshot 20030629
Problems Corrected: 1) A problem seen on RH7.3 systems where Shorewall encountered start errors when started using the "service" mechanism has been worked around. 2) A problem introduced in earlier snapshots has been corrected. This problem caused incorrect netfilter rules to be created when the destination zone in a rule was qualified by an address in CIDR format.
2003 Jul 04
3
Shorewall 1.4.6 Beta 1
Beta 1 is now available at: http://shorewall.net/pub/shorewall/testing ftp://shorewall.net/pub/shorewall/testing This is a minor release of Shorewall. Problems Corrected: 1) A problem seen on RH7.3 systems where Shorewall encountered start errors when started using the "service" mechanism has been worked around. 2) Where a list of IP addresses appears in the DEST column of a
2003 Jul 21
0
Shorewall 1.4.6
Shorewall 1.4.6 is now available. Thanks to Francesca Smith, the 1.4.6 Sample configurations are also available. The release is currently available at: http://shorewall.net/pub/shorewall ftp://shorewall.net/pub/shorewall It will be available at the other mirrors shortly. This is a minor release of Shorewall. Problems Corrected: 1) A problem seen on RH7.3 systems where Shorewall encountered
2003 Jun 27
1
More re: Snapshot 20030627
I failed to save the changelog before creating the snapshot -- here it is: Changes since 1.4.5 1) Worked around RH7.3 "service" anomaly. 2) Implemented ''newnotsyn'' interface option. 3) Document range in masq ADDRESS column and suppress ADD_SNAT_ALIASES behavior in that case. 4) Enable ADD_SNAT_ALIASES=Yes for SNAT ranges. 5) Allow Shorewall to add aliases to
2003 Jun 23
0
Snapshot 20030623
Problems Corrected: 1) A problem seen on RH7.3 systems where Shorewall encountered start errors when started using the "service" mechanism has been worked around. New Features: 1) A ''newnotsyn'' interface option has been added. This option may be specified in /etc/shorewall/interfaces and overrides the setting NEWNOTSYN=No for packets arriving on the
2002 May 14
3
[Shorewall-users] Redirect loc::80 to fw::3128 not work (fwd)
I''m beginning to believe that the use of the last column in the rules file to designate redirection/forwarding is too subtle for many users. For 1.3, I think I''ll do something like the following: Current rule: ACCEPT net loc:192.168.1.3 tcp 80 - all New rule: FORWARD net loc:192.168.1.3 tcp 80 Current rule: ACCEPT net fw::3128 tcp 80 - all New rule: REDIRECT net
2002 May 14
4
Redirect loc::80 to fw::3128 not work
The rule: ACCEPT loc $FW::3128 tcp www doesn''t work propertly, the http access does not redirect to squid but directly exit. what''s wrong? Thanks ------- Dario Lesca (d.lesca@ivrea.osra.it) -------------------------------------- @@@@@@@ this is my shorewall-1.2.13 config: #[/etc/shorewall/common.def]-----------------------------------------------
2003 Mar 25
7
DNAT not working after changing BIND to use views
Hello all: I''ve got a confusing issue. I had a working shorewall configuration (based on the two interface model) using DNAT for redirection to my HTTP server. The HTTP server is on my inside network (I know - bad juju, but one thing at a time). I changed my configuration this morning to use views in my BIND (named) configuration. Everyone outside the firewall is able to get in
2003 Jun 22
0
Snapshot 1.4.5_20030621
Problems Corrected: 1) A problem seen on RH7.3 systems where Shorewall encountered start errors when started using the "service" mechanism has been worked around. New Features: 1) A ''newnotsyn'' interface option has been added. This option may be specified in /etc/shorewall/interfaces and overrides the setting NEWNOTSYN=No for packets arriving on the
2003 Aug 12
1
Shorewall Keeps sending false IP Address Conflict
Dear All, After installing Shorewall, on a router with 4 NIC, seems running ok. Next day, when connecting from clients, (MS) we keep getting ip conflict for non-conflicting ip addresses. Any help is appreciated. Detals of Startup: + shift + nolock= + ''['' 1 -gt 1 '']'' + trap ''my_mutex_off; exit 2'' 1 2 3 4 5 6 9 + command=start +
2005 Apr 19
14
allow ssh access from net to fw?
Hi, I''m trying to enable ssh (when that works, want to add:pop3s,smtp,web) from the internet to the firewall but it does not work. I managed to DNAT ftp to a host in the loc network (192.168.0.50) successful but I don''t know why SSH: Does not work for me: ACCEPT net fw tcp 22 Works from the loc network: ACCEPT loc fw tcp 22 I have tried also with (no success): AllowSSH
2005 Mar 10
7
norfc1918 not working in SW 2.2.1?
Hello all, Yesterday I noticed that my system was "leaking" traffic towards the 10/8 network, I have shorewall installed on multiple machines ranging from single interface devices to ones with 10+ interfaces. I tested all the boxes and they are showing the same behavior. All systems are CentOS 3.4, 2.4.21-27.0.2.ELsmp. Shorewall version: 2.2.1 For the host mentioned is a single
2005 May 31
11
More Tests for 2.4.0-RC2 - strange behaviour
Hi all, I was trying to test ROUTE specific code with a multi-isp serviced box. There is a bug somewhere, but I''m not able to understand what the real problem is: when I issue a "shorewall show capabilities" I get: Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Shorewall has
2003 Oct 06
2
Shorewall 1.4.7
Shorewall 1.4.7 is now available at: http://shorewall.net/pub/shorewall/shorewall-1.4.7 ftp://shorewall.net/pub/shorewall/shorewall-1.4.7 It will be available at your favorite mirror shortly. The release notes are attached. As always, many thanks go to Francesca Smith for updating the sample configurations for this release. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently
2003 Aug 22
0
Snapshot 20030821
http://shorewall.net/pub/shorewall/Snapshots ftp://shorewall.net/pub/shorewall/Snapshots Problems Corrected since version 1.4.6: 1) Corrected problem in 1.4.6 where the MANGLE_ENABLED variable was being tested before it was set. 2) Corrected handling of MAC addresses in the SOURCE column of the tcrules file. Previously, these addresses resulted in an invalid iptables command. 3) The
2003 Aug 13
0
Snapshot 1.4.6 20030813
http://shorewall.net/pub/shorewall/Snapshots ftp://shorewall.net/pub/shorewall/Snapshots Release Notes are attached Changes since last Snapshot: a) The per-interface dynamic blacklisting chains are now displayed by "shorewall monitor" b) IP Traffic Accounting support has been added. c) Rules may now be rate-limited. d) Bridge interfaces (br[0-9]) may now appear in entries in the
2007 Nov 10
2
Access Point with Ethernet.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi: I have a small infrastructure of network of local area, that are based on a computer, with computer and with a Point Access, with Debian Etch 4.0r1. With Shorewall 3.2.6-2. Well. Since I have two cards of network, which of which, I have left like that: Internet --> Router (217.126.221.65) --> eth1 (217.126.221.117) --> eth0 (LAN
2009 Dec 06
6
shorewall6-lite's shorecap sourcing /usr/share/shorewall-lite/lib.base?
Hey all, Just a sanity check, but should the shorecap script in shorewall6-lite be sourcing /usr/share/shorewall6-lite/lib.base rather than /usr/share/shorewall-lite/lib.base like it does currently? In fact shouldn''t there be a general s/shorewall-lite/shorewall6-lite/ in shorecap in shorewall6-lite? Maybe there is more of that lurking about as well. Also, the first line of the
2003 Oct 28
0
Re: Problems with rules since upgrading to 1.4.7b
On Tue, 2003-10-28 at 13:41, AdStar wrote: > Hi Tom, > > I''ve upgraded my firewall to 1.4.7c (and copied the firewall/functions from > the CVS over for the accounting names) > > I still get this reject in my logs. > Oct 29 08:35:08 pyro Shorewall:FORWARD:REJECT: IN=eth1 OUT=eth1 > MAC=00:02:b3:61:64:6e:00:02:b3:5f:c3:5c:08:00 SRC=10.0.100.11 DST=10.0.100.10 >
2004 Aug 28
0
Shorewall 2.1.7
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In this release: 1) Dynamic Ipsec Zones now work. 2) Output Traffic Accounting by user/group is supported (thanks to Tuomas Jormola). 3) The following negative test options are added in /etc/shorewall/ipsec and /etc/shorewall/masq: reqid!=<number> spi!=<number> proto!=esp|ah|ipcomp mode!=tunnel|transport