Displaying 20 results from an estimated 10000 matches similar to: "Shorewall 1.4.3"
2003 May 21
1
Call for Testers of Shorewall/Fireparse (take 2)
The version of Shorewall in the \Shorewall CVS project has my next attempt
at Fireparse integration.
a) The LOGMARKER variable is gone and is replaced with LOGFORMAT
b) LOGFORMAT contains a printf (1) formatting template that accepts three
arguments:
1) The Chain Name
2) The Logging Rule Number within Chain
3) The disposition of the packet (DROP,REJECT,ACCEPT)
c) To use Shorewall with
2003 May 23
0
Shorewall 1.4.4
Given that there are new features and there are external changes to get
around the Fireparse fiasco, I have called this release 1.4.4 rather than
1.4.3b.
Problems Corrected:
None.
New Features:
1) A REDIRECT-rule target has been added. This target behaves for
REDIRECT in the same was as DNAT-does for DNAT in that the
Netfilter nat table REDIRECT rule is added but not the companion
2005 Feb 16
1
Shorewall 2.2.1
This release just rolls up the fixes for the few problems that have
surfaced in the first two to three weeks of Shorewall 2.2 availability.
If 2.2.0 is working ok for you, there is no reason to upgrade.
So far I''ve been very pleased with the stability of the 2.2 release and
attribute much of that to the new release model.
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.1
2003 May 27
0
Shorewall 1.4.4a
The Fireparse --log-prefix fiasco continues.
Version 1.4.4a omits the logging rule number if the LOGFORMAT value does
not contain ''%d''. The default value of LOGFORMAT is then changed to
"Shorewall:%s:%s:" so that the maximum length of a short zone name is once
again back at 5.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \
2002 Dec 21
0
Shorewall 1.3.12 Beta 2
The first public Beta of Shorewall 1.3.12 is now available:
New features include:
1) "shorewall refresh" now reloads the traffic shaping rules (tcrules
and tcstart).
2) "shorewall debug [re]start" now turns off debugging after an error
occurs. This places the point of the failure near the end of the
trace rather than up in the middle of it.
3) "shorewall
2002 Dec 19
4
Shorewall 1.3.12 Beta1
The first Beta Version is available at:
http://www.shorewall.net/pub/shorewall/Beta
ftp://ftp.shorewall.net/pub/shorewall/Beta
New features include:
1) "shorewall refresh" now reloads the traffic shaping rules (tcrules
and tcstart).
2) "shorewall debug [re]start" now turns off debugging after an error
occurs. This places the point of the failure near the end of the
2007 Nov 20
3
Shorewall 4.1.0
I''ve opened up development of Shorewall 4.1.
While I had previously announced that Shorewall 4.1 would focus on IPv6, I
have since learned that the netfilter team are developing ''xtables'', a
unified IP0v4/IPv6 utility. It seems silly to spend the effort to add
Shorewall support for IPv6 only to then have to turn around and convert it
to use xtables. So I''ve
2002 Dec 19
0
Another Little Patch
--==========1943392778==========
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Here''s another little patch that corrects a couple of silly mistakes.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://shorewall.sf.net
Washington USA \ teastep@shorewall.net
--==========1943392778==========
2004 Sep 29
0
Re: Shorewall-users Digest, Vol 22, Issue 65
Hi
I have 2nic firewall . I had to open some ranges of udp and tcp ports . I
faced a problem that although all the ports are open Some functionality was
not working . Any body used shorewall with H323 Voip traffic DNATed . Any
help is appretiated .
Thanks
----- Original Message -----
From: <shorewall-users-request@lists.shorewall.net>
To: <shorewall-users@lists.shorewall.net>
Sent:
2002 Dec 13
0
ULOG Support now in CVS
Anywhere that a syslog level can appear, you can now specify ULOG (must be
upper case) and logging will occur to the ulog target. You can download
ulogd from http://www.gnumonks.org/projects/ulogd.
Only the ''firewall'' file is required. None of the comments in the other
config files are updated yet but I''m working on it.
-Tom
--
Tom Eastep \ Shorewall - iptables
2004 Sep 16
0
Shorewall-2.1.9
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://shorewall.net/pub/shorewall/2.1/shorewall-2.1.9
ftp://shorewall.net/pub/shorewall/2.1/shorewall-2.1.9
Problems Corrected:
1) IP ranges in the routestopped and tunnels files now work.
2) Rules where an IP range appears in both the source and destination
~ now work correctly.
3) With complex proxy arp configurations involving two or
2004 Feb 01
4
Shorewall 2.0.0 Alpha2
http://shorewall.net/pub/shorewall/Alpha/shorewall-2.0.0
ftp://shorewall.net/pub/shorewall/Alpha/shorewall-2.0.0
See if this change to proxy arp is more palatable.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2002 Dec 27
10
Shorewall 1.3.12 Released
New features include:
1) "shorewall refresh" now reloads the traffic shaping rules (tcrules
and tcstart).
2) "shorewall debug [re]start" now turns off debugging after an error
occurs. This places the point of the failure near the end of the
trace rather than up in the middle of it.
3) "shorewall [re]start" has been speeded up by more than 40% with
my
2005 Jan 03
3
Shorewall 2.0.14
http://shorewall.net/pub/shorewall/2.0/shorewall-2.0.14
ftp://shorewall.net/pub/shorewall/2.0/shorewall-2.0.14
New Features:
1. Previously, when rate-limiting was specified
in /etc/shorewall/policy (LIMIT:BURST column), any traffic which
exceeded the specified rate was silently dropped. Now, if a log
level is given in the entry (LEVEL column) then drops are logged
2004 Oct 25
0
Shorewall 2.0.10
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://shorewall.net/pub/shorewall/2.0/shorewall-2.0.10
ftp://shorewall.net/pub/shorewall/2.0/shorewall-2.0.10
Nothing Earth-shattering here and there is no reason to upgrade if you
are not seeing one of the corrected problems.
- -----------------------------------------------------------------------
Problems corrected in version 2.0.10
1) The
2004 Sep 23
0
Fwd: RE: 2.6 kernel ipsec and shorewall
FYI...
---------- Forwarded Message ----------
Subject: RE: [Shorewall-users] 2.6 kernel ipsec and shorewall
Date: Thursday 23 September 2004 07:44
From: "Jonathan Schneider" <jon@clearconcepts.ca>
To: "''Tom Eastep''" <teastep@shorewall.net>
I must have been up too late working on this, looking at it the next day I
noticed I completely forgot
2009 Aug 25
1
[PATCH] A default log level of ULOG is ignored by the shorewall-perl compiler (but not by shorewall-shell)
Hello,
I tried Shorewall for the first time today. I am currently using an up-to-date
installation of Debian Sid, which has shorewall 4.2.10, shorewall-shell 4.2.10
and shorewall-perl 4.2.10.1.
I noticed that even though I had the following /etc/shorewall/policy file,
iptables would still show LOG rules at the end of the INPUT and OUTPUT chains
instead of ULOG rules. (Other logging related rules
2004 Dec 26
1
Preparing for Shorewall 2.2 -- End of Support for Shorewall 1.4 is near!
Shorewall 2.2.0 is expected to be released in the February/March
timeframe so it is now time to begin thinking about preparing to
upgrade. This is particularly important for those of you still running
Shorewall 1.4 since support for that version will end with the release
of 2.2.
For those of you still running Shorewall 1.4, here are some things that
you can do ahead of time to ease the upgrade to
2004 Jan 15
2
Crypto API and Shorewall
A number of you are flailing around trying to get the subject combination to
work.
You should all be aware that there are parts of this that don''t currently work
and that won''t work well until there are enhancements made to Shorewall (and
probably to Netfilter).
I. There is no clean way currently to support Road Warriors from a
Masquerading Netfilter firewall/gateway. As
2004 Nov 02
0
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The