similar to: Proposed Shorewall 1.4.0 Content

Displaying 20 results from an estimated 5000 matches similar to: "Proposed Shorewall 1.4.0 Content"

2003 Feb 21
0
Shorewall 1.4.0 Beta 1
The first 1.4.0 Beta is now available at: http://www.shorewall.net/pub/shorewall/Beta ftp://ftp.shorewall.net/pub/shorewall/Beta Function from 1.3 that has been omitted from this version includes: 1) The MERGE_HOSTS variable in shorewall.conf is no longer supported. Shorewall 1.4 behavior is the same as 1.3 with MERGE_HOSTS=Yes. 2. Interface names of the form
2003 Mar 05
3
Shorewall 1.4.0 RC1
The first release candidate is now available at: http://www.shorewall.net/pub/shorewall/Beta ftp://ftp.shorewall.net/pub/shorewall/Beta The only change between Beta 1 and RC1 is that the ''check'' command is back in RC1. Function from 1.3 that has been omitted from this version includes: 1) The MERGE_HOSTS variable in shorewall.conf is no longer supported. Shorewall 1.4
2003 Feb 27
6
Shorewall 1.4.0 Beta 2
The second Beta is now available at: http://www.shorewall.net/pub/shorewall/Beta ftp://ftp.shorewall.net/pub/shorewall/Beta Function from 1.3 that has been omitted from this version includes: 1) The ''check'' command is no longer supported. 2) The MERGE_HOSTS variable in shorewall.conf is no longer supported. Shorewall 1.4 behavior is the same as 1.3 with MERGE_HOSTS=Yes.
2003 Jan 25
0
Shorewall 1.3.14 Beta 1
Beta 1 is now available at: http://www.shorewall.net/pub/shorewall/Beta ftp://ftp.shorewall.net/pub/shorewall/Beta Features include: 1) An OLD_PING_HANDLING option has been added to shorewall.conf. When set to Yes, Shorewall ping handling is as it has always been (see http://www.shorewall.net/ping.html). When OLD_PING_HANDLING=No, icmp echo (ping) is handled via rules and
2003 Feb 08
1
Shorewall 1.3.14
Shorewall 1.3.14 is now available. Thanks go to Francesca Smith for helping with updating the sample configurations. New in 1.3.14: 1) An OLD_PING_HANDLING option has been added to shorewall.conf. When set to Yes, Shorewall ping handling is as it has always been (see http://www.shorewall.net/ping.html). When OLD_PING_HANDLING=No, icmp echo (ping) is handled via rules and
2003 Jan 29
0
Thoughts on Shorewall 2.0
I''ve begun to think about 2.0. I would like to hear any ideas about what you would like to see included. Before I decide what new things will be implemented though, I want to nail down what WON''T be included. Here is my list: a) Old Ping Handling. There won''t be any ''noping'' or ''forwardping'' interface options and there
2005 Apr 07
4
Shorewall 2.2.3
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.3 ftp://shorewall.net/pub/shorewall/2.2/shorewall-2.2.3 Problems Corrected: 1) If a zone is defined in /etc/shorewall/hosts using <interface>:!<network> in the HOSTS column then startup errors occur on "shorewall [re]start". 2) Previously, if "shorewall status" was run on a system whose kernel lacked
2002 Dec 22
2
maclist option -> sorry good ver.
Setting up MAC Verification on eth0... Error: Interface eth0 must be up before Shorewall can start my : /etc/shorewall/shorewall.conf: MACLIST_DISPOSITION=REJECT MACLIST_LOG_LEVEL=info interfaces: #ZONE INTERFACE BROADCAST OPTIONS net ppp0 217.96.90.242 noping loc eth0 255.255.255.0 routestopped,maclistmaclist: maclist: #INTERFACE MAC IP
2003 Mar 11
0
Shorewall 1.3.14a
This is a roll up of the following fixes: * There is an updated rfc1918 file that reflects the resent allocation of 222.0.0.0/8 and 223.0.0.0/8. * The documentation for the routestopped file claimed that a comma-separated list could appear in the second column while the code only supported a single host or network address. * Log messages produced by ''logunclean'',
2002 May 14
3
[Shorewall-users] Redirect loc::80 to fw::3128 not work (fwd)
I''m beginning to believe that the use of the last column in the rules file to designate redirection/forwarding is too subtle for many users. For 1.3, I think I''ll do something like the following: Current rule: ACCEPT net loc:192.168.1.3 tcp 80 - all New rule: FORWARD net loc:192.168.1.3 tcp 80 Current rule: ACCEPT net fw::3128 tcp 80 - all New rule: REDIRECT net
2002 Dec 19
0
Another Little Patch
--==========1943392778========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Here''s another little patch that corrects a couple of silly mistakes. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net --==========1943392778==========
2002 Jun 17
0
Another 1.3.x Bug
Another bug with similar symptoms to the last one has been found by Renato Tirol. The bug fixed by the earlier errata update affects the following options: dhcp dropunclean logunclean norfc1918 routefilter multi filterping noping The bug reported by Renato and fixed in the current errata update affects: routestopped The new update is available at:
2002 May 14
4
Redirect loc::80 to fw::3128 not work
The rule: ACCEPT loc $FW::3128 tcp www doesn''t work propertly, the http access does not redirect to squid but directly exit. what''s wrong? Thanks ------- Dario Lesca (d.lesca@ivrea.osra.it) -------------------------------------- @@@@@@@ this is my shorewall-1.2.13 config: #[/etc/shorewall/common.def]-----------------------------------------------
2003 Mar 03
3
losing connection
Tom, or whomever reads this, when I say disconnect I mean close out IE6, sorry for so unclear on this point. My IP address never changes unless I unplug the modem. I have had the same IP address for ... well since I had to reset it to hook it up to my Linux box.which was 2 weeks ago. If I set DHCP on my eth1 interface that will contradict the static address I have assigned to it,
2003 Dec 07
2
Re: [Shorewall-newbies] Re: Shorewall-newbies Digest; Problems with blacklist and nat !
Hello, I have forwarded this to the shorewall-users list. You will find better support for this obscure problem there. Regards, Alex Martin http://www.rettc.com Cristian Valentin Barean wrote: > Hello ! > My name is Barean Cristian, and I have a network of 35 users, on a > Linux Mandrake 9.2 server. > As I was adding more users in my network, I found a problem with
2002 Dec 22
0
with maclist option can''t start
Setting up MAC Verification on eth0... Error: Interface eth0 must be up before Shorewall can start my : /etc/shorewall/shorewall.conf: MACLIST_DISPOSITION=REJECT MACLIST_LOG_LEVEL=infointerfaces:#ZONE INTERFACE BROADCAST OPTIONSnet ppp0 217.96.90.242 nopingloc eth0 255.255.255.0 routestopped,maclistmaclist:#INTERFACE MAC IP ADDRESSES (Optional)eth0
2003 Jan 16
0
Jan 16 17:49:33 murowall kernel: Shorewall Shorewall:FORWARD:REJECT:IN=eth0 O UT=eth2
Marta, As Alan pointed out the loc->net policy is Continue, it should probably be loc->net ACCEPT. This is from Tom''s Shorewall Documentation... http://www.shorewall.net/Documentation.htm#Policy CONTINUE - The connection is neither ACCEPTed, DROPped nor REJECTed. CONTINUE may be used when one or both of the zones named in the entry are sub-zones of or intersect with another zone.
2003 Jan 16
3
Jan 16 17:49:33 murowall kernel: Shorewall:loc2net:CONTINUE:IN=eth0 OUT=eth2 SRC Shorewall:FORWARD:REJECT:IN=eth0 OUT=eth2
I have the problem when my localnetwork do telnet to the net Shorewall:FORWARD:REJECT:IN=eth0 OUT=eth2 my files are the following: policy #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST loc net CONTINUE info loc fw ACCEPT info loc loc ACCEPT loc dmz ACCEPT info fw
2003 Aug 25
5
Shorewall 1.4.7 Beta 1
http://shorewall.net/pub/shorewall/Beta ftp://shorewall.net/pub/shorewall/Beta Problems Corrected since version 1.4.6: 1) Corrected problem in 1.4.6 where the MANGLE_ENABLED variable was being tested before it was set. 2) Corrected handling of MAC addresses in the SOURCE column of the tcrules file. Previously, these addresses resulted in an invalid iptables command. 3) The
2003 Oct 06
2
Shorewall 1.4.7
Shorewall 1.4.7 is now available at: http://shorewall.net/pub/shorewall/shorewall-1.4.7 ftp://shorewall.net/pub/shorewall/shorewall-1.4.7 It will be available at your favorite mirror shortly. The release notes are attached. As always, many thanks go to Francesca Smith for updating the sample configurations for this release. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently