Displaying 20 results from an estimated 9000 matches similar to: "Shorewall 1.2.7"
2002 Jul 06
0
Shorewall 1.3.3
Shorewall 1.3.3 is now available for download.
In this release:
1. Entries in /etc/shorewall/interface that use the wildcard character
("+") now have the "multi" option assumed.
2. The ''rfc1918'' chain in the mangle table has been renamed ''man1918''
to make log messages generated from that chain distinguishable from
those generated
2002 Aug 22
0
Shorewall 1.3.7
This is a bug-fix roleup together with changes to the way ICMP is handled=
=2E
1) The ''icmp.def'' file is now empty! The rules in that file were
required in ipchains firewalls but are not required in Shorewall.
Users who have ALLOWRELATED=3DNo in shorewall.conf should see the
Upgrade Issues.
2) A ''FORWARDPING'' option has been added to shorewall.conf.
2002 Jul 05
0
Shorewall 1.3.3 Beta Available
Beta code is available at:
ftp://ftp.shorewall.net/pub/shorewall/Beta
http://www.shorewall.net/pub/shorewall/Beta
In this release:
1. Entries in /etc/shorewall/interface that use the wildcard character
("+") now have the "multi" option assumed.
2. The ''rfc1918'' chain in the mangle table has been renamed ''man1918''
to make log
2002 May 10
0
Re: [Shorewall-users] (no subject)
On Sat, 11 May 2002, Peter Käll wrote:
> Hi!
>
> Thanks for the very fast help. Now it works.
>
> I downloaded the 1.2.13 version and the two interfaces example. The example
> includes a common file without UPNP dropping.
>
> In the begining of the common file in the example it says "Shorewall 1.2".
> the common.def files that comes the 1.2.13 version
2002 Aug 26
0
Shorewall-1.3.7b
This is just a role up of the "shorewall refresh" bug fix plus the change that
reversed the order of "dhcp" and "rfc1918" filtering.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
2002 Jun 01
0
Shorewall 1.3.1
As promised, 1.3.1 is now available:
1. The handling of "all <zone> CONTINUE" policies has been corrected. Use
of these policies greatly simplifies whitelisting and other nested zone
configuration.
2. Added an /etc/shorewall/rfc1918 configuration file for defining the
behavior of the ''norfc1918'' interface option.
-Tom
--
Tom Eastep \ Shorewall -
2002 Jun 04
1
IANA Reserved Addresses Tool
Andy Wiggin has contribued a Python program that reads
http://www.iana.org/assignments/ipv4-address-space and creates a list of
reserved subnets suitable for inclusion in /etc/shorewall/rfc1918. The
list produced by Andy''s program will be included in the rfc1918 file
included in version 1.3.2 (it''s available now from CVS).
Thanks Andy!
-Tom
--
Tom Eastep \ Shorewall -
2002 Aug 14
0
iptables 1.2.7 and MULTIPORT=Yes
The 1.2.7 release of iptables has made an incompatible change in the
syntax used to specify multiport matches. As a consequence, users
upgrading to iptables 1.2.7 must set MULTIPORT=No in
/etc/shorewall/shorewall.conf.
I''ll have an updated firewall script available in the next day or two.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \
2002 Feb 23
0
Shorewall 1.2.8
1.2.8 is now available for download from my site and from Sourceforge.
If you have installed 1.2.7 then before trying to restart under 1.2.8:
a) Look at your /etc/shorewall/shorewall.conf file and note the directory=
=20
in the STATEDIR variable. If that variable is empty, assume
/var/state/shorewall
b) Remove the file ''lock'' in the directory determined in step a.
You
2003 Jan 15
1
Future of Shorewall (was Shorewall-1.3.13)
--On Wednesday, January 15, 2003 8:57 AM +0000 Julian Church
<jc@ljchurch.co.uk> wrote:
> Tom
>
> There''s no reason you should let a complete stranger question your better
> judgement, but weren''t you supposed to be taking a break from all of this?
>
The problem I am having is "Now what do I do with myself in the early
mornings and evenings?":
2002 Apr 28
0
[Documentation] Re: [Shorewall-users] Logging is done to console (fwd)
This is becoming a FAQ and should probably be added to the docs.
Thanks,
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
---------- Forwarded message ----------
Date: Sun, 28 Apr 2002 16:09:01 -0700 (Pacific Daylight Time)
From: Tom Eastep <teastep@shorewall.net>
To: Carl Spelkens
2002 Mar 03
0
Fwd: Re: strange UDP scan results on a Shorewall firewall
---------- Forwarded Message ----------
Subject: Re: [Shorewall-users] strange UDP scan results on a Shorewall=20
firewall
Date: Sun, 3 Mar 2002 08:33:20 -0800
From: Tom Eastep <teastep@shorewall.net>
To: "Scott Duncan" <sduncan@cytechconsult.com>
On Saturday 02 March 2002 04:30 am, Scott Duncan wrote:
> Yes, the net->all policy is the same on all three (REJECT log
2002 Sep 29
3
Shorewall 1.3.9
Shorewall 1.3.9 is available.
In this release:
1. DNS Names are now allowed in Shorewall config files (I still recommend
against using them however).
2. The connection SOURCE may now be qualified by both interface
and IP address in a Shorewall rule.
3. Shorewall startup is now disabled after initial installation until
the file /etc/shorewall/startup_disabled is removed.
4. The
2002 May 14
2
Shorewall.net is back up
Let me know if there are any problems.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
2002 Apr 20
2
Blocking rfc1918 addresses with one exception
Hi
I''ve come accross a small problem with the rcf1918 address blocking on
my internet interface.
Im connected via a cable modem and it has an internel web server that
allows me to configure/monitor it but as expected if I enable rfc1918
blocking for my eth0 interface(The internet one) it also blocks the
cable modems web server. Is there any way it can add a rule before the
rfc1918
2002 Jun 15
4
Serious Bug found in Shorewall 1.3.x
Rafa³ Dutko has just discovered a potentially serious bug in version 1.3.0
and 1.3.1. In both versions, where an interface option appears on multiple
interfaces, the option may only be applied to the first interface on which
it appears.
A corrected firewall script for 1.3.1 is available at:
http://www.shorewall.net/pub/shorewall/errata/1.3.1/firewall
and
2002 Jul 08
1
FWD: dns woes
---------- Original Message ----------------------------------
From: "Jim Van Eeckhoutte" <jim@vaneeckhoutte.com>
Reply-To: <jim@vaneeckhoutte.com>
Date: Mon, 8 Jul 2002 15:27:14 -0700
this is shorewall status output:
tcp 6 431899 ESTABLISHED src=192.168.20.5 dst=64.4.12.45 sport=2185 dport=1863 src=64.4.12.45 dst=63.25.123.58 sport=1863 dport=2185 [ASSURED] use=1
2002 Apr 13
2
Shorewall 1.2.11 Available
In this release:
1. The ''try'' command now accepts an optional timeout. If the timeout is
given in the command, the standard configuration will automatically
be restarted after the new configuration has been running for that
length of time. This prevents a remote admin from being locked out
of the firewall in the case where the new configuration starts but
prevents
2002 Jan 26
1
Shorewall 1.2.4 Beta
Shorewall 1.2.4 will have the following changes:
a) ''#'' comments now allowed at end-of-line in all config files.
b) Firewall zone may be renamed
c) Protection against concurrent state-changing operations (start, stop,
restart, refresh, clear)
d) ''shorewall start'' no longer fails if ''detect'' is specified for an
interface with netmask
2002 Aug 25
1
Shorewall 1.3.7a Debian Packages Available
Apt-get sources are listed at:
http://wecurity.dsi.unimi.it/~lorenzo/debian.html
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net