similar to: RE: Shorewall-users Digest, Vol 3, Issue 64

On my windows machine I use a software fire will called ZoneAlarm. One feature I like Is the ability to block applications from using the net. I''ve looked with Shorewall and wonder if it does, or was ever meant to. Not a complaint, a curiosity. Kev -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 1572 bytes

Changes since Beta 1: Problems Corrected: 1. Corrected a problem in Beta 1 where DNS names containing a "-" were mis-handled when they appeared in the DEST column of a rule. New Features: 1. The limit of 256 addresses for an address range has been removed. Shorewall now decomposes the range into an optimal set of network/host addresses (see also the

Shorewall 1.4.6 is now available. Thanks to Francesca Smith, the 1.4.6 Sample configurations are also available. The release is currently available at: http://shorewall.net/pub/shorewall ftp://shorewall.net/pub/shorewall It will be available at the other mirrors shortly. This is a minor release of Shorewall. Problems Corrected: 1) A problem seen on RH7.3 systems where Shorewall encountered

> Kevin Smith ksmith at perfht.com wrote on Samba Digest: > Tue Apr 22 09:17:29 GMT 2003 > > > I wanted to hook my Actionlaser 1500 to my Server for the network. I sued > the newest Cups which work well with my Epson color 740. > Since I had a problem finding a driver, I considered the foomatic databases > since they did have what I needed. When I installed Foomatic (per

I''ve established a web site (http://wookie.shorewall.net) where you can see the changes that I''m making to the documentation for the upcoming release (currently 1.3.4). Since Ron has been tied up with other projects, I''ve taken a hack at rewriting the Quick Start Guide. It''s been broken into three separate guides as several people suggested and the two- and

Kevin; I use a 56k dialup modem. It doesn''t matter if you use a dailup modem or Broadband as that interface is defined to Linux and Shorewall in the normal way. You must not add it to the bridge as all data passing through the bridge bypasses the ip stack therefore Shorewall/netfilter will not see it and you will not have a firewall just a bridge. You can attach a

Just some stuff that was laying around in CVS: 1. Added ''DNAT-'' target. 2. Print policies in ''check'' command. 3. Added CLEAR_TC option. 4. Added SHARED_DIR option. [teastep@wookie Shorewall]$ cat releasenotes.txt This is a minor release of Shorewall that has a couple of new features. New features include: 1) A new ''DNAT-'' action has been

This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. ---1463811327-1716203191-1023027413=:9844 Content-Type: TEXT/PLAIN; charset=US-ASCII ... that doesn''t have a broken "show log" command :-/ -Tom -- Tom Eastep \

Hiya, My two cents here .. I use a locked down Linux Sendmail relay (use sendmail null-client feature on any spare old server or PC) in my DMZ to relay Mail to the exchange server in my local zone. Its sort of the moat you have to cross over to get at the castle walls and the hot oil dumped on your head approach. Francesca C. Smith Lady Linux Internet Services 1801 Bolton Street # 1 Baltimore,

This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. ---1463811327-1911476612-1020868210=:31221 Content-Type: TEXT/PLAIN; charset=US-ASCII FYI -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net

This message is in MIME format. The first part should be readable text, while the remaining parts are likely unreadable without MIME-aware tools. Send mail to mime@docserver.cac.washington.edu for more info. ---1463811327-2097478821-1023027109=:9844 Content-Type: TEXT/PLAIN; charset=US-ASCII Here''s a version of /sbin/shorewall that has the ''logwatch'' command that

FYI... ---------- Forwarded Message ---------- Subject: RE: [Shorewall-users] 2.6 kernel ipsec and shorewall Date: Thursday 23 September 2004 07:44 From: "Jonathan Schneider" <jon@clearconcepts.ca> To: "''Tom Eastep''" <teastep@shorewall.net> I must have been up too late working on this, looking at it the next day I noticed I completely forgot

Sven Anderson sven_anderson at spray.se > Fri May 23 21:49:15 GMT 2003 > > > Cups must be started before smbd or vise versa. Try both. Not "vice versa". CUPS must be up and running ("lpstat -r" must be returning "scheduler is running"). This is precisely because of the described bug, which causes Samba *not* to update the list of available printers

Hi I have 2nic firewall . I had to open some ranges of udp and tcp ports . I faced a problem that although all the ports are open Some functionality was not working . Any body used shorewall with H323 Voip traffic DNATed . Any help is appretiated . Thanks ----- Original Message ----- From: <shorewall-users-request@lists.shorewall.net> To: <shorewall-users@lists.shorewall.net> Sent:

This is becoming a FAQ and should probably be added to the docs. Thanks, -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net ---------- Forwarded message ---------- Date: Sun, 28 Apr 2002 16:09:01 -0700 (Pacific Daylight Time) From: Tom Eastep <teastep@shorewall.net> To: Carl Spelkens

---------- Forwarded Message ---------- Subject: Re: [Shorewall-users] strange UDP scan results on a Shorewall=20 firewall Date: Sun, 3 Mar 2002 08:33:20 -0800 From: Tom Eastep <teastep@shorewall.net> To: "Scott Duncan" <sduncan@cytechconsult.com> On Saturday 02 March 2002 04:30 am, Scott Duncan wrote: > Yes, the net->all policy is the same on all three (REJECT log

http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 Problems Corrected: 1. The "shorewall check" command results in the (harmless) error message: /usr/share/shorewall/firewall: line 2753: check_dupliate_zones: command not found 2. The

Plus I would like to let you know that it works like a charm. Snort can now see those packets. -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of Thibodeau, Jamie L. Sent: Wednesday, March 30, 2005 9:25 AM To: Mailing List for Shorewall Users Subject: RE: [Shorewall-users] Shorewall and an inline

http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 Problems Corrected: 1. The "shorewall check" command results in the (harmless) error message: /usr/share/shorewall/firewall: line 2753: check_dupliate_zones: command not found 2. The

Thanks for such a quick reply Tom! Any suggestions then as to what I might do other than putting a second nic in the SBS and opening it up for web access? I don''t like the idea, but since MS SBS includes fireall that is actually what MS suggests. Boyd -----Original Message----- From: Tom Eastep [mailto:teastep@shorewall.net] Sent: January 3, 2005 3:05 PM To: Shorewall Users Cc: Boyd