Displaying 20 results from an estimated 40000 matches similar to: "Away for the weekend"
2003 Jan 25
2
Idle connections timing out
Hello,
I''m a Shorewall novice. I have a problem and I''m not quite sure
how to troubleshoot it.
I''m using a Mandrake 9.0 (Security Level "4") system, which came
with Shorewall. (I live in Lynnwood, not far from Shoreline, btw.)
Long lived but idle connections are dying. Examples are SSH
terminals where I don''t type anything, and IMAP connections
2002 Dec 05
7
New in CVS
The ''firewall'' script currently in the /Shorewall CVS project:
a) Is approximately 15% faster starting/restarting on my configuration --
please report your experiences with it.
b) Reloads Traffic Control/Shaping as part of "shorewall refresh"
c) Turns off the shell trace after an error has occured (except when the
command being traced is "stop" or
2003 Mar 15
1
Away for a few days
I will be off of the lists until Monday evening (GMT -0800) at the
earliest.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://shorewall.sf.net
Washington USA \ teastep@shorewall.net
2002 Sep 29
3
Shorewall 1.3.9
Shorewall 1.3.9 is available.
In this release:
1. DNS Names are now allowed in Shorewall config files (I still recommend
against using them however).
2. The connection SOURCE may now be qualified by both interface
and IP address in a Shorewall rule.
3. Shorewall startup is now disabled after initial installation until
the file /etc/shorewall/startup_disabled is removed.
4. The
2004 Nov 02
3
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2007 Nov 28
2
[Fwd: Re: Port 3001 still have problem]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
As I pointed out to Wilson in a private message, this appears to show
that no other connection requests (other than port 3000) are being sent
from the client to the server (or at least no other connection requests
are being received by the Shorewall box).
Wilson: Are you sure that the client is supposed to open port 3001 on
the server and not the
2002 Jun 15
4
Serious Bug found in Shorewall 1.3.x
Rafa³ Dutko has just discovered a potentially serious bug in version 1.3.0
and 1.3.1. In both versions, where an interface option appears on multiple
interfaces, the option may only be applied to the first interface on which
it appears.
A corrected firewall script for 1.3.1 is available at:
http://www.shorewall.net/pub/shorewall/errata/1.3.1/firewall
and
2003 Apr 02
1
Away for a while
Due to two deaths in my wife''s family, I will be away until some time next
week.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://www.shorewall.net
Washington USA \ teastep@shorewall.net
2002 Dec 07
6
More speedups in CVS
The ''firewall'' and ''functions'' file in CVS together produce a 30%+ speedup
of ''shorewall restart'' on my firewall when compared to 1.3.11a.
Please test with these files -- I don''t anticipate making any more
performance changes for 1.3.12 and I want to be sure that I didn''t break
anything.
-Tom
--
Tom Eastep \ Shorewall
2002 Nov 20
3
Spam vs. Viruses
I have purchased a license for Vexira MailArmor (an antivirus product) and
the good news is that it is installed and working at shorewall.net. The bad
news is that I have yet to get Vexira running together with SpamAssassin :-(
As things currently stand, list posts will be protected from viruses but
may contain Spam. I''ll continue to work to correct this situation.
-Tom
--
Tom Eastep
2002 May 14
2
Shorewall.net is back up
Let me know if there are any problems.
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
2002 Nov 12
3
''all'' in rules file
I have implemented the ability to specify ''all'' in the SOURCE and
DESTINATION columns of the rules file and I''m not sure I like the result.
The code is in CVS if any of you are interested in giving it a try. If you
do try it, please let me know what you think.
If you specify ''all'' in those columns it must not be qualified (may not be
followed by
2002 Apr 16
1
SuSE RPM Available
Thanks to Stefan Mohr, a Shorewall 1.2.11 RPM package for SuSE is now
available. See http://www.shorewall.net.
Thanks Stefan!!
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
2002 Mar 11
1
Fw: Firewall and Port Forward Clash?
----- Original Message -----
From: "Tom Eastep" <teastep@shorewall.net>
To: "Gary Gale" <gary@vicchi.org>
Sent: Monday, March 11, 2002 11:48 AM
Subject: Re: [Shorewall-users] Firewall and Port Forward Clash?
> Gary,
>
> ----- Original Message -----
> From: "Gary Gale" <gary@vicchi.org>
> To: "Shorewall Users List"
2002 May 15
4
Your opinion please
The 1.2 firewall contains messy logic to support the old sample
configurations in that any rule that contains "none" in any of its columns
is ignored.
I''m considering removing that messiness in 1.3 and seek the opinion of the
list.
Thanks,
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ teastep@shorewall.net
2002 Mar 20
3
Shorewall 1.2.10
This is a minor release of Shorewall.
In this release:
1. A "shorewall try" command has been added. This command attempts to
restart Shorewall using an alternate configuration and if that
attempt fails, Shorewall is automatically started with the default
configuration. This is useful for remote administration where a
failed restart of Shorewall can leave you isolated from
2005 Jan 13
6
Shorewall Web Site mirrored in Italy
Lorenzo Martignoni at Univesita` degli Studi di Milano in Milan has
established a mirror of the Shorewall web site.
http://italy.shorewall.net
http://cert-it.dico.unimi.it/shorewall
Thanks Lorenzo!
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \
2002 Apr 13
2
Shorewall 1.2.11 Available
In this release:
1. The ''try'' command now accepts an optional timeout. If the timeout is
given in the command, the standard configuration will automatically
be restarted after the new configuration has been running for that
length of time. This prevents a remote admin from being locked out
of the firewall in the case where the new configuration starts but
prevents
2004 Nov 13
13
shorewall.net is back
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The server rebuild was a complete failure. For some reason, neither FC3
nor SuSE 9.2 like the graphics card in the box.
I have reinstalled the old hard drive and the server is back on line.
- -Tom
- --
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2002 Sep 16
3
Shorewall 1.3.8
This is a minor release of Shorewall which rolls up a number of bug
fixes.
New features include:
1. A NEWNOTSYN option has been added to shorewall.conf. This option
determines whether Shorewall accepts TCP packets which are not part
of an established connection and that are not ''SYN'' packets (SYN
flag on and ACK flag off).
2. The need for the