Original Message
Subject: Re: [Shorewall-devel] [PATCH] Re: Shorewall 4.5.12 Beta 5
Date: Thu, 10 Jan 2013 15:33:53 -0800
From: Tom Eastep
Reply-To: shorewall-de...@lists.sourceforge.net
To: shorewall-de...@lists.sourceforge.net
On 01/10/2013 03:21 PM, Tom Eastep wrote:
> On
On 01/10/2013 01:47 PM, Tom Eastep wrote:
> Beta 5 is now available for testing.
>
Please apply the attached patch before trying to use Beta 5.
Thanks,
-Tom
--
Tom Eastep\ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming l
Beta 5 is now available for testing.
Problems corrected since Beta 4:
1) The generated script now correctly deletes Traffic Control
configurations when CLEAR_TC=Yes. Previously, the configurations on
interfaces with an '@xx' suffix in their names were not cleared.
New Features since
Costantino wrote:
>You can test whether that's the case or not by launching the command that I've
>provided.
Actually I can't as my firewall doesn't have any web server installed - in fact
it has no outside accessible services on it.
I did try using another box on my network as a target (rather
On Thu, Jan 10, 2013 at 07:22:53AM -0500, James wrote:
>
> I would expect that if I entered: 192.168.123.3/24 (technically not a
> whole network, but actually a single host in a /24 sized network, that
> only 192.168.123.3 would follow this rule. It turns out this actually
> will apply the rule to
Simon,
I'm afraid that's not the case, unless you have SELINUX enabled, or other
equivalent security modules installed like, for instance, AppArmor,
ModSecurity, Systrace or even Zorp.
You can test whether that's the case or not by launching the command that I've
provided.
Type it on a linux b
Dear Shorewall,
As you already know /etc/shorewall/rules allows:
ACTIONzone: dest:
where allows various different formats.
Valid ipspec's might include: 192.168.123.0/24 (the whole network) or
192.168.123.3 (a single host) for example.
I would expect that if I entered: 192.168.123.3/24 (t