Shorewall 4.6.8 Beta 1 is now available for testing. Problems Corrected:
1) This release includes defect repair from Shorewall 4.6.6.2 and
earlier releases.
New Features:
1) The CLI programs (shorewall, shorewall6, etc) now support 'open'
and 'close' commands. The 'open' command temporarily opens the
firewall for a specified type of connection; the syntax is:
open <source> <destination> [ <protocol> [ <port> ] ]
The <source> and <destination> may be any of the following:
- a host IP address
- a network IP address
- a valid DNS name (usual warnings apply)
- the word 'all', indicating that the <source> or <destination> is
not restricted
The protocol may be specified by number or by a name. Same with
<port>.
Example: Open SSH connections to 1.2.3.4 in Shorewall:
shorewall open all 1.2.3.4 tcp ssh
The 'close' command reverses the effect of an earlier 'open'
command and its parameters must match those of that 'open'
command. All temporary connections opens may be deleted by simply
restarting the firewall.
Both commands require that the firewall be in the started state and
that DYNAMIC_BLACKLIST=Yes in the active configuration.
The iptables rules created via 'open' commands can be displayed
using the 'show opens' command. See the release notes for an
example.
Thank you for testing.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
