Package: shorewall Version: 2.2.3-1 Severity: normal
I maintain the software on several systems remotely, connecting over they Internet. I am concerned that one day an upgrade to shorwall will leave me with a broken firewall and the need to visit the site or worse, find local hired help. Ideas that come to mind: Use alternatives to choose the active version. This should be in manual mode. Store config files in version-dependant directories - /etc/shorewall22 etc. Use iptables-save to save a working firewall script and make this the default, to be changed at a time of the sysadmin's choosing. This is quite a serious concern to me; I've been cracked and my firewall rules are part of my plan to limit (by IP address range) locations from which connexions can be made to sensitive services. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages shorewall depends on: ii debconf 1.4.30.13 Debian configuration management sy ii iproute 20041019-3 Professional tools to control the ii iptables 1.2.11-8 Linux kernel 2.4+ iptables adminis -- debconf information: * shorewall/upgrade_20_22: false shorewall/upgrade_14_20: shorewall/upgrade_to_14: * shorewall/dont_restart: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]