Shorewall 1.1.14 is available for download at:
http://sourceforge.net/projects/shorewall
In this version:
a) Shorewall now supports alternate configuration directories.
When an alternate directory is specified when starting or
restarting Shorewall (e.g., "shorewall -c /etc/testconf
restart"), Shorewall will look for configuration files
first in the alternate directory then in /etc/shorewall.
To create an alternate configuration, simply:
1) create a new directory
2) copy any config files that you need to change to that
directory.
3) modify the files as needed
4) restart Shorewall specifying the new directory
b) The rules for allowing/disallowing icmp echo-requests (pings)
are now moved after rules created when processing the rules
file. This allows you to add rules that selectively allow/deny
ping based on source or destination address.
c) Rules that specify multiple client ip addresses or subnets
no longer cause startup failures.
d) Zone names in the policy file are now validated against the
zones file.
e) If you have packet mangling support enabled, the "norfc1918"
interface option now logs and drops any incoming packets that
have an RFC1918 destination address.
-Tom
--
Tom Eastep \ [EMAIL PROTECTED]
ICQ: #60745924 \ http://shorewall.sourceforge.net
AIM: tmeastep \__________________________________
Shoreline, Washington
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-devel
