[Shorewall-users] Shorewall 4.4.12 RC 1

[Tom Eastep]

RC 1 is now available for testing.

Fixes several bugs present in earlier releases and implements a couple
of new features:


1)  Blacklisting can now be done by destination IP address as well as
    by source address.

    The /etc/shorewall/blacklist and /etc/shorewall6/blacklist files
    now have an optional OPTIONS column. Initially, this column can
    contain either 'from' (the default) or 'to'; the latter causes the
    address(es) in the ADDRESS/SUBNET column to be interpreted as a
    DESTINATION address rather than a source address.

    Note that static blacklisting is still restricted to traffic
    ARRIVING on an interface that has the 'blacklist' option set. So to
    block traffic from your local network to an internet host, you must
    specify 'blacklist' on your internal interface.

    Similarly, dynamic blacklisting has been enhanced to recognize the
    'from' and 'to' keywords.

    Example:

        shorewall drop to 1.2.3.4

    This command will silently drop connection requests to1.2.3.4.

    The reciprocal of that command would be:

        shorewall allow to 1.2.3.4

2)  The status command now displays the directory containing the .conf
    file (shorewall.conf or shorewall6.conf) when the running
    configuration was compiled.

    Example:

       gateway:/etc/shorewall# shorewall status
       Shorewall-4.4.12-RC1 Status at gateway - Thu Aug 12 19:41:51 ...

       Shorewall is running
       State:Started (Thu Aug 12 19:41:48 PDT 2010) from /etc/shorewall/

       gateway:/etc/shorewall#

Thank you for testing,
-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
This SF.net email is sponsored by 

Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev 
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users