From 0f7c148b897ba2ee00924f887370290e72fcb233 Mon Sep 17 00:00:00 2001
From: teastep
Date: Thu, 23 Dec 2004 02:47:44 +0000
Subject: [PATCH] Update website
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1847 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
---
Shorewall-Website/shorewall_index.htm | 96 +++++++++++++++++++++++++--
Shorewall-Website/useful_links.html | 4 +-
2 files changed, 92 insertions(+), 8 deletions(-)
diff --git a/Shorewall-Website/shorewall_index.htm b/Shorewall-Website/shorewall_index.htm
index 739dccf4e..4ab4d2053 100644
--- a/Shorewall-Website/shorewall_index.htm
+++ b/Shorewall-Website/shorewall_index.htm
@@ -31,9 +31,9 @@ to 2.x releases of Shorewall. For older versions:
The current 2.0 Stable Release is 2.0.13 -- Here are the release
notes.
-The current Developement Release is 2.2.0 Beta 7 -- Here
+The current Developement Release is 2.2.0 RC1 -- Here
are the release
+ href="http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC1/releasenotes.txt">release
notes.
Copyright © 2001-2004 Thomas M. Eastep
@@ -44,7 +44,7 @@ Foundation; with no Invariant Sections, with no Front-Cover, and with
no Back-Cover Texts. A copy of the license is included in the section
entitled “GNU
Free Documentation License”.
-2004-12-04
+2004-12-11
Table of Contents
Introduction
@@ -59,8 +59,10 @@ Shorewall
Shorewall on Mandrake® with a two-interface setup?
License
News
-Shorewall 2.2.0 Beta 7
+
Shorewall
+2.2.0 RC1
+Shorewall 2.2.0 Beta 8
+Shorewall 2.2.0 Beta 7
Shorewall
2.0.13
Shorewall
@@ -166,6 +168,90 @@ of the license is included in the section entitled "GNU Free
Documentation License".
News
+12/19/2004 -
+Shorewall 2.2.0 RC1
+
+Problems Corrected:
+
+ - The syntax of the add and delete command has been clarified in
+the help summary produced by /sbin/shorewall.
+
+New Features:
+
+ - TCP OpenVPN tunnels are now supported using the 'openvpn' tunnel
+type. OpenVPN entries in /etc/shorewall/tunnels have this format:
+
+ openvpn[:{tcp|udp}][:<port>]
+<zone> <gateway>
+
+Examples:
+ openvpn:tcp net 1.2.3.4 # TCP tunnel on port 5000
openvpn:3344 net 1.2.3.4 # UDP on port 3344
openvpn:tcp:4455 net 1.2.3.4 # TCP on port 4455
+
+ - A new 'ipsecvpn' script is included in the tarball and in the
+RPM. The RPM installs the file in the Documentation directory
+(/usr/share/doc/packages/shorewall-2.2.0-0RC1).
+
+This script is intended for use on Roadwarrior laptops for establishing
+an IPSEC SA to/from remote networks. The script has some limitations:
+
+ - Only one instance of the script may be used at a
+time.
+ - Only the first SPD accessed will be instantiated
+at the remote gateway. So while the script creates SPDs to/from the
+remote gateway and each network listed in the NETWORKS setting at the
+front of the script, only one of these may be used at a time.
+
+
+12/11/2004 -
+Shorewall 2.2.0 Beta 8
+
+Problems Corrected:
+
+ - A typo in the /etc/shorewall/interfaces file has been corrected.
+ - Previously, the "add" and "delete" commands were generating
+incorrect policy matches when policy match support was available.
+
+New Features:
+
+ - Recent 2.6 kernels include code that evaluates TCP packets based
+on TCP Window analysis. This can cause packets that were previously
+classified as NEW or ESTABLISHED to be classified as INVALID.
+
+The new kernel code can be disabled by including this command in your
+/etc/shorewall/init file:
+
+ echo 1 >
+/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal
+
+Additional kernel logging about INVALID TCP packets may be obtained by
+adding this command to /etc/shorewall/init:
+
+ echo 1 >
+/proc/sys/net/ipv4/netfilter/ip_conntrack_log_invalid
+
+Traditionally, Shorewall has dropped INVALID TCP packets early. The new
+DROPINVALID option allows INVALID packets to be passed through the
+normal rules chains by setting DROPINVALID=No.
+
+If not specified or if specified as empty (e.g., DROPINVALID="") then
+DROPINVALID=Yes is assumed.
+
+
+ - The "shorewall add" and "shorewall delete" commands now accept a
+list of hosts to add or delete.
+
+Examples:
+
+ shorewall add eth1:1.2.3.4 eth1:2.3.4.5 z12
+ shorewall delete eth1:1.2.3.4 eth1:2.3.4.5 z12
+
+The above commands may also be written:
+
+ shorewall add eth1:1.2.3.4,2.3.4.5 z12
+ shorewall delete eth1:1.2.3.4,2.3.4.5 z12
+
+
+
12/04/2004 -
Shorewall 2.2.0 Beta 7
diff --git a/Shorewall-Website/useful_links.html b/Shorewall-Website/useful_links.html
index 784a42282..79d8adf79 100755
--- a/Shorewall-Website/useful_links.html
+++ b/Shorewall-Website/useful_links.html
@@ -6,7 +6,7 @@
-
+
@@ -73,8 +73,6 @@ Shorewall:
-