From 0f7c148b897ba2ee00924f887370290e72fcb233 Mon Sep 17 00:00:00 2001 From: teastep Date: Thu, 23 Dec 2004 02:47:44 +0000 Subject: [PATCH] Update website git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1847 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall-Website/shorewall_index.htm | 96 +++++++++++++++++++++++++-- Shorewall-Website/useful_links.html | 4 +- 2 files changed, 92 insertions(+), 8 deletions(-) diff --git a/Shorewall-Website/shorewall_index.htm b/Shorewall-Website/shorewall_index.htm index 739dccf4e..4ab4d2053 100644 --- a/Shorewall-Website/shorewall_index.htm +++ b/Shorewall-Website/shorewall_index.htm @@ -31,9 +31,9 @@ to 2.x releases of Shorewall. For older versions:

The current 2.0 Stable Release is 2.0.13 -- Here are the release notes.
-The current Developement Release is 2.2.0 Beta 7 -- Here +The current Developement Release is 2.2.0 RC1 -- Here are the release + href="http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC1/releasenotes.txt">release notes.

Copyright © 2001-2004 Thomas M. Eastep

@@ -44,7 +44,7 @@ Foundation; with no Invariant Sections, with no Front-Cover, and with no Back-Cover Texts. A copy of the license is included in the section entitled “GNU Free Documentation License”.

-

2004-12-04

+

2004-12-11


Table of Contents

Introduction @@ -59,8 +59,10 @@ Shorewall
Shorewall on Mandrake® with a two-interface setup?
License

News

-

Shorewall 2.2.0 Beta 7
+

Shorewall +2.2.0 RC1
+Shorewall 2.2.0 Beta 8
+Shorewall 2.2.0 Beta 7
Shorewall 2.0.13
Shorewall @@ -166,6 +168,90 @@ of the license is included in the section entitled "GNU Free Documentation License".


News

+12/19/2004 - +Shorewall 2.2.0 RC1
+
+
Problems Corrected:
+
    +
  1. The syntax of the add and delete command has been clarified in +the help summary produced by /sbin/shorewall.
  2. +
+New Features:
+
    +
  1. TCP OpenVPN tunnels are now supported using the 'openvpn' tunnel +type. OpenVPN entries in /etc/shorewall/tunnels have this format:
    +
    +    openvpn[:{tcp|udp}][:<port>]    +<zone>        <gateway>
    +
    +Examples:
    +
        openvpn:tcp         net    1.2.3.4    # TCP tunnel on port 5000
    openvpn:3344        net    1.2.3.4 # UDP on port 3344
    openvpn:tcp:4455    net    1.2.3.4    # TCP on port 4455
    +
  2. +
  3. A new 'ipsecvpn' script is included in the tarball and in the +RPM. The RPM installs the file in the Documentation directory +(/usr/share/doc/packages/shorewall-2.2.0-0RC1).
    +
    +This script is intended for use on Roadwarrior laptops for establishing +an IPSEC SA to/from remote networks. The script has some limitations:
    +
    +    - Only one instance of the script may be used at a +time.
    +    - Only the first SPD accessed will be instantiated +at the remote gateway. So while the script creates SPDs to/from the +remote gateway and each network listed in the NETWORKS setting at the +front of the script, only one of these may be used at a time.
    +
  4. +
+12/11/2004 - +Shorewall 2.2.0 Beta 8
+
+
Problems Corrected:
+
    +
  1. A typo in the /etc/shorewall/interfaces file has been corrected.
  2. +
  3. Previously, the "add" and "delete" commands were generating +incorrect policy matches when policy match support was available.
  4. +
+New Features:
+
    +
  1. Recent 2.6 kernels include code that evaluates TCP packets based +on TCP Window analysis. This can cause packets that were previously +classified as NEW or ESTABLISHED to be classified as INVALID.
    +
    +The new kernel code can be disabled by including this command in your +/etc/shorewall/init file:
    +
    +    echo 1 > +/proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal
    +
    +Additional kernel logging about INVALID TCP packets may be obtained by +adding this command to /etc/shorewall/init:
    +
    +    echo 1 > +/proc/sys/net/ipv4/netfilter/ip_conntrack_log_invalid
    +
    +Traditionally, Shorewall has dropped INVALID TCP packets early. The new +DROPINVALID option allows INVALID packets to be passed through the +normal rules chains by setting DROPINVALID=No.
    +
    +If not specified or if specified as empty (e.g., DROPINVALID="") then +DROPINVALID=Yes is assumed.
    +
    +
  2. +
  3. The "shorewall add" and "shorewall delete" commands now accept a +list of hosts to add or delete.
    +
    +Examples:
    +
    +    shorewall add eth1:1.2.3.4 eth1:2.3.4.5 z12
    +    shorewall delete eth1:1.2.3.4 eth1:2.3.4.5 z12
    +
    +The above commands may also be written:
    +
    +    shorewall add eth1:1.2.3.4,2.3.4.5 z12
    +    shorewall delete eth1:1.2.3.4,2.3.4.5 z12
    +  
    +
  4. +
12/04/2004 - Shorewall 2.2.0 Beta 7

diff --git a/Shorewall-Website/useful_links.html b/Shorewall-Website/useful_links.html index 784a42282..79d8adf79 100755 --- a/Shorewall-Website/useful_links.html +++ b/Shorewall-Website/useful_links.html @@ -6,7 +6,7 @@ -
+
@@ -73,8 +73,6 @@ Shorewall: -