mirror of
https://gitlab.com/shorewall/code.git
synced 2025-02-03 11:29:39 +01:00
Changes for 1.4.3a
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@559 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
parent
899623cd9e
commit
8bf7e8e7b4
@ -7,3 +7,7 @@ Changes since 1.4.2
|
||||
|
||||
3. Added $LOGMARKER for fireparse support
|
||||
|
||||
4. Return more appropriate ICMP responses if the systems supports them.
|
||||
|
||||
5. Silently drop UDP 135 in common.def.
|
||||
|
||||
|
@ -16,6 +16,7 @@ run_iptables -A common -p icmp -j icmpdef
|
||||
############################################################################
|
||||
# NETBIOS chatter
|
||||
#
|
||||
run_iptables -A common -p udp --dport 135 -j reject
|
||||
run_iptables -A common -p udp --dport 137:139 -j reject
|
||||
run_iptables -A common -p udp --dport 445 -j reject
|
||||
run_iptables -A common -p tcp --dport 139 -j reject
|
||||
|
@ -28,7 +28,7 @@
|
||||
# shown below. Simply run this script to revert to your prior version of
|
||||
# Shoreline Firewall.
|
||||
|
||||
VERSION=1.4.3
|
||||
VERSION=1.4.3a
|
||||
|
||||
usage() # $1 = exit status
|
||||
{
|
||||
|
@ -54,7 +54,7 @@
|
||||
# /etc/rc.d/rc.local file is modified to start the firewall.
|
||||
#
|
||||
|
||||
VERSION=1.4.3
|
||||
VERSION=1.4.3a
|
||||
|
||||
usage() # $1 = exit status
|
||||
{
|
||||
|
@ -19,3 +19,19 @@ New Features:
|
||||
(http://www.fireparse.com) by setting LOGMARKER="fp=" in
|
||||
/etc/shorewall/shorewall.conf. Note: You may not use ULOG
|
||||
with fireparse unless you modify fireparse.
|
||||
|
||||
3) If you are running iptables 1.2.7a and kernel 2.4.20, then
|
||||
Shorewall will return reject replies as follows:
|
||||
|
||||
a) tcp - RST
|
||||
b) udp - ICMP port unreachable
|
||||
c) icmp - ICMP host unreachable
|
||||
d) Otherwise - ICMP host prohibited
|
||||
|
||||
If you are running earlier software, Shorewall will follow it's
|
||||
traditional convention:
|
||||
|
||||
a) tcp - RST
|
||||
b) Otherwise - ICMP port unreachable
|
||||
|
||||
4) UDP Port 135 is now silently dropped in the common.def chain.
|
||||
|
@ -1,5 +1,5 @@
|
||||
%define name shorewall
|
||||
%define version 1.4.3
|
||||
%define version 1.4.3a
|
||||
%define release 1
|
||||
%define prefix /usr
|
||||
|
||||
@ -105,6 +105,8 @@ fi
|
||||
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
|
||||
|
||||
%changelog
|
||||
* Mon May 19 2003 Tom Eastep <tom@shorewall.net>
|
||||
- Changed version to 1.4.3a-1
|
||||
* Sun May 18 2003 Tom Eastep <tom@shorewall.net>
|
||||
- Changed version to 1.4.3-1
|
||||
* Mon Apr 07 2003 Tom Eastep <tom@shorewall.net>
|
||||
|
@ -26,7 +26,7 @@
|
||||
# You may only use this script to uninstall the version
|
||||
# shown below. Simply run this script to remove Seattle Firewall
|
||||
|
||||
VERSION=1.4.3
|
||||
VERSION=1.4.3a
|
||||
|
||||
usage() # $1 = exit status
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user