Changes for 1.4.3a

git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@559 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2003-05-19 23:28:37 +00:00
parent 899623cd9e
commit 8bf7e8e7b4
7 changed files with 27 additions and 4 deletions

View File

@ -7,3 +7,7 @@ Changes since 1.4.2
3. Added $LOGMARKER for fireparse support
4. Return more appropriate ICMP responses if the systems supports them.
5. Silently drop UDP 135 in common.def.

View File

@ -16,6 +16,7 @@ run_iptables -A common -p icmp -j icmpdef
############################################################################
# NETBIOS chatter
#
run_iptables -A common -p udp --dport 135 -j reject
run_iptables -A common -p udp --dport 137:139 -j reject
run_iptables -A common -p udp --dport 445 -j reject
run_iptables -A common -p tcp --dport 139 -j reject

View File

@ -28,7 +28,7 @@
# shown below. Simply run this script to revert to your prior version of
# Shoreline Firewall.
VERSION=1.4.3
VERSION=1.4.3a
usage() # $1 = exit status
{

View File

@ -54,7 +54,7 @@
# /etc/rc.d/rc.local file is modified to start the firewall.
#
VERSION=1.4.3
VERSION=1.4.3a
usage() # $1 = exit status
{

View File

@ -19,3 +19,19 @@ New Features:
(http://www.fireparse.com) by setting LOGMARKER="fp=" in
/etc/shorewall/shorewall.conf. Note: You may not use ULOG
with fireparse unless you modify fireparse.
3) If you are running iptables 1.2.7a and kernel 2.4.20, then
Shorewall will return reject replies as follows:
a) tcp - RST
b) udp - ICMP port unreachable
c) icmp - ICMP host unreachable
d) Otherwise - ICMP host prohibited
If you are running earlier software, Shorewall will follow it's
traditional convention:
a) tcp - RST
b) Otherwise - ICMP port unreachable
4) UDP Port 135 is now silently dropped in the common.def chain.

View File

@ -1,5 +1,5 @@
%define name shorewall
%define version 1.4.3
%define version 1.4.3a
%define release 1
%define prefix /usr
@ -105,6 +105,8 @@ fi
%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel
%changelog
* Mon May 19 2003 Tom Eastep <tom@shorewall.net>
- Changed version to 1.4.3a-1
* Sun May 18 2003 Tom Eastep <tom@shorewall.net>
- Changed version to 1.4.3-1
* Mon Apr 07 2003 Tom Eastep <tom@shorewall.net>

View File

@ -26,7 +26,7 @@
# You may only use this script to uninstall the version
# shown below. Simply run this script to remove Seattle Firewall
VERSION=1.4.3
VERSION=1.4.3a
usage() # $1 = exit status
{