mirror of
https://gitlab.com/shorewall/code.git
synced 2024-11-28 10:33:21 +01:00
c68ecd14e7
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@519 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
387 lines
8.6 KiB
HTML
387 lines
8.6 KiB
HTML
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<html>
|
|
<head>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<meta http-equiv="Content-Type"
|
|
content="text/html; charset=windows-1252">
|
|
<title>Shoreline Firewall (Shorewall) 1.4</title>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<base target="_self">
|
|
</head>
|
|
<body>
|
|
|
|
|
|
|
|
|
|
<table border="0" cellpadding="0" cellspacing="4"
|
|
style="border-collapse: collapse;" width="100%" id="AutoNumber3"
|
|
bgcolor="#4b017c">
|
|
|
|
<tbody>
|
|
|
|
<tr>
|
|
|
|
<td width="100%"
|
|
height="90">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<h1 align="center"> <font size="4"><i> <a
|
|
href="http://www.cityofshoreline.com"> <img vspace="4" hspace="4"
|
|
alt="Shorwall Logo" height="70" width="85" align="left"
|
|
src="images/washington.jpg" border="0">
|
|
|
|
</a></i></font><a
|
|
href="http://www.shorewall.net" target="_top"><img border="1"
|
|
src="images/shorewall.jpg" width="119" height="38" hspace="4"
|
|
alt="(Shorewall Logo)" align="right" vspace="4">
|
|
</a></h1>
|
|
<small><small><small><small><a
|
|
href="http://www.shorewall.net" target="_top"> </a></small></small></small></small>
|
|
|
|
<div align="center">
|
|
<h1><font color="#ffffff">Shorewall 1.4</font><i><font
|
|
color="#ffffff"> <small><small><small>"iptables made easy" </small></small></small></font></i></h1>
|
|
</div>
|
|
|
|
|
|
|
|
<p><a href="http://www.shorewall.net" target="_top">
|
|
</a> </p>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<div align="center"><a href="1.3" target="_top"><font
|
|
color="#ffffff">Shorewall 1.3 Site is here</font></a>
|
|
<br>
|
|
|
|
</div>
|
|
</td>
|
|
|
|
</tr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</tbody>
|
|
|
|
</table>
|
|
|
|
|
|
|
|
|
|
<div align="center">
|
|
|
|
<center>
|
|
|
|
<table border="0" cellpadding="0" cellspacing="0"
|
|
style="border-collapse: collapse;" width="100%" id="AutoNumber4">
|
|
|
|
<tbody>
|
|
|
|
<tr>
|
|
|
|
<td width="90%">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<h2 align="left">What is it?</h2>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<p>The Shoreline Firewall, more commonly known as "Shorewall", is
|
|
a <a href="http://www.netfilter.org">Netfilter</a> (iptables) based
|
|
firewall that can be used on a dedicated firewall system, a multi-function
|
|
gateway/router/server or on a standalone GNU/Linux system.</p>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<p>This program is free software; you can redistribute it and/or modify
|
|
it under the
|
|
terms of <a href="http://www.gnu.org/licenses/gpl.html">Version
|
|
2 of the GNU General Public License</a> as published by the Free
|
|
Software Foundation.<br>
|
|
|
|
<br>
|
|
|
|
This program is distributed
|
|
in the hope that it will be useful, but
|
|
WITHOUT ANY WARRANTY; without even the implied
|
|
warranty of MERCHANTABILITY or FITNESS FOR
|
|
A PARTICULAR PURPOSE. See the GNU General Public
|
|
License for more details.<br>
|
|
|
|
<br>
|
|
|
|
You should have received
|
|
a copy of the GNU General Public License
|
|
along with this program; if not, write
|
|
to the Free Software Foundation, Inc., 675
|
|
Mass Ave, Cambridge, MA 02139, USA</p>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<p><a href="copyright.htm">Copyright 2001, 2002, 2003 Thomas M. Eastep</a></p>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<p> <a href="http://leaf.sourceforge.net" target="_top"><img
|
|
border="0" src="images/leaflogo.gif" width="49" height="36">
|
|
|
|
</a>Jacques
|
|
Nilo and Eric Wolzak have a LEAF (router/firewall/gateway
|
|
on a floppy, CD or compact flash) distribution
|
|
called <i>Bering</i> that features
|
|
Shorewall-1.3.14 and Kernel-2.4.20. You can find
|
|
their work at: <a
|
|
href="http://leaf.sourceforge.net/devel/jnilo"> http://leaf.sourceforge.net/devel/jnilo<br>
|
|
</a></p>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<p><b>Congratulations to Jacques and Eric on the recent release of
|
|
Bering 1.1!!! </b><br>
|
|
</p>
|
|
|
|
<h2>This is a mirror of the main Shorewall web site at SourceForge
|
|
(<a href="http://shorewall.sf.net" target="_top">http://shorewall.sf.net</a>)</h2>
|
|
|
|
<h2>News</h2>
|
|
|
|
<p><b>3/24/2003 - Shorewall 1.4.1 </b><b> </b><b><img
|
|
border="0" src="images/new10.gif" width="28" height="12" alt="(New)">
|
|
</b></p>
|
|
This release follows up on 1.4.0. It corrects a problem introduced in 1.4.0
|
|
and removes additional warts.<br>
|
|
<br>
|
|
<b>Problems Corrected:</b><br>
|
|
|
|
<ol>
|
|
<li>When Shorewall 1.4.0 is run under the ash shell (such as on
|
|
Bering/LEAF), it can attempt to add ECN disabling rules even if the /etc/shorewall/ecn
|
|
file is empty. That problem has been corrected so that ECN disabling rules
|
|
are only added if there are entries in /etc/shorewall/ecn.</li>
|
|
|
|
</ol>
|
|
<b>New Features:</b><br>
|
|
|
|
<blockquote>Note: In the list that follows, the term <i>group </i>refers
|
|
to a particular network or subnetwork (which may be 0.0.0.0/0 or it may
|
|
be a host address) accessed through a particular interface. Examples:<br>
|
|
|
|
<blockquote>eth0:0.0.0.0/0<br>
|
|
eth2:192.168.1.0/24<br>
|
|
eth3:192.0.2.123<br>
|
|
</blockquote>
|
|
You can use the "shorewall check" command to see the groups associated
|
|
with each of your zones.<br>
|
|
</blockquote>
|
|
|
|
<ol>
|
|
<li>Beginning with Shorewall 1.4.1, if a zone Z comprises more
|
|
than one group<i> </i>then if there is no explicit Z to Z policy and there
|
|
are no rules governing traffic from Z to Z then Shorewall will permit all
|
|
traffic between the groups in the zone.</li>
|
|
<li>Beginning with Shorewall 1.4.1, Shorewall will never create
|
|
rules to handle traffic from a group to itself.</li>
|
|
<li>A NONE policy is introduced in 1.4.1. When a policy of NONE
|
|
is specified from Z1 to Z2:</li>
|
|
|
|
</ol>
|
|
|
|
<ul>
|
|
<li>There may be no rules created that govern connections from
|
|
Z1 to Z2.</li>
|
|
<li>Shorewall will not create any infrastructure to handle traffic
|
|
from Z1 to Z2.</li>
|
|
|
|
</ul>
|
|
See the <a href="upgrade_issues.htm">upgrade issues</a> for a discussion
|
|
of how these changes may affect your configuration.<br>
|
|
|
|
<p><a href="News.htm">More News</a></p>
|
|
|
|
<h2><a name="Donations"></a>Donations</h2>
|
|
|
|
|
|
</td>
|
|
|
|
<td width="88"
|
|
bgcolor="#4b017c" valign="top" align="center"> <br>
|
|
</td>
|
|
|
|
</tr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</tbody>
|
|
|
|
</table>
|
|
|
|
</center>
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
<table border="0" cellpadding="5" cellspacing="0"
|
|
style="border-collapse: collapse;" width="100%" id="AutoNumber2"
|
|
bgcolor="#4b017c">
|
|
|
|
<tbody>
|
|
|
|
<tr>
|
|
|
|
<td width="100%"
|
|
style="margin-top: 1px;">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<p align="center"><a href="http://www.starlight.org"> <img
|
|
border="4" src="images/newlog.gif" width="57" height="100" align="left"
|
|
hspace="10">
|
|
|
|
</a></p>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<p align="center"><font size="4" color="#ffffff">Shorewall is free
|
|
but if you try it and find it useful, please consider making a donation
|
|
to <a
|
|
href="http://www.starlight.org"><font color="#ffffff">Starlight
|
|
Children's Foundation.</font></a> Thanks!</font></p>
|
|
|
|
</td>
|
|
|
|
</tr>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</tbody>
|
|
|
|
</table>
|
|
|
|
|
|
|
|
|
|
<p><font size="2">Updated 3/21/2003 - <a href="support.htm">Tom Eastep</a></font>
|
|
|
|
<br>
|
|
</p>
|
|
<br>
|
|
<br>
|
|
<br>
|
|
|
|
</body>
|
|
</html>
|