holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Shorewall 2.0.2d

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1373 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2004-05-28 17:24:32 +00:00
parent 1baf2f468f
commit 03153243eb
4 changed files with 294 additions and 219 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Shorewall-Website/Shorewall_index_frame.htm
View File

@ -38,7 +38,7 @@ Repository</a></li>
<li> <a href="quotes.htm">Quotes from Users</a></li>
<li><a href="useful_links.html">Useful Links</a></li>
<li> <a href="shoreline.htm">About the Author</a></li>
<li> <a href="seattlefirewall_index.htm#Donations">Donations</a></li>
<li> <a href="shorewall_index.htm#Donations">Donations</a></li>
</ul>
<p><a href="copyright.htm"><font size="2">Copyright © 2001-2004 Thomas
M. Eastep.</font></a><br>

64
Shorewall-Website/Shorewall_sfindex_frame.htm
View File

@ -18,49 +18,38 @@
<tr>
<td width="100%" bgcolor="#ffffff">
<ul>
<li> <a href="seattlefirewall_index.htm">Home</a></li>
<li> <a href="shorewall_features.htm">Features</a></li>
<li><a href="Shorewall_Doesnt.html">What it Cannot Do</a><br>
<li style="font-weight: bold;"><a href="index.htm" target="_top">Home</a></li>
<li style="font-weight: bold;"><a href="download.htm">Download</a></li>
<li><a href="Install.htm"><span style="font-weight: bold;">Installation</span></a>
</li>
<li> <a href="shorewall_prerequisites.htm">Requirements</a></li>
<li> <a href="download.htm">Download</a><br>
</li>
<li> <a href="Install.htm">Installation/Upgrade/</a><br>
<a href="Install.htm">Configuration</a><br>
</li>
<li> <a href="shorewall_quickstart_guide.htm">QuickStart
Guides (HOWTOs)</a><br>
</li>
<li> <b><a href="Documentation_Index.html">Documentation</a></b></li>
<li> <a href="FAQ.htm">FAQs</a>&nbsp; (<a
href="http://wiki.rettc.com/wiki.phtml?title=Wiki_Shorewall_FAQ"
<li><b><a href="Documentation_Index.html">Documentation</a></b></li>
<li><a href="FAQ.htm"><span style="font-weight: bold;">FAQ</span>s</a>&nbsp;
(<a href="http://wiki.rettc.com/wiki.phtml?title=Wiki_Shorewall_FAQ"
target="_top">Wiki</a>)</li>
<li><a href="useful_links.html">Useful Links</a><br>
</li>
<li> <a href="troubleshoot.htm"><span
style="font-weight: bold;">Troubleshooting - </span>Things to try if
it doesn't
work</a></li>
<li> <a href="errata.htm">Errata</a></li>
<li> <a href="upgrade_issues.htm">Upgrade Issues</a></li>
<li> <a href="support.htm"><span style="font-weight: bold;">Support
- </span>Getting help or Answers to Questions</a></li>
<li><a href="http://lists.shorewall.net">Mailing Lists</a><a
href="http://lists.shorewall.net"> </a><br>
</li>
<li><a href="shorewall_mirrors.htm">Mirrors</a>
<ul>
<li><a href="troubleshoot.htm"><span style="font-weight: bold;">Troubleshooting</span></a></li>
<li><a href="support.htm"><span style="font-weight: bold;">Support</span></a></li>
</ul>
</li>
<ul>
<li> <a href="shorewall_features.htm">Features</a></li>
<li><a href="Shorewall_Doesnt.html">What it
Cannot Do</a> </li>
<li> <a href="shorewall_prerequisites.htm">Requirements</a></li>
<li><a href="http://lists.shorewall.net">Mailing
Lists</a><a href="http://lists.shorewall.net"> </a> </li>
<li><a href="upgrade_issues.htm">Upgrade
Issues</a></li>
<li><a href="errata.htm">Errata</a></li>
<li><a href="shorewall_mirrors.htm">Mirrors</a> </li>
<li> <a href="News.htm">News Archive</a></li>
<li> <a
href="http://cvs.shorewall.net/Shorewall_CVS_Access.html">CVS
Repository</a></li>
<li> <a href="quotes.htm">Quotes from Users</a></li>
<ul>
</ul>
<li><a href="useful_links.html">Useful Links</a></li>
<li> <a href="shoreline.htm">About the Author</a></li>
<li> <a href="seattlefirewall_index.htm#Donations">Donations</a></li>
<li> <a href="shorewall_index.htm#Donations">Donations</a></li>
</ul>
<ul>
</ul>
</td>
</tr>
@ -71,9 +60,10 @@ Repository</a></li>
</p>
<h1 align="center"><b><a href="http://www.sf.net"><img align="left"
alt="SourceForge Logo"
src="http://sourceforge.net/sflogo.php?group_id=22587&amp;type=3"></a></b></h1>
src="http://sourceforge.net/sflogo.php?group_id=22587&amp;type=1" title=""
style="border: 0px solid ; width: 88px; height: 31px;"></a></b></h1>
<br>
<b><b>This site is hosted by the generous folks at <a
href="http://www.sf.net">SourceForge.net</a></b></b>
This site is hosted by the generous folks at <a
href="http://www.sf.net">SourceForge.net</a>
</body>
</html>

16
Shorewall-Website/download.htm
View File

@ -22,7 +22,7 @@ Texts. A copy of the license is included in the section entitled “<span
class="quote"><a href="GnuCopyright.htm" target="_self">GNU Free
Documentation License</a></span>”.<br>
</p>
<p>2004-04-05<br>
<p>2004-05-18<br>
</p>
<hr style="width: 100%; height: 2px;">
<p><b>I strongly urge you to read and print a copy of the <a
@ -200,15 +200,11 @@ repository at cvs.shorewall.net</a> contains the latest snapshots of
the each Shorewall component. There's no guarantee that what you find
there will work at all.<br>
</p>
</blockquote>
<p align="left"><b>Shapshots:<br>
</b></p>
<blockquote>
<p align="left">Periodic snapshots from CVS may be found at <a
href="http://shorewall.net/pub/shorewall/Snapshots/">http://shorewall.net/pub/shorewall/Snapshots</a>
(<a href="ftp://shorewall.net/pub/shorewall/Snapshots/" target="_top">FTP</a>).
These snapshots have undergone initial testing and will have been
installed and run at shorewall.net.<br>
<p align="left">The CVS repository also can be used to retreive the
latest released versions. <a
href="http://shorewall.net/pub/shorewall/contrib/makelrp.sh">Here is a
shell script</a> that allows you to create a .lrp file from the current
contents of the CVS Lrp2/ project.<br>
</p>
</blockquote>
</body>

261
Shorewall-Website/shorewall_index.htm
View File

@ -8,30 +8,63 @@
</head>
<body>
<div>
<table border="0" cellpadding="0" cellspacing="0" id="AutoNumber4"
style="border-collapse: collapse; width: 100%; height: 100%;">
<tbody>
<tr>
<td width="90%">
<h2>Introduction to Shorewall</h2>
<h3>This is the Shorewall 2.0 Web Site</h3>
<div style="margin-left: 40px;">The information on this site
<h1>Shorewall 2.0</h1>
<span style="font-weight: bold;">Tom Eastep</span><br>
<br>
The information on this site
applies only to 2.0.x releases of
Shorewall. For older versions:<br>
</div>
<ul>
<ul>
<ul>
<li>The 1.4 site is <a href="http://www.shorewall.net/1.4"
target="_top">here.<br>
</a></li>
<li>The 1.3 site is <a href="http://www.shorewall.net/1.3"
target="_top">here.</a></li>
<li>The 1.2 site is <a href="http://shorewall.net/1.2/"
target="_top">here</a>.</li>
</ul>
</ul>
<h3>Glossary</h3>
<ul>
<li>The 1.2 site is <a href="http://shorewall.net/1.2/" target="_top">here</a>.</li>
</ul>
Copyright © 2001-2004 Thomas M. Eastep<br>
<div>
<div class="legalnotice">
<p>Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU Free Documentation License, Version
1.2 or any later version published by the Free Software Foundation;
with no Invariant Sections, with no Front-Cover, and with no Back-Cover
Texts. A copy of the license is included in the section entitled “<span
class="quote"><a
href="file:///vfat/Ursa/Shorewall/Shorewall-Website/GnuCopyright.htm"
target="_self">GNU Free
Documentation License</a></span>”.</p>
</div>
</div>
<div>
<p class="pubdate">2004-05-28<br>
</p>
<hr style="width: 100%; height: 2px;"></div>
<h3>Table of Contents</h3>
<div style="margin-left: 40px;"><a href="#Intro">Introduction to
Shorewall</a><br>
<div style="margin-left: 40px;"><a href="#Glossary">Glossary</a><br>
<a href="#WhatIs">What is Shorewall?</a><br>
<a href="#GettingStarted">Getting Started with Shorewall</a><br>
<a href="#Info">Looking for Information?</a><br>
<a href="#Mandrake">Running Shorewall on Mandrake® with a
two-interface setup?</a><br>
<a href="#License">License</a><br>
</div>
<a href="#News">News</a><br>
<div style="margin-left: 40px;"><a href="#2_0_2d">Shorewall 2.0.2d</a><br>
<a href="#2_0_2c">Shorewall 2.0.2c</a><br>
<a href="#2_0_2b">Shorewall 2.0.2b</a><br>
<a href="#2_0_2a">Shorewall 2.0.2a</a><br>
<a href="#2_0_2">Shorewall 2.0.2</a><br>
<a href="#LinuxFest">Presentation at LinuxFest NW</a><br>
</div>
<a href="#Leaf">Leaf</a><br>
<a href="#Donations">Donations</a><br>
</div>
<h2><a name="Intro"></a>Introduction to Shorewall</h2>
<h3><a name="Glossary"></a>Glossary</h3>
<ul>
<li><a href="http://www.netfilter.org" target="_top">Netfilter</a>
- the
packet filter facility built into the 2.4 and later Linux kernels.</li>
@ -43,9 +76,9 @@ compatibility mode.</li>
control Netfilter. The term 'iptables' is often used to refer to the
combination of iptables+Netfilter (with Netfilter not in ipchains
compatibility mode).</li>
</ul>
<h3>What is Shorewall?</h3>
<div style="margin-left: 40px;">The Shoreline Firewall, more
</ul>
<h3><a name="WhatIs"></a>What is Shorewall?</h3>
<div style="margin-left: 40px;">The Shoreline Firewall, more
commonly known as "Shorewall", is
a high-level tool for configuring Netfilter. You describe your
firewall/gateway requirements using entries in a set of configuration
@ -59,71 +92,121 @@ and can thus take advantage of Netfilter's <a
target="_top">connection
state tracking
capabilities</a>.<br>
<br>
<br>
Shorewall is <span style="text-decoration: underline;">not</span> a
daemon. Once Shorewall has configured Netfilter, it's job is complete.
After that, there is no Shorewall code running although the <a
href="starting_and_stopping_shorewall.htm">/sbin/shorewall
program can be used at any time to monitor the Netfilter firewall</a>.<br>
</div>
<h3>Getting Started with Shorewall</h3>
<div style="margin-left: 40px;">New to Shorewall? Start by
</div>
<h3><a name="GettingStarted"></a>Getting Started with Shorewall</h3>
<div style="margin-left: 40px;">New to Shorewall? Start by
selecting the <a href="shorewall_quickstart_guide.htm">QuickStart Guide</a>
that most
closely match your environment and follow the step by step instructions.<br>
</div>
<h3>Looking for Information?</h3>
<div style="margin-left: 40px;">The <a
href="Documentation_Index.html">Documentation
closely matches your environment and follow the step by step
instructions.<br>
</div>
<h3><a name="Info"></a>Looking for Information?</h3>
<div style="margin-left: 40px;">The <a href="Documentation_Index.html">Documentation
Index</a> is a good place to start as is the Quick Search in the frame
above. </div>
<h3>Running Shorewall on Mandrake® with a two-interface setup?</h3>
<div style="margin-left: 40px;">If so, the documentation on this
<h3><a name="Mandrake"></a>Running Shorewall on Mandrake® with a
two-interface setup?</h3>
<div style="margin-left: 40px;">If so, the documentation on this
site will not apply directly
to your setup. If you want to use the documentation that you find here,
you will want to consider uninstalling what you have and installing a
setup that matches the documentation on this site. See the <a
href="two-interface.htm">Two-interface QuickStart Guide</a> for
details.<br>
<br>
<span style="font-weight: bold;">Update: </span>I've been
<br>
<span style="font-weight: bold;">Update: </span>I've been
informed by Mandrake Development that this problem has been corrected
in Mandrake 10.0 Final (the problem still exists in the 10.0 Community
release).<br>
</div>
<h3>License</h3>
<div style="margin-left: 40px;">This program is free software;
</div>
<h3><a name="License"></a>License</h3>
<div style="margin-left: 40px;">This program is free software;
you can redistribute it and/or modify it
under the terms of <a href="http://www.gnu.org/licenses/gpl.html">Version
2 of the GNU General Public License</a> as published by the Free
Software Foundation.<br>
</div>
<p style="margin-left: 40px;">This program is distributed in the
</div>
<p style="margin-left: 40px;">This program is distributed in the
hope that it will be
useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more detail.</p>
<div style="margin-left: 40px;"> </div>
<p style="margin-left: 40px;">You should have received a copy of
<div style="margin-left: 40px;"> </div>
<p style="margin-left: 40px;">You should have received a copy of
the GNU General Public
License along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA</p>
<div style="margin-left: 40px;">Permission is granted to copy,
<div style="margin-left: 40px;">Permission is granted to copy,
distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.2 or
any later version published by the Free Software Foundation; with no
Invariant Sections, with no Front-Cover, and with no Back-Cover Texts.
A copy of the license is included in the section entitled <a>"GNU Free
Documentation License"</a>. </div>
<p>Copyright © 2001-2004 Thomas M. Eastep </p>
<hr style="width: 100%; height: 2px;">
<h2>News</h2>
<p><b>5/13/2004 - Shorewall 2.0.2</b><b> </b><b> <img
alt="(New)" src="images/new10.gif"
style="border: 0px solid ; width: 28px; height: 12px;" title=""></b></p>
<p>Problems Corrected since 2.0.1<br>
</p>
<ol>
<p> </p>
<hr style="width: 100%; height: 2px;">
<h2><a name="News"></a>News</h2>
<p><b><a name="2_0_2d"></a>5/28/2004 - Shorewall 2.0.2d<br>
</b><br>
One problem corrected:<br>
</p>
<ol>
<li>Shorewall was checking capabilities before loading kernel
modules. Consequently, if kernel module autoloading was disabled, the
capabilities were mis-detected.<br>
</li>
</ol>
<p><b><a name="2_0_2c"></a>5/21/2004 - Shorewall 2.0.2c</b></p>
One problem corrected:<br>
<ol>
<li>&nbsp;DNAT rules with a dynamic source zone don't work
properly. When used, these rules cause the rule to be checked against
ALL input,&nbsp; not just input from the designated zone.<br>
</li>
</ol>
<p><b><a name="2_0_2b"></a>5/18/2004 - Shorewall 2.0.2b</b><b>&nbsp;</b></p>
<p>Corrects two problems:</p>
<ol>
<li>Specifying a null common action in /etc/shorewall/actions
(e.g., :REJECT) results in a startup error.<br>
<br>
</li>
<li>If /var/lib/shorewall does not exist, shorewall start fails.<br>
</li>
</ol>
<p><b><a name="2_0_2a"></a>5/15/2004 - Shorewall 2.0.2a</b><b> </b><br>
</p>
<p>Corrects two problems:<br>
</p>
<ol>
<li>Temporary restore files were not being removed from
/var/lib/shorewall. These files have names of the form
'restore-nnnnn'.&nbsp;
You can remove files that have accumulated with the command: <br>
<br>
&nbsp;&nbsp;&nbsp;&nbsp;rm -f /var/lib/shorewall/restore-[0-9]* <br>
<br>
</li>
<li>The restore script did not load kernel modules. The result
was that after a cold load, applications like FTP and IRC DCC didn't
work. <br>
<br>
To correct: <br>
<br>
&nbsp;&nbsp;&nbsp;&nbsp;1) Install 2.0.2a <br>
&nbsp;&nbsp;&nbsp;&nbsp;2) "shorewall restart" <br>
&nbsp;&nbsp;&nbsp;&nbsp;3) "shorewall save" </li>
</ol>
<p><b><a name="2_0_2"></a>5/13/2004 - Shorewall 2.0.2</b><b>&nbsp;</b></p>
<p>Problems Corrected since 2.0.1<br>
</p>
<ol>
<li>The /etc/init.d/shorewall script installed on Debian by
install.sh failed silently due to a missing file
(/usr/share/shorewall/wait4ifup). That file is not part of the normal
@ -133,9 +216,9 @@ processing has been eliminated.</li>
<li>The "shorewall delete" command now correctly removes all
dynamic rules pertaining to the host(s) being deleted. Thanks to Stefan
Engel for this correction.</li>
</ol>
Issues when migrating from Shorewall 2.0.0 to Shorewall 2.0.1:<br>
<ol>
</ol>
Issues when migrating from Shorewall 2.0.1 to Shorewall 2.0.2:<br>
<ol>
<li>Extension Scripts -- In order for extension scripts to work
properly with the new iptables-save/restore integration (see New
Feature 1 below), some change may be required to your extension
@ -178,9 +261,9 @@ written to the restore file.<br>
<li>Dynamic Zone support -- If you don't need to use the
"shorewall add" and "shorewall delete commands, you should set
DYNAMIC_ZONES=No in /etc/shorewall/shorewall.conf.</li>
</ol>
</ol>
New Features:<br>
<ol>
<ol>
<li>Shorewall has now been integrated with
iptables-save/iptables-restore to provide very fast start and restart.
The elements of this integration are as follows:<br>
@ -352,53 +435,59 @@ in the install.sh script before running it as follows:<br>
<br>
Thanks to Alex Wilms for helping with this change.<br>
</li>
</ol>
<p><b>4/17/2004 - Presentation at LinuxFest NW</b><b><br>
</b></p>
<p>Today I gave a presentation at LinuxFest NW in Bellingham. The
</ol>
<p><b><a name="LinuxFest"></a>4/17/2004 - Presentation at
LinuxFest NW</b><b><br>
</b></p>
<p>Today I gave a presentation at LinuxFest NW in Bellingham. The
presentation was entitled "<a
href="http://lists.shorewall.net/Shorewall_and_the_Enterprise.htm"
target="_blank">Shorewall
and the Enterprise</a>" and described the history of Shorewall and gave
an overview of its features.<br>
</p>
<ol>
</ol>
<p><a href="News.htm">More News</a></p>
<hr style="width: 100%; height: 2px;">
<p><a href="http://leaf.sourceforge.net" target="_top"><img
</p>
<ol>
</ol>
<p><a href="News.htm">More News</a></p>
<hr style="width: 100%; height: 2px;">
<h2><a name="Leaf"></a>Leaf<br>
</h2>
<p><a href="http://leaf.sourceforge.net" target="_top"><img
alt="(Leaf Logo)"
style="border: 0px solid ; height: 36px; width: 49px;"
src="images/leaflogo.gif" title=""></a> LEAF is an open source project
which provides a Firewall/router on a floppy, CD or CF. Several LEAF
distributions including Bering and Bering-uCLib use Shorewall as their
distributions including Bering and Bering-uClibc use Shorewall as their
Netfilter configuration tool.<br>
</p>
<div>
<div style="text-align: center;"> </div>
</div>
<hr style="width: 100%; height: 2px;">
<h2><a name="Donations"></a>Donations<br>
</h2>
<p style="text-align: left;"> <big><a href="http://www.alz.org"
</p>
<div>
<div style="text-align: center;"> </div>
</div>
<hr style="width: 100%; height: 2px;">
<h2><a name="Donations"></a>Donations
</h2>
<p style="text-align: left;"> </p>
<p style="text-align: left;"><big><a href="http://www.alz.org"
target="_top"><img src="images/alz_logo2.gif" title=""
alt="(Alzheimer's Association Logo)"
style="border: 0px solid ; width: 300px; height: 60px;" align="left"></a>Shorewall
style="border: 0px solid ; width: 300px; height: 60px;" align="left"></a></big></p>
<h2><big><a href="http://www.starlight.org" target="_top"><img
src="images/newlog.gif" title="" alt="(Starlight Foundation Logo)"
style="border: 0px solid ; width: 59px; height: 102px;" align="left"></a></big></h2>
<p style="text-align: left;"><big>Shorewall
is free but
if you
try it and find it useful,
please consider making a donation to the <a href="http://www.alz.org/"
target="_top">Alzheimer's Association</a>. Thanks!</big> </p>
</td>
</tr>
<tr>
<td style="vertical-align: top;"> <br>
</td>
</tr>
</tbody>
</table>
target="_top">Alzheimer's Association</a> or to the <a
href="http://www.starlight.org" target="_top">Starlight Children's
Foundation</a>.<br>
</big></p>
<p style="text-align: left;"><big>Thanks<br>
<br>
</big></p>
<p style="text-align: left;"><big><br>
</big> </p>
</div>
<p><font size="2">Updated 05/10/2004 - <a href="support.htm">Tom Eastep</a></font><br>
</p>
</body>
</html>