From 3d9d913b4b5be74173befefac00b1de424486d5d Mon Sep 17 00:00:00 2001 From: teastep Date: Fri, 1 Aug 2003 02:49:12 +0000 Subject: [PATCH] 1.4.6_2003-731 plus idiot-proofing of the policy file git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@682 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb --- Shorewall/fallback.sh | 2 +- Shorewall/install.sh | 2 +- Shorewall/policy | 9 +++++++-- Shorewall/shorewall.conf | 2 +- Shorewall/shorewall.spec | 4 +++- Shorewall/uninstall.sh | 2 +- 6 files changed, 14 insertions(+), 7 deletions(-) diff --git a/Shorewall/fallback.sh b/Shorewall/fallback.sh index 22a3a658a..0d37087d2 100755 --- a/Shorewall/fallback.sh +++ b/Shorewall/fallback.sh @@ -28,7 +28,7 @@ # shown below. Simply run this script to revert to your prior version of # Shoreline Firewall. -VERSION=1.4.6-20030726 +VERSION=1.4.6-20030731 usage() # $1 = exit status { diff --git a/Shorewall/install.sh b/Shorewall/install.sh index b0f7c4c57..08066e66e 100755 --- a/Shorewall/install.sh +++ b/Shorewall/install.sh @@ -54,7 +54,7 @@ # /etc/rc.d/rc.local file is modified to start the firewall. # -VERSION=1.4.6-20030727 +VERSION=1.4.6-20030731 usage() # $1 = exit status { diff --git a/Shorewall/policy b/Shorewall/policy index 3f82de9c7..68a90846f 100644 --- a/Shorewall/policy +++ b/Shorewall/policy @@ -3,6 +3,8 @@ # # /etc/shorewall/policy # +# THE ORDER OF ENTRIES IN THIS FILE IS IMPORTANT +# # This file determines what to do with a new connection request if we # don't get a match from the /etc/shorewall/rules file or from the # /etc/shorewall/common[.def] file. For each source/destination pair, the @@ -72,5 +74,8 @@ #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST loc net ACCEPT net all DROP info -all all REJECT info -#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE +# +# THE FOLLOWING POLICY MUST BE LAST +# +all all REJECT info +#LAST LINE -- DO NOT REMOVE diff --git a/Shorewall/shorewall.conf b/Shorewall/shorewall.conf index 6970e65a1..a3e05a87f 100755 --- a/Shorewall/shorewall.conf +++ b/Shorewall/shorewall.conf @@ -461,7 +461,7 @@ NEWNOTSYN=No # If this variable is not set or it is set to the null value then # ADMINISABSENTMINDED=No is assumed. # -ADMINISABSENTMINDED=No +ADMINISABSENTMINDED=Yes ################################################################################ # P A C K E T D I S P O S I T I O N diff --git a/Shorewall/shorewall.spec b/Shorewall/shorewall.spec index 6b29c2b5b..87f1b4048 100644 --- a/Shorewall/shorewall.spec +++ b/Shorewall/shorewall.spec @@ -1,5 +1,5 @@ %define name shorewall -%define version 1.4.6_20030727 +%define version 1.4.6_20030731 %define release 1 %define prefix /usr @@ -106,6 +106,8 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel %changelog +* Thu Jul 31 2003 Tom Eastep +- Changed version to 1.4.6_20030731-1 * Sun Jul 27 2003 Tom Eastep - Added /usr/share/shorewall/help - Changed version to 1.4.6_20030727-1 diff --git a/Shorewall/uninstall.sh b/Shorewall/uninstall.sh index 6a7eb654f..f187466e5 100755 --- a/Shorewall/uninstall.sh +++ b/Shorewall/uninstall.sh @@ -26,7 +26,7 @@ # You may only use this script to uninstall the version # shown below. Simply run this script to remove Seattle Firewall -VERSION=1.4.6-20030726 +VERSION=1.4.6-20030731 usage() # $1 = exit status {