holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Update for mirror on SourceForge

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@323 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2002-11-09 21:34:47 +00:00
parent 5d60471420
commit 7b8ddbea8e
6 changed files with 1104 additions and 609 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
Shorewall-docs/Shorewall_index_frame.htm
View File

@ -24,6 +24,7 @@
<tr>
<td width="100%" height="90">
<h3 align="center"><font color="#ffffff">Shorewall</font></h3>
</td>
</tr>
@ -41,7 +42,7 @@
<a href="Install.htm">Configuration</a><br>
</li>
<li> <a href="shorewall_quickstart_guide.htm">QuickStart Guides
(HOWTOs)</a><br>
(HOWTOs)</a><br>
</li>
<li> <a
href="shorewall_quickstart_guide.htm#Documentation">Documentation</a></li>
@ -57,6 +58,7 @@
<li> <a href="shorewall_mirrors.htm">Mirrors</a>
<ul>
<li><a target="_top"
href="http://slovakia.shorewall.net">Slovak Republic</a></li>
@ -68,6 +70,8 @@
href="http://shorewall.correofuego.com.ar">Argentina</a></li>
<li><a target="_top"
href="http://france.shorewall.net">France</a></li>
<li><a href="http://shorewall.sf.net" target="_top">SourceForge</a><br>
</li>
@ -106,16 +110,18 @@
value="Search"></font> </p>
<font face="Arial"> <input type="hidden"
name="exclude" value="[http://www.shorewall.net/pipermail/*]"> </font>
</form>
</form>
<p><b><a href="htdig/search.html">Extended Search</a></b></p>
<p><b><a href="http://www.shorewall.net/htdig/search.html">Extended Search</a></b></p>
<p><a href="copyright.htm"><font size="2">Copyright</font> © <font
size="2">2001, 2002 Thomas M. Eastep.</font></a></p>
<p><a href="http://www.shorewall.net" target="_top"> <img border="1"
src="images/shorewall.jpg" width="119" height="38" hspace="0">
</a><br>
</p>
</a><br>
</p>
<br>
</body>
</html>

47
Shorewall-docs/download.htm
View File

@ -36,21 +36,21 @@
<ul>
<li>If you run a <b>RedHat</b>, <b>SuSE, Mandrake</b>, <b>
Linux PPC</b> or <b> TurboLinux</b> distribution with a 2.4
kernel, you can use the RPM version (note: the RPM should
also work with other distributions that store init scripts in
/etc/init.d and that include chkconfig or insserv). If you find
that it works in other cases, let <a
href="mailto:teastep@shorewall.net"> me</a> know so that
I can mention them here. See the <a href="Install.htm">Installation Instructions</a>
if you have problems installing the RPM.</li>
kernel, you can use the RPM version (note: the RPM should also
work with other distributions that store init scripts in /etc/init.d
and that include chkconfig or insserv). If you find that it
works in other cases, let <a href="mailto:teastep@shorewall.net"> me</a>
know so that I can mention them here. See the <a
href="Install.htm">Installation Instructions</a> if you have problems
installing the RPM.</li>
<li>If you are running LRP, download the .lrp file (you might also
want to download the .tgz so you will have a copy of the documentation).</li>
<li>If you run <a href="http://www.debian.org"><b>Debian</b></a> and
would like a .deb package, Shorewall is in both the <a
href="http://packages.debian.org/testing/net/shorewall.html">Debian
Testing Branch</a> and the <a
want to download the .tgz so you will have a copy of the documentation).</li>
<li>If you run <a href="http://www.debian.org"><b>Debian</b></a>
and would like a .deb package, Shorewall is in both the <a
href="http://packages.debian.org/testing/net/shorewall.html">Debian Testing
Branch</a> and the <a
href="http://packages.debian.org/unstable/net/shorewall.html">Debian
Unstable Branch</a>.</li>
Unstable Branch</a>.</li>
<li>Otherwise, download the <i>shorewall</i> module (.tgz)</li>
</ul>
@ -99,9 +99,11 @@ Testing Branch</a> and the <a
<td>Shorewall.net</td>
<td><a
href="http://www.shorewall.net/pub/shorewall/LATEST.rpm">Download .rpm</a><br>
<a href="http://www.shorewall.net/pub/shorewall/LATEST.tgz">Download
<a
href="http://www.shorewall.net/pub/shorewall/LATEST.tgz">Download
.tgz</a> <br>
<a href="http://www.shorewall.net/pub/shorewall/LATEST.lrp">Download
<a
href="http://www.shorewall.net/pub/shorewall/LATEST.lrp">Download
.lrp</a></td>
<td><a
href="ftp://ftp.shorewall.net/pub/shorewall/LATEST.rpm" target="_blank">
@ -216,6 +218,17 @@ Testing Branch</a> and the <a
href="ftp://france.shorewall.net/pub/mirrors/shorewall/LATEST.lrp">Download
.lrp</a></td>
</tr>
<tr>
<td valign="top">SourceForge (California, USA)<br>
</td>
<td valign="top">sf.net<br>
</td>
<td valign="top"><a
href="http://sourceforge.net/projects/shorewall">Download</a><br>
</td>
<td valign="top"><br>
</td>
</tr>
</tbody>
</table>
@ -293,8 +306,7 @@ Testing Branch</a> and the <a
<p align="left">The <a target="_top"
href="http://www.shorewall.net/cgi-bin/cvs/cvsweb.cgi">CVS repository at
cvs.shorewall.net</a> contains the latest snapshots of the each Shorewall
component. There's no guarantee that what you find there will work at
all.</p>
component. There's no guarantee that what you find there will work at all.</p>
</blockquote>
<p align="left"><font size="2">Last Updated 11/9/2002 - <a
@ -307,5 +319,6 @@ all.</p>
<br>
<br>
<br>
<br>
</body>
</html>

112
Shorewall-docs/seattlefirewall_index.htm
View File

@ -68,9 +68,9 @@
<p>The Shoreline Firewall, more commonly known as "Shorewall", is
a <a href="http://www.netfilter.org">Netfilter</a> (iptables) based
firewall that can be used on a dedicated firewall system, a multi-function
<p>The Shoreline Firewall, more commonly known as "Shorewall", is a
<a href="http://www.netfilter.org">Netfilter</a> (iptables) based firewall
that can be used on a dedicated firewall system, a multi-function
gateway/router/server or on a standalone GNU/Linux system.</p>
@ -80,18 +80,18 @@ firewall that can be used on a dedicated firewall system, a multi-functio
<p>This program is free software; you can redistribute it and/or modify
it under the terms of <a
href="http://www.gnu.org/licenses/gpl.html">Version 2 of the GNU
General Public License</a> as published by the Free Software Foundation.<br>
href="http://www.gnu.org/licenses/gpl.html">Version 2 of the GNU General
Public License</a> as published by the Free Software Foundation.<br>
<br>
This program is distributed
in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
Public License for more details.<br>
<br>
You should have received
a copy of the GNU General Public License along with
this program; if not, write to the Free Software Foundation,
a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation,
Inc., 675 Mass Ave, Cambridge, MA 02139, USA</p>
@ -108,11 +108,11 @@ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
<p> <a href="http://leaf.sourceforge.net" target="_top"><img
border="0" src="images/leaflogo.gif" width="49" height="36">
</a>Jacques Nilo and
Eric Wolzak have a LEAF (router/firewall/gateway on a floppy, CD
or compact flash) distribution called <i>Bering</i> that
</a>Jacques Nilo
and Eric Wolzak have a LEAF (router/firewall/gateway on a floppy,
CD or compact flash) distribution called <i>Bering</i> that
features Shorewall-1.3.9b and Kernel-2.4.18. You can find
their work at: <a
their work at: <a
href="http://leaf.sourceforge.net/devel/jnilo"> http://leaf.sourceforge.net/devel/jnilo</a></p>
@ -121,25 +121,24 @@ their work at: <a
<h2>Thinking of Downloading this Site for Offline Browsing?</h2>
You might want to reconsider -- this site is <u><b>213 MB!!!</b></u>
and you will almost certainly be blacklisted before you download the whole
thing (my SDSL is only 384kbs so I'll have lots of time to catch you). Besides,
if you simply download the product and install it, you get the essential
parts of the site in a fraction of the time. And do you really want to download:<br>
You may want to reconsider -- this site is <u><b>181 MB!!!</b></u>
and you will almost certainly be blacklisted before you download the
whole thing (my SDSL is only 384kbs so I'll have lots of time to catch
you). Besides, if you simply download the product and install it, you get
the essential parts of the site in a fraction of the time. And do you really
want to download:<br>
<ul>
<li>Both text and HTML versions of every post ever made on three
different mailing lists (65 MB)?</li>
<li>Every .rpm, .tgz and .lrp ever released for both Shorewall
and Seawall (92MB and 10MB respectively)?</li>
<li>A 2.2.17-14 i586 RedHat Kernel RPM (6.9MB)?<br>
different mailing lists (67.5 MB)?</li>
<li>Every .rpm, .tgz and .lrp ever released for both Shorewall (92MB)?</li>
<li>The Shorewall 1.2 site (16.2MB).<br>
</li>
<li>Several ancient RPMs for courier-imap and maildrop (1.5MB).<br>
</li>
</ul>
You get all that and more if you do a blind recurive copy of this site.
Happy downloading!<br>
You get all that and more if you do a blind recurive copy of this
site. Happy downloading!<br>
<h2>News</h2>
@ -152,9 +151,15 @@ parts of the site in a fraction of the time. And do you really want to download
<p><b>11/09/2002 - Shorewall is Back at SourceForge</b><b> </b><b><img
border="0" src="images/new10.gif" width="28" height="12" alt="(New)">
</b></p>
<p>The Shorewall 1.3 web site is now mirrored at SourceForge on <a
href="http://shorewall.sf.net" target="_top">http://shorewall.sf.net</a>.<br>
</p>
<p><b>11/09/2002 - Shorewall 1.3.10</b><b> </b><b><img border="0"
src="file:///home/teastep/Shorewall-docs/images/new10.gif" width="28"
height="12" alt="(New)">
src="images/new10.gif" width="28" height="12" alt="(New)">
</b></p>
<p>In this version:</p>
@ -163,13 +168,13 @@ parts of the site in a fraction of the time. And do you really want to download
<li>You may now <a href="IPSEC.htm#Dynamic">define the contents
of a zone dynamically</a> with the <a
href="starting_and_stopping_shorewall.htm">"shorewall add" and "shorewall
delete" commands</a>. These commands are expected to be used primarily within
<a href="http://www.xs4all.nl/%7Efreeswan/">FreeS/Wan</a> updown
scripts.</li>
delete" commands</a>. These commands are expected to be used primarily
within <a href="http://www.xs4all.nl/%7Efreeswan/">FreeS/Wan</a>
updown scripts.</li>
<li>Shorewall can now do<a href="MAC_Validation.html"> MAC verification</a>
on ethernet segments. You can specify the set of allowed MAC addresses on
the segment and you can optionally tie each MAC address to one or more IP
addresses.</li>
on ethernet segments. You can specify the set of allowed MAC addresses
on the segment and you can optionally tie each MAC address to one or more
IP addresses.</li>
<li>PPTP Servers and Clients running on the firewall system may
now be defined in the<a href="PPTP.htm"> /etc/shorewall/tunnels</a> file.</li>
<li>A new 'ipsecnat' tunnel type is supported for use when the
@ -178,12 +183,12 @@ parts of the site in a fraction of the time. And do you really want to download
href="Documentation.htm#Conf">/etc/shorewall/shorewall.conf.</a></li>
<li>The main firewall script is now /usr/lib/shorewall/firewall.
The script in /etc/init.d/shorewall is very small and uses /sbin/shorewall
to do the real work. This change makes custom distributions such as for Debian
and for Gentoo easier to manage since it is /etc/init.d/shorewall that tends
to have distribution-dependent code.</li>
to do the real work. This change makes custom distributions such as for
Debian and for Gentoo easier to manage since it is /etc/init.d/shorewall
that tends to have distribution-dependent code.</li>
</ul>
If you have installed the 1.3.10 Beta 1 RPM and are now upgrading to version
If you have installed the 1.3.10 Beta 1 RPM and are now upgrading to version
1.3.10, you will need to use the '--force' option:<br>
<blockquote>
@ -210,26 +215,27 @@ contents of a zone dynamically</a> with the <a
updown scripts.</li>
<li>Shorewall can now do<a href="MAC_Validation.html">
MAC verification</a> on ethernet segments. You can specify the set of
allowed MAC addresses on the segment and you can optionally tie each
MAC address to one or more IP addresses.</li>
allowed MAC addresses on the segment and you can optionally tie each MAC
address to one or more IP addresses.</li>
<li>PPTP Servers and Clients running on the firewall system
may now be defined in the<a href="PPTP.htm"> /etc/shorewall/tunnels</a>
file.</li>
<li>A new 'ipsecnat' tunnel type is supported for use when
the <a href="IPSEC.htm">remote IPSEC endpoint is behind a NAT
gateway</a>.</li>
<li>A new 'ipsecnat' tunnel type is supported for use
when the <a href="IPSEC.htm">remote IPSEC endpoint is behind
a NAT gateway</a>.</li>
<li>The PATH used by Shorewall may now be specified in
<a href="Documentation.htm#Conf">/etc/shorewall/shorewall.conf.</a></li>
<li>The main firewall script is now /usr/lib/shorewall/firewall.
The script in /etc/init.d/shorewall is very small and uses /sbin/shorewall
to do the real work. This change makes custom distributions such as
for Debian and for Gentoo easier to manage since it is /etc/init.d/shorewall
to do the real work. This change makes custom distributions such as for
Debian and for Gentoo easier to manage since it is /etc/init.d/shorewall
that tends to have distribution-dependent code.</li>
</ul>
You may download the Beta from:<br>
<ul>
<li><a
href="http://www.shorewall.net/pub/shorewall/Beta">http://www.shorewall.net/pub/shorewall/Beta</a></li>
@ -237,6 +243,7 @@ for Debian and for Gentoo easier to manage since it is /etc/init.d/shorewall
href="ftp://ftp.shorewall.net/pub/shorewall/Beta" target="_top">ftp://ftp.shorewall.net/pub/shorewall/Beta</a><br>
</li>
</ul>
@ -311,12 +318,12 @@ running RedHat release 8.0.<br>
allowed in Shorewall config files (although I recommend against
using them).</li>
<li>The connection SOURCE may now be
qualified by both interface and IP address in a <a
qualified by both interface and IP address in a <a
href="Documentation.htm#Rules">Shorewall rule</a>.</li>
<li>Shorewall startup is now disabled
after initial installation until the file /etc/shorewall/startup_disabled
is removed. This avoids nasty surprises at reboot for users
who install Shorewall but don't configure it.</li>
is removed. This avoids nasty surprises at reboot for users who
install Shorewall but don't configure it.</li>
<li>The 'functions' and 'version' files
and the 'firewall' symbolic link have been moved from /var/lib/shorewall
to /usr/lib/shorewall to appease the LFS police at Debian.<br>
@ -376,8 +383,8 @@ who install Shorewall but don't configure it.</li>
<p align="center"><font size="4" color="#ffffff">Shorewall is free
but if you try it and find it useful, please consider making a donation
<p align="center"><font size="4" color="#ffffff">Shorewall is free but
if you try it and find it useful, please consider making a donation
to <a href="http://www.starlight.org"><font
color="#ffffff">Starlight Children's Foundation.</font></a> Thanks!</font></p>
</td>
@ -392,6 +399,7 @@ but if you try it and find it useful, please consider making a donation
<p><font size="2">Updated 11/9/2002 - <a href="support.htm">Tom Eastep</a></font>
<br>
</p>
</p>
<br>
</body>
</html>

22
Shorewall-docs/sfindex.htm Normal file
View File

@ -0,0 +1,22 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>Shoreline Firewall</title>
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
</head>
<frameset cols="242,*">
<frame name="contents" target="main" src="Shorewall_index_frame.htm">
<frame name="main" src="sourceforge_index.htm" target="_self" scrolling="auto">
<noframes>
<body>
<p>This page uses frames, but your browser doesn't support them.</p>
</body>
</noframes>
</frameset>
</html>

100
Shorewall-docs/shorewall_mirrors.htm
View File

@ -1,67 +1,83 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title>Shorewall Mirrors</title>
<meta http-equiv="Content-Language" content="en-us">
<meta http-equiv="Content-Type"
content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<title>Shorewall Mirrors</title>
</head>
<body>
<body>
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" bgcolor="#400169" height="90">
<table border="0" cellpadding="0" cellspacing="0"
style="border-collapse: collapse;" bordercolor="#111111" width="100%"
id="AutoNumber1" bgcolor="#400169" height="90">
<tbody>
<tr>
<td width="100%">
<h1 align="center"><font color="#FFFFFF">Shorewall Mirrors</font></h1>
<h1 align="center"><font color="#ffffff">Shorewall Mirrors</font></h1>
</td>
</tr>
</tbody>
</table>
<p align="left"><b>Remember that updates to the mirrors are often delayed for
6-12 hours after an update to the primary site.</b></p>
<p align="left"><b>Remember that updates to the mirrors are often delayed
for 6-12 hours after an update to the primary site.</b></p>
<p align="left">The main Shorewall Web Site is <a href="http://www.shorewall.net">http://www.shorewall.net</a>
and is located in Washington State, USA.
It is mirrored at:</p>
<p align="left">The main Shorewall Web Site is <a
href="http://www.shorewall.net">http://www.shorewall.net</a> and is located
in Washington State, USA. It is mirrored at:</p>
<ul>
<li><a target="_top" href="http://slovakia.shorewall.net">
http://slovakia.shorewall.net</a>
<li><a target="_top" href="http://slovakia.shorewall.net"> http://slovakia.shorewall.net</a>
(Slovak Republic).</li>
<li>
<a href="http://www.infohiiway.com/shorewall" target="_top">
http://shorewall.infohiiway.com</a>
(Texas, USA).</li>
<li><a target="_top" href="http://germany.shorewall.net">
http://germany.shorewall.net</a> (Hamburg, Germany)</li>
<li><a target="_top" href="http://shorewall.correofuego.com.ar">http://shorewall.correofuego.com.ar</a> (Martinez (Zona Norte - GBA), Argentina)</li>
<li> <a href="http://www.infohiiway.com/shorewall" target="_top">
http://shorewall.infohiiway.com</a> (Texas, USA).</li>
<li><a target="_top" href="http://germany.shorewall.net"> http://germany.shorewall.net</a>
(Hamburg, Germany)</li>
<li><a target="_top" href="http://shorewall.correofuego.com.ar">http://shorewall.correofuego.com.ar</a>
(Martinez (Zona Norte - GBA), Argentina)</li>
<li><a target="_top" href="http://france.shorewall.net">http://france.shorewall.net</a>
(Paris, France)</li>
<li><a href="http://shorewall.sf.net" target="_top">http://shorewall.sf.net</a>
(California, USA)<br>
</li>
</ul>
<p align="left">The main Shorewall FTP Site is <a href="ftp://ftp.shorewall.net/pub/shorewall/" target="_blank">ftp://ftp.shorewall.net/pub/shorewall/</a>
and is located in Washington State, USA.&nbsp;
It is mirrored at:</p>
<p align="left">The main Shorewall FTP Site is <a
href="ftp://ftp.shorewall.net/pub/shorewall/" target="_blank">ftp://ftp.shorewall.net/pub/shorewall/</a>
and is located in Washington State, USA.  It is mirrored at:</p>
<ul>
<li><a target="_blank" href="ftp://slovakia.shorewall.net/mirror/shorewall/">ftp://slovakia.shorewall.net/mirror/shorewall</a>
<li><a target="_blank"
href="ftp://slovakia.shorewall.net/mirror/shorewall/">ftp://slovakia.shorewall.net/mirror/shorewall</a>
(Slovak Republic).</li>
<li>
<a href="ftp://ftp.infohiiway.com/pub/mirrors/shorewall/" target="_blank">ftp://ftp.infohiiway.com/pub/shorewall</a>
(Texas, USA).</li>
<li><a target="_blank" href="ftp://germany.shorewall.net/pub/shorewall">
ftp://germany.shorewall.net/pub/shorewall</a> (Hamburg, Germany)</li>
<li>
<a target="_blank" href="ftp://shorewall.correofuego.com.ar/pub/mirrors/shorewall">ftp://shorewall.correofuego.com.ar/pub/mirrors/shorewall</a> (Martinez (Zona Norte - GBA), Argentina)</li>
<li>
<a target="_blank" href="ftp://france.shorewall.net/pub/mirrors/shorewall">ftp://france.shorewall.net/pub/mirrors/shorewall</a>
<li> <a href="ftp://ftp.infohiiway.com/pub/mirrors/shorewall/"
target="_blank">ftp://ftp.infohiiway.com/pub/shorewall</a> (Texas, USA).</li>
<li><a target="_blank"
href="ftp://germany.shorewall.net/pub/shorewall"> ftp://germany.shorewall.net/pub/shorewall</a>
(Hamburg, Germany)</li>
<li> <a target="_blank"
href="ftp://shorewall.correofuego.com.ar/pub/mirrors/shorewall">ftp://shorewall.correofuego.com.ar/pub/mirrors/shorewall</a>
(Martinez (Zona Norte - GBA), Argentina)</li>
<li> <a target="_blank"
href="ftp://france.shorewall.net/pub/mirrors/shorewall">ftp://france.shorewall.net/pub/mirrors/shorewall</a>
(Paris, France)</li>
</ul>
<p align="left"><font size="2">Last Updated 8/26/2002 - <a href="support.htm">Tom
Eastep</a></font></p>
<p align="left"><font face="Trebuchet MS"><a href="copyright.htm">
<font size="2">Copyright</font> © <font size="2">2001, 2002 Thomas M. Eastep.</font></a></font></p>
<p align="left"><font size="2">Last Updated 11/09/2002 - <a
href="support.htm">Tom Eastep</a></font></p>
<p align="left"><font face="Trebuchet MS"><a href="copyright.htm"> <font
size="2">Copyright</font> © <font size="2">2001, 2002 Thomas M. Eastep.</font></a></font></p>
<br>
</body>
</html>

430
Shorewall-docs/sourceforge_index.htm Normal file
View File

@ -0,0 +1,430 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type"
content="text/html; charset=windows-1252">
<title>Shoreline Firewall (Shorewall) 1.3</title>
<base
target="_self">
</head>
<body>
<table border="0" cellpadding="0" cellspacing="4"
style="border-collapse: collapse;" width="100%" id="AutoNumber3"
bgcolor="#4b017c">
<tbody>
<tr>
<td
width="100%" height="90">
<h1 align="center"> <font size="4"><i> <a
href="http://www.cityofshoreline.com"> <img vspace="4" hspace="4"
alt="Shorwall Logo" height="70" width="85" align="left"
src="images/washington.jpg" border="0">
</a></i></font><font
color="#ffffff">Shorewall 1.3 - <font size="4">"<i>iptables
made easy"</i></font></font><a href="http://www.sf.net"><img
align="right" alt="SourceForge Logo"
src="http://sourceforge.net/sflogo.php?group_id=22587&amp;type=1"
width="88" height="31" hspace="4" vspace="4">
</a></h1>
<div align="center"><a
href="http://www.shorewall.net/1.2/index.htm" target="_top"><font
color="#ffffff">Shorewall 1.2 Site here</font></a></div>
</td>
</tr>
</tbody>
</table>
<div align="center">
<center>
<table border="0" cellpadding="0" cellspacing="0"
style="border-collapse: collapse;" width="100%" id="AutoNumber4">
<tbody>
<tr>
<td
width="90%">
<h2 align="left">What is it?</h2>
<p>The Shoreline Firewall, more commonly known as "Shorewall", is
a <a href="http://www.netfilter.org">Netfilter</a> (iptables) based
firewall that can be used on a dedicated firewall system, a multi-function
gateway/router/server or on a standalone GNU/Linux system.</p>
<p>This program is free software; you can redistribute it and/or modify
it under the terms of <a
href="http://www.gnu.org/licenses/gpl.html">Version 2 of the GNU
General Public License</a> as published by the Free Software Foundation.<br>
<br>
This program is
distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty
of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the GNU General Public License for more details.<br>
<br>
You should have
received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139,
USA</p>
<p><a href="copyright.htm">Copyright 2001, 2002 Thomas M. Eastep</a></p>
<p> <a href="http://leaf.sourceforge.net" target="_top"><img
border="0" src="images/leaflogo.gif" width="49" height="36">
</a>Jacques
Nilo and Eric Wolzak have a LEAF (router/firewall/gateway on
a floppy, CD or compact flash) distribution called <i>Bering</i>
that features Shorewall-1.3.9b and Kernel-2.4.18. You
can find their work at: <a
href="http://leaf.sourceforge.net/devel/jnilo"> http://leaf.sourceforge.net/devel/jnilo</a></p>
<h2>Thinking of Downloading this Site for Offline Browsing?</h2>
You may want to reconsider -- this site is <u><b>181 MB!!!</b></u>
and you will almost certainly be blacklisted before you download the
whole thing (my SDSL is only 384kbs so I'll have lots of time to catch
you). Besides, if you simply download the product and install it, you get
the essential parts of the site in a fraction of the time. And do you really
want to download:<br>
<ul>
<li>Both text and HTML versions of every post ever made
on three different mailing lists (67.5 MB)?</li>
<li>Every .rpm, .tgz and .lrp ever released for both Shorewall
(92MB)?</li>
<li>The Shorewall 1.2 site (16.2MB).<br>
</li>
</ul>
You get all that and more if you do a blind recurive copy of this
site. Happy downloading!<br>
<h2>News</h2>
<p><b>11/09/2002 - Shorewall is Back on SourceForge</b><b> </b><b><img
border="0" src="images/new10.gif" width="28" height="12" alt="(New)">
</b></p>
<p>The Shorewall 1.3 web site is now mirrored at SourceForge at <a
href="http://shorewall.sf.net" target="_top">http://shorewall.sf.net</a>.<br>
</p>
<p><b>11/09/2002 - Shorewall 1.3.10</b><b> </b><b><img border="0"
src="images/new10.gif" width="28" height="12" alt="(New)">
</b></p>
<p>In this version:</p>
<ul>
<li>You may now <a href="IPSEC.htm#Dynamic">define the contents
of a zone dynamically</a> with the <a
href="starting_and_stopping_shorewall.htm">"shorewall add" and "shorewall
delete" commands</a>. These commands are expected to be used primarily
within <a href="http://www.xs4all.nl/%7Efreeswan/">FreeS/Wan</a>
updown scripts.</li>
<li>Shorewall can now do<a href="MAC_Validation.html"> MAC
verification</a> on ethernet segments. You can specify the set of allowed
MAC addresses on the segment and you can optionally tie each MAC address
to one or more IP addresses.</li>
<li>PPTP Servers and Clients running on the firewall system
may now be defined in the<a href="PPTP.htm"> /etc/shorewall/tunnels</a>
file.</li>
<li>A new 'ipsecnat' tunnel type is supported for use when
the <a href="IPSEC.htm">remote IPSEC endpoint is behind a NAT
gateway</a>.</li>
<li>The PATH used by Shorewall may now be specified in <a
href="Documentation.htm#Conf">/etc/shorewall/shorewall.conf.</a></li>
<li>The main firewall script is now /usr/lib/shorewall/firewall.
The script in /etc/init.d/shorewall is very small and uses /sbin/shorewall
to do the real work. This change makes custom distributions such as for
Debian and for Gentoo easier to manage since it is /etc/init.d/shorewall
that tends to have distribution-dependent code.</li>
</ul>
If you have installed the 1.3.10 Beta 1 RPM and are now upgrading to
version 1.3.10, you will need to use the '--force' option:<br>
<blockquote>
<pre>rpm -Uvh --force shorewall-1.3.10-1.noarch.rpm</pre>
</blockquote>
<p><b>10/24/2002 - Shorewall is now in Gentoo Linux</b><a
href="http://www.gentoo.org"><br>
</a></p>
Alexandru Hartmann reports that his Shorewall package is now
a part of <a href="http://www.gentoo.org">the Gentoo Linux distribution</a>.
Thanks Alex!<br>
<p><b>10/23/2002 - Shorewall 1.3.10 Beta 1</b><b> </b></p>
In this version:<br>
<ul>
<li>You may now <a href="IPSEC.htm#Dynamic">define
the contents of a zone dynamically</a> with the <a
href="starting_and_stopping_shorewall.htm">"shorewall add" and "shorewall
delete" commands</a>. These commands are expected to be used primarily
within <a href="http://www.xs4all.nl/%7Efreeswan/">FreeS/Wan</a>
updown scripts.</li>
<li>Shorewall can now do<a
href="MAC_Validation.html"> MAC verification</a> on ethernet segments.
You can specify the set of allowed MAC addresses on the segment and
you can optionally tie each MAC address to one or more IP addresses.</li>
<li>PPTP Servers and Clients running on the firewall
system may now be defined in the<a href="PPTP.htm"> /etc/shorewall/tunnels</a>
file.</li>
<li>A new 'ipsecnat' tunnel type is supported for
use when the <a href="IPSEC.htm">remote IPSEC endpoint is
behind a NAT gateway</a>.</li>
<li>The PATH used by Shorewall may now be specified
in <a href="Documentation.htm#Conf">/etc/shorewall/shorewall.conf.</a></li>
<li>The main firewall script is now /usr/lib/shorewall/firewall.
The script in /etc/init.d/shorewall is very small and uses /sbin/shorewall
to do the real work. This change makes custom distributions such
as for Debian and for Gentoo easier to manage since it is /etc/init.d/shorewall
that tends to have distribution-dependent code.</li>
</ul>
You may download the Beta from:<br>
<ul>
<li><a
href="http://www.shorewall.net/pub/shorewall/Beta">http://www.shorewall.net/pub/shorewall/Beta</a></li>
<li><a
href="ftp://ftp.shorewall.net/pub/shorewall/Beta" target="_top">ftp://ftp.shorewall.net/pub/shorewall/Beta</a><br>
</li>
</ul>
<p><b>10/10/2002 - Debian 1.3.9b Packages Available </b><b>
</b><br>
</p>
<p>Apt-get sources listed at <a
href="http://security.dsi.unimi.it/%7Elorenzo/debian.html">http://security.dsi.unimi.it/~lorenzo/debian.html.</a></p>
<p><b>10/9/2002 - Shorewall 1.3.9b </b><b><img border="0"
src="images/new10.gif" width="28" height="12" alt="(New)">
</b></p>
This release rolls up fixes to the installer and to
the firewall script.<br>
<b><br>
10/6/2002 - Shorewall.net now running on RH8.0 </b><b><img
border="0" src="images/new10.gif" width="28" height="12" alt="(New)">
</b><br>
<br>
The firewall and server here at shorewall.net are
now running RedHat release 8.0.<br>
<p><b>9/30/2002 - Shorewall 1.3.9a</b><b>
</b></p>
Roles up the fix for broken tunnels.<br>
<p><b>9/30/2002 - TUNNELS Broken in 1.3.9!!!</b><b>
</b></p>
<img src="images/j0233056.gif"
alt="Brown Paper Bag" width="50" height="86" align="left">
There is an updated firewall script at <a
href="ftp://www.shorewall.net/pub/shorewall/errata/1.3.9/firewall"
target="_top">ftp://www.shorewall.net/pub/shorewall/errata/1.3.9/firewall</a>
-- copy that file to /usr/lib/shorewall/firewall.<br>
<p><b><br>
</b></p>
<p><b><br>
</b></p>
<p><b><br>
9/28/2002 - Shorewall 1.3.9 </b><b>
</b></p>
<p>In this version:<br>
</p>
<ul>
<li><a
href="configuration_file_basics.htm#dnsnames">DNS Names</a> are now
allowed in Shorewall config files (although I recommend against
using them).</li>
<li>The connection SOURCE may
now be qualified by both interface and IP address in a <a
href="Documentation.htm#Rules">Shorewall rule</a>.</li>
<li>Shorewall startup is now disabled
after initial installation until the file /etc/shorewall/startup_disabled
is removed. This avoids nasty surprises at reboot for users
who install Shorewall but don't configure it.</li>
<li>The 'functions' and 'version'
files and the 'firewall' symbolic link have been moved from
/var/lib/shorewall to /usr/lib/shorewall to appease the LFS
police at Debian.<br>
</li>
</ul>
<p><a href="News.htm">More News</a></p>
<h2><a name="Donations"></a>Donations</h2>
</td>
<td
width="88" bgcolor="#4b017c" valign="top" align="center"> <br>
</td>
</tr>
</tbody>
</table>
</center>
</div>
<table border="0" cellpadding="5" cellspacing="0"
style="border-collapse: collapse;" width="100%" id="AutoNumber2"
bgcolor="#4b017c">
<tbody>
<tr>
<td width="100%"
style="margin-top: 1px;">
<p align="center"><a href="http://www.starlight.org"> <img
border="4" src="images/newlog.gif" width="57" height="100" align="left"
hspace="10">
</a></p>
<p align="center"><font size="4" color="#ffffff">Shorewall is free
but if you try it and find it useful, please consider making a donation
to <a href="http://www.starlight.org"><font
color="#ffffff">Starlight Children's Foundation.</font></a> Thanks!</font></p>
</td>
</tr>
</tbody>
</table>
<p><font size="2">Updated 11/9/2002 - <a href="support.htm">Tom Eastep</a></font>
<br>
</p>
</body>
</html>