holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

More reinstatment of 'check'

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@479 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2003-02-28 16:00:26 +00:00
parent 4c2b1406de
commit 7e2be60d01
2 changed files with 403 additions and 398 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
Shorewall-docs/seattlefirewall_index.htm
View File

@ -108,6 +108,7 @@
<h2 align="left">What is it?</h2>
@ -121,9 +122,9 @@
<p>The Shoreline Firewall, more commonly known as "Shorewall", is a
<a href="http://www.netfilter.org">Netfilter</a> (iptables) based firewall
that can be used on a dedicated firewall system, a multi-function
<p>The Shoreline Firewall, more commonly known as "Shorewall", is
a <a href="http://www.netfilter.org">Netfilter</a> (iptables) based
firewall that can be used on a dedicated firewall system, a multi-function
gateway/router/server or on a standalone GNU/Linux system.</p>
@ -156,8 +157,8 @@ PARTICULAR PURPOSE. See the GNU General Public License
You should have received
a copy of the GNU General Public License
along with this program; if not, write to the
Free Software Foundation, Inc., 675 Mass
along with this program; if not, write to
the Free Software Foundation, Inc., 675 Mass
Ave, Cambridge, MA 02139, USA</p>
@ -195,8 +196,8 @@ Ave, Cambridge, MA 02139, USA</p>
<a href="http://leaf.sourceforge.net/devel/jnilo"> http://leaf.sourceforge.net/devel/jnilo<br>
</a></p>
<p><b>Congratulations to Jacques and Eric on the recent release of Bering
1.1!!!</b><br>
<p><b>Congratulations to Jacques and Eric on the recent release of
Bering 1.1!!!</b><br>
</p>
@ -208,8 +209,9 @@ Ave, Cambridge, MA 02139, USA</p>
<h2>This is a mirror of the main Shorewall web site at SourceForge (<a
href="http://shorewall.sf.net" target="_top">http://shorewall.sf.net</a>)</h2>
<h2>This is a mirror of the main Shorewall web site at SourceForge
(<a href="http://shorewall.sf.net" target="_top">http://shorewall.sf.net</a>)</h2>
@ -256,17 +258,15 @@ Ave, Cambridge, MA 02139, USA</p>
Shorewall 1.4 represents the next step in the evolution of Shorewall.
The main thrust of the initial release is simply to remove the cruft that
has accumulated in Shorewall over time.<br>
<b>IMPORTANT: Shorewall 1.4.0 <u>REQUIRES</u></b> <b>the iproute
package ('ip' utility).</b><br>
 <br>
<b>IMPORTANT: Shorewall 1.4.0 requires</b> <b>the iproute package
('ip' utility).</b><br>
<br>
Function from 1.3 that has been omitted from this version include:<br>
<ol>
<li>The "check" command is no longer supported.<br>
<br>
</li>
<li>The MERGE_HOSTS variable in shorewall.conf is no longer supported.
Shorewall 1.4 behavior is the same as 1.3 with MERGE_HOSTS=Yes.<br>
<li>The MERGE_HOSTS variable in shorewall.conf is
no longer supported. Shorewall 1.4 behavior is the same as 1.3 with MERGE_HOSTS=Yes.<br>
<br>
</li>
<li>Interface names of the form &lt;device&gt;:&lt;integer&gt;
@ -330,14 +330,13 @@ DESTINATION columns.<br>
in /usr/share/shorewall.<br>
<br>
</li>
<li>Late arriving DNS replies are now silently dropped in the
common chain by default.<br>
<li>Late arriving DNS replies are now silently dropped in
the common chain by default.<br>
<br>
</li>
<li>In addition to behaving like OLD_PING_HANDLING=No, Shorewall
1.4 no longer unconditionally accepts outbound ICMP packets. So if you
want to 'ping' from the firewall, you will need the appropriate rule or
policy.<br>
1.4 no longer unconditionally accepts outbound ICMP packets. So if you want
to 'ping' from the firewall, you will need the appropriate rule or policy.<br>
<br>
</li>
<li>802.11b devices with names of the form wlan<i>&lt;n&gt;</i>
@ -347,6 +346,7 @@ policy.<br>
</ol>
<ul>
@ -362,6 +362,7 @@ policy.<br>
<p><b></b><a href="News.htm">More News</a></p>
@ -421,6 +422,7 @@ policy.<br>
<p align="center"><a href="http://www.starlight.org"> <img
border="4" src="images/newlog.gif" width="57" height="100" align="left"
hspace="10">
@ -437,11 +439,12 @@ policy.<br>
<p align="center"><font size="4" color="#ffffff">Shorewall is free but
if you try it and find it useful, please consider making a donation
<p align="center"><font size="4" color="#ffffff">Shorewall is free
but if you try it and find it useful, please consider making a donation
to <a
href="http://www.starlight.org"><font color="#ffffff">Starlight Children's
Foundation.</font></a> Thanks!</font></p>
href="http://www.starlight.org"><font color="#ffffff">Starlight
Children's Foundation.</font></a> Thanks!</font></p>
</td>
@ -459,12 +462,9 @@ Foundation.</font></a> Thanks!</font></p>
<p><font size="2">Updated 2/18/2003 - <a href="support.htm">Tom Eastep</a></font>
<p><font size="2">Updated 2/28/2003 - <a href="support.htm">Tom Eastep</a></font>
<br>
</p>
<br>
<br>
<br>
</body>
</html>

59
Shorewall-docs/sourceforge_index.htm
View File

@ -7,6 +7,7 @@
<meta http-equiv="Content-Type"
content="text/html; charset=windows-1252">
<title>Shoreline Firewall (Shorewall) 1.4</title>
@ -120,8 +121,9 @@
<p>The Shoreline Firewall, more commonly known as  "Shorewall", is
a <a href="http://www.netfilter.org">Netfilter</a> (iptables)
based firewall that can be used on a dedicated firewall system,
a multi-function gateway/router/server or on a standalone
GNU/Linux system.</p>
a multi-function gateway/router/server or on a standalone GNU/Linux
system.</p>
@ -145,8 +147,8 @@ GNU/Linux system.</p>
This program is distributed
in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied
warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License
warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the GNU General Public License
for more details.<br>
<br>
@ -154,8 +156,9 @@ A PARTICULAR PURPOSE. See the GNU General Public License
You should have received
a copy of the GNU General Public License
along with this program; if not, write to
the Free Software Foundation, Inc., 675 Mass
Ave, Cambridge, MA 02139, USA</p>
the Free Software Foundation, Inc., 675
Mass Ave, Cambridge, MA 02139, USA</p>
@ -197,8 +200,8 @@ A PARTICULAR PURPOSE. See the GNU General Public License
<b>Congratulations to Jacques and Eric
on the recent release of Bering 1.1!!!</b><br>
<b>Congratulations to Jacques and
Eric on the recent release of Bering 1.1!!!</b><br>
<h2>News</h2>
@ -221,19 +224,17 @@ A PARTICULAR PURPOSE. See the GNU General Public License
</b></p>
Shorewall 1.4 represents the
next step in the evolution of Shorewall. The main thrust of the initial
release is simply to remove the cruft that has accumulated in Shorewall
over time. <br>
<b>IMPORTANT: Shorewall 1.4.0 <u>REQUIRES</u></b> <b>the iproute package
release is simply to remove the cruft that has accumulated in Shorewall over
time. <br>
<br>
<b>IMPORTANT: Shorewall 1.4.0 requires</b> <b>the iproute package
('ip' utility).</b><br>
<br>
Function from 1.3 that has been omitted from this version include:<br>
<ol>
<li>The "check" command is no longer supported.<br>
<br>
</li>
<li>The MERGE_HOSTS variable in shorewall.conf is no longer supported.
Shorewall 1.4 behavior is the same as 1.3 with MERGE_HOSTS=Yes.<br>
<li>The MERGE_HOSTS variable in shorewall.conf is
no longer supported. Shorewall 1.4 behavior is the same as 1.3 with MERGE_HOSTS=Yes.<br>
<br>
</li>
<li>Interface names of the form &lt;device&gt;:&lt;integer&gt;
@ -268,8 +269,8 @@ supported. Shorewall 1.4 behavior is the same as 1.3 with ALLOWRELATED=Yes.<br
</ol>
<ul>
<li>There is an <u>explicit</u> policy for the source zone to or
from the destination zone. An explicit policy names both zones and does
<li>There is an <u>explicit</u> policy for the source zone to
or from the destination zone. An explicit policy names both zones and does
not use the 'all' reserved word.</li>
<li>There are one or more rules for traffic for the source zone
to or from the destination zone including rules that use the 'all' reserved
@ -292,8 +293,8 @@ DESTINATION columns.</li>
<li>LOG and CONTINUE are now a valid actions for a rule (/etc/shorewall/rules).<br>
<br>
</li>
<li>The firewall script and version file are now installed in
/usr/share/shorewall.<br>
<li>The firewall script and version file are now installed
in /usr/share/shorewall.<br>
<br>
</li>
<li>Late arriving DNS replies are now silently dropped in the
@ -301,8 +302,9 @@ DESTINATION columns.</li>
<br>
</li>
<li>In addition to behaving like OLD_PING_HANDLING=No, Shorewall
1.4 no longer unconditionally accepts outbound ICMP packets. So if you want
to 'ping' from the firewall, you will need the appropriate rule or policy.<br>
1.4 no longer unconditionally accepts outbound ICMP packets. So if you
want to 'ping' from the firewall, you will need the appropriate rule or
policy.<br>
<br>
</li>
<li>802.11b devices with names of the form wlan<i>&lt;n&gt;</i>
@ -312,6 +314,7 @@ now support the 'maclist' option.<br>
</ol>
<p></p>
<b> </b>
@ -362,6 +365,7 @@ now support the 'maclist' option.<br>
<h1 align="center"><a href="http://www.sf.net"><img align="left"
alt="SourceForge Logo"
src="http://sourceforge.net/sflogo.php?group_id=22587&amp;type=3">
@ -372,6 +376,7 @@ now support the 'maclist' option.<br>
<h4> </h4>
@ -452,11 +457,11 @@ now support the 'maclist' option.<br>
<p align="center"><font size="4" color="#ffffff">Shorewall is free
but if you try it and find it useful, please consider making a donation
<p align="center"><font size="4" color="#ffffff">Shorewall is free but
if you try it and find it useful, please consider making a donation
to <a
href="http://www.starlight.org"><font color="#ffffff">Starlight
Children's Foundation.</font></a> Thanks!</font></p>
href="http://www.starlight.org"><font color="#ffffff">Starlight Children's
Foundation.</font></a> Thanks!</font></p>
</td>
@ -474,7 +479,7 @@ Children's Foundation.</font></a> Thanks!</font></p>
<p><font size="2">Updated 2/24/2003 - <a href="support.htm">Tom Eastep</a></font>
<p><font size="2">Updated 2/28/2003 - <a href="support.htm">Tom Eastep</a></font>
<br>
</p>