SuSEfirewall2 v1.2 update information
Hi folks, I updated v1.2 to fix some things: v1.2 01.07.01 GAMMA * Fixed 5 small bugs in logging functions (which resulted in "unknown option --syn" messages in special occasions) * Added the new option FW_IGNORE_FW_BROADCAST in addition to FW_ALLOW_FW_BROADCAST if broadcasts should not be allowed but ignored to prevent the annoying log entries v1.1 23.06.01 GAMMA * Fixed a small bug in FW_TRUSTED_NETS * People with german/french etc. language sets for root could not run this script because the output of ifconfig etc. is different. I hope I could fix this. * Fixed the backup function of /etc/ip-up in INSTALL * Added a mss iptables rule which seems to be needed for adsl * Support for weird lsof binaries :-) * Fixed some minor things in ip-up take especially note of the language fix. people who change their language for root to something else then english will break several scripts in the long run ... SuSEfirewall 1 + 2 does a language reset for itself now, but most other tools dont. this will bite you, bet on it. also a fix for ADSL users is in. As usual: if anyone encounters bugs (not misconfigurations on your side!) please contact me directly. Also: seccheck 2.0 is out. update is recommended for everyone Greets, Marc -- E@mail: marc@suse.de Function: Security Research and Advisory PGP: "lynx -source http://www.suse.de/~marc/marc.pgp | pgp -fka" Key fingerprint = B5 07 B6 4E 9C EF 27 EE 16 D9 70 D4 87 B5 63 6C Private: http://www.suse.de/~marc SuSE: http://www.suse.de/security
On Son, 01 Jul 2001, Marc Heuse wrote:
I updated v1.2 to fix some things:
Hi Marc! Thanks a lot for the work you put into SuSEfirewall2. I have one question concerning SuSEfirewall(2): Is it possible to adapt it without major rewriting to a bridging firewall? I know there are some objections against bridging firewalls at all, but due to our situation here at the university we have to use a bridge. At the moment we are working with 2.2.19 with bridge/ipchains patches and our own set of rules. But we want to take advantage of the more exhaustive knowledge of you security gurus and use the firewall scripts, either with 2.2.X or 2.4.X. Best wishes Norbert -- ciao norb +-------------------------------------------------------------------+ | Norbert Preining http://www.logic.at/people/preining | | University of Technology Vienna, Austria preining@logic.at | | DSA: 0x09C5B094 (RSA: 0xCF1FA165) mail subject: get [DSA|RSA]-key | +-------------------------------------------------------------------+
participants (2)
-
marc@suse.de
-
Norbert Preining