Screenshot instructions:
Windows
Mac
Red Hat Linux
Ubuntu
Click URL instructions:
Right-click on ad, choose "Copy Link", then paste here →
(This may not be possible with some types of ads)
You can subscribe to this list here.
| 2002 |
Jan
(16) |
Feb
(1) |
Mar
(4) |
Apr
(13) |
May
(33) |
Jun
(34) |
Jul
(9) |
Aug
(4) |
Sep
(7) |
Oct
(14) |
Nov
(9) |
Dec
(28) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2003 |
Jan
(39) |
Feb
(11) |
Mar
(32) |
Apr
|
May
(13) |
Jun
(1) |
Jul
(24) |
Aug
(30) |
Sep
|
Oct
(19) |
Nov
(3) |
Dec
(165) |
| 2004 |
Jan
(75) |
Feb
(31) |
Mar
(24) |
Apr
(29) |
May
(16) |
Jun
(10) |
Jul
(26) |
Aug
(27) |
Sep
(22) |
Oct
(24) |
Nov
(15) |
Dec
(4) |
| 2005 |
Jan
(30) |
Feb
(4) |
Mar
(5) |
Apr
(26) |
May
(260) |
Jun
(65) |
Jul
(130) |
Aug
(70) |
Sep
(91) |
Oct
(51) |
Nov
(34) |
Dec
(17) |
| 2006 |
Jan
(42) |
Feb
(63) |
Mar
(11) |
Apr
(13) |
May
(4) |
Jun
(14) |
Jul
(8) |
Aug
(25) |
Sep
(19) |
Oct
(17) |
Nov
(32) |
Dec
(18) |
| 2007 |
Jan
(42) |
Feb
(25) |
Mar
(23) |
Apr
(32) |
May
(259) |
Jun
(125) |
Jul
(39) |
Aug
(12) |
Sep
(29) |
Oct
(111) |
Nov
(32) |
Dec
(79) |
| 2008 |
Jan
(41) |
Feb
(21) |
Mar
(45) |
Apr
(28) |
May
(13) |
Jun
(9) |
Jul
(11) |
Aug
(2) |
Sep
(3) |
Oct
(6) |
Nov
(19) |
Dec
(47) |
| 2009 |
Jan
(8) |
Feb
(20) |
Mar
(6) |
Apr
(37) |
May
(7) |
Jun
(37) |
Jul
(2) |
Aug
(13) |
Sep
|
Oct
|
Nov
|
Dec
(14) |
| 2010 |
Jan
(25) |
Feb
(10) |
Mar
(7) |
Apr
(4) |
May
(10) |
Jun
(10) |
Jul
(36) |
Aug
(40) |
Sep
(125) |
Oct
(10) |
Nov
(18) |
Dec
(74) |
| 2011 |
Jan
(43) |
Feb
(122) |
Mar
(50) |
Apr
(34) |
May
(123) |
Jun
(47) |
Jul
(126) |
Aug
(80) |
Sep
(83) |
Oct
(43) |
Nov
(33) |
Dec
(64) |
| 2012 |
Jan
(13) |
Feb
(34) |
Mar
(93) |
Apr
(51) |
May
(24) |
Jun
(23) |
Jul
(25) |
Aug
(8) |
Sep
(119) |
Oct
(22) |
Nov
(129) |
Dec
(85) |
| 2013 |
Jan
(123) |
Feb
(172) |
Mar
(127) |
Apr
(229) |
May
(145) |
Jun
(48) |
Jul
(22) |
Aug
(32) |
Sep
(55) |
Oct
(13) |
Nov
(13) |
Dec
(5) |
| 2014 |
Jan
(10) |
Feb
(15) |
Mar
(7) |
Apr
(2) |
May
(5) |
Jun
(8) |
Jul
(7) |
Aug
(20) |
Sep
(23) |
Oct
(29) |
Nov
(48) |
Dec
(14) |
| 2015 |
Jan
(22) |
Feb
(2) |
Mar
(11) |
Apr
(16) |
May
(20) |
Jun
(11) |
Jul
(10) |
Aug
(8) |
Sep
(3) |
Oct
(4) |
Nov
(23) |
Dec
(8) |
| 2016 |
Jan
(6) |
Feb
(14) |
Mar
(14) |
Apr
(43) |
May
(18) |
Jun
(14) |
Jul
(2) |
Aug
(3) |
Sep
(3) |
Oct
(51) |
Nov
(35) |
Dec
(25) |
| 2017 |
Jan
(8) |
Feb
(46) |
Mar
(26) |
Apr
(10) |
May
(5) |
Jun
(4) |
Jul
(7) |
Aug
(28) |
Sep
(13) |
Oct
(15) |
Nov
(6) |
Dec
(10) |
| 2018 |
Jan
(21) |
Feb
(5) |
Mar
(34) |
Apr
(15) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| S | M | T | W | T | F | S |
|---|---|---|---|---|---|---|
|
|
|
|
|
1
|
2
|
3
(1) |
|
4
|
5
|
6
|
7
|
8
|
9
|
10
|
|
11
|
12
|
13
|
14
|
15
(3) |
16
(4) |
17
(1) |
|
18
(2) |
19
(2) |
20
|
21
|
22
|
23
|
24
|
|
25
|
26
|
27
|
28
|
29
|
30
|
31
|
|
From: Tom Eastep <teastep@sh...> - 2008-05-19 19:06:33
|
Ryan B. Lynch wrote: > While trying to build RPMs for 4.1.8, I noticed that the 'install.sh' > script in the 'shorewall-common' package doesn't correctly handle an > installation directory prefix. Based on the diff since 4.0.10.1, and > the fact that the indentation around that section is inconsistent, it > seems like it could be a typo. > > In previous versions, the 'install -d ...' command that creates the > 'sbin' directory in the installation directory should create the parent, > as well. In version 4.1.8, the 'install -d ...' command (line 204) is > moved inside an 'if' statement, so that it doesn't run and won't create > the 'sbin' directory and its parent unless run as a non-root user. > > Is this a bug, or a feature intended to discourage building RPMs as root? > > In case my description isn't clear, I attached a patch that fixes the > issue--or at least lets me build the RPM as root. Thanks, Ryan I've applied your patch then tweaked it a bit (we need not create /sbin or the destination directory if we're installing on Cygwin). Incremental (to your) patch attached. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@... PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key |
|
From: Ryan B. Lynch <ryan.b.lynch@gm...> - 2008-05-19 18:43:01
|
While trying to build RPMs for 4.1.8, I noticed that the 'install.sh' script in the 'shorewall-common' package doesn't correctly handle an installation directory prefix. Based on the diff since 4.0.10.1, and the fact that the indentation around that section is inconsistent, it seems like it could be a typo. In previous versions, the 'install -d ...' command that creates the 'sbin' directory in the installation directory should create the parent, as well. In version 4.1.8, the 'install -d ...' command (line 204) is moved inside an 'if' statement, so that it doesn't run and won't create the 'sbin' directory and its parent unless run as a non-root user. Is this a bug, or a feature intended to discourage building RPMs as root? In case my description isn't clear, I attached a patch that fixes the issue--or at least lets me build the RPM as root. -Ryan |
|
From: Tom Eastep <teastep@sh...> - 2008-05-18 13:46:29
|
Roberto C. Sánchez wrote: > Greetings, > > There is a very old bug report [0] still floating around asking for a > configuration check before restarting on upgrade. While this may not > have been possible in the past, would it be possible now with > Shorewall-perl? Hi Roberto, This is feasible, given that Shorewall-perl does a pretty thorough job of checking the configuration (and 4.2 will do even a better job). Another idea would be to define an environmental variable that would cause the /etc/init.d/shorewall script to perform a safe-restart when asked to restart. That way, the firewall wouldn't go into the stopped state if 'restart' failed. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@... PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key |
|
From: Roberto C. Sánchez <roberto@co...> - 2008-05-18 04:57:44
|
Greetings, There is a very old bug report [0] still floating around asking for a configuration check before restarting on upgrade. While this may not have been possible in the past, would it be possible now with Shorewall-perl? Regards, -Roberto [0] http://bugs.debian.org/200573 -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com |
|
From: Tom Eastep <teastep@sh...> - 2008-05-17 14:03:50
|
Srinivasa Hebbar wrote: > Hello, > > Even when I add "optional" in interfaces file, the same error occurs > and shorewall stops. > And I have asked you to send me a copy of your /etc/shorewall directory because I cannot reproduce the problem. I can't solve your problem just by looking at your emails, no matter how many you send. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@... PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key |
|
From: Tom Eastep <teastep@sh...> - 2008-05-16 14:30:31
|
Tom Eastep wrote:
> Srinivasa Hebbar wrote:
>> interfaces
>> wan ppp1 detect tcpflags,nosmurfs,optional
>> wan ppp2 detect tcpflags,nosmurfs,optional
>> lan eth3 detect tcpflags
>>
>> providers:
>> wan1 1 0x100 main ppp1 detect optional eth3
>> wan2 2 0x200 main ppp2 detect optional eth3
>>
>> zones:
>> fw firewall
>> wan ipv4
>> lan ipv4
>>
>> Error:
>> Processing /etc/shorewall/params ...
>> Shorewall is not running
>> Starting Shorewall....
>> Initializing...
>> ERROR: Can't determine the IP address of ppp1
>> Terminated
>>
>
> Then please send a tarball of your /etc/shorewall/ directory, including
> a capabilities file -- I can't reproduce the problem here.
>
You can send the tarball to support@... if you are squeamish
about sending it to the list.
My test case has:
[teastep@... user008]$ /sbin/shorewall version -a
4.0.10
Shorewall-perl 4.0.10
[teastep@... user008]$
zones:
fw firewall
lan ipv4
...
interfaces:
lan eth0 - nosmurfs,tcpflags,dhcp,optional
lan eth5 - nosmurfs,tcpflags,dhcp,optional
...
providers:
isp1 1 1 main eth0 detect optional
isp2 2 2 main eth5 detect optional
That configuration produces this shell code:
ETH5_ADDRESS=$(find_first_interface_address_if_any eth5)
ETH0_ADDRESS=$(find_first_interface_address_if_any eth0)
The find_first_interface_address_if_any() function does not fail with
the error message that you are seeing.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@...
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
|
|
From: Tom Eastep <teastep@sh...> - 2008-05-16 05:18:44
|
Srinivasa Hebbar wrote: > Hello, > > Even when I add "optional" in interfaces file, the same error occurs > and shorewall stops. > > Interfaces: > wan ppp1 detect tcpflags,nosmurfs,optional > wan ppp2 detect tcpflags,nosmurfs,optional > lan eth3 detect tcpflags > > providers: > wan1 1 0x100 main ppp1 detect optional eth3 > wan2 2 0x200 main ppp2 detect optional eth3 > > zones: > fw firewall > wan ipv4 > lan ipv4 > > Error: > Processing /etc/shorewall/params ... > Shorewall is not running > Starting Shorewall.... > Initializing... > ERROR: Can't determine the IP address of ppp1 > Terminated > Then please send a tarball of your /etc/shorewall/ directory, including a capabilities file -- I can't reproduce the problem here. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@... PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key |
|
From: Srinivasa Hebbar <sshebbar@gm...> - 2008-05-16 03:59:39
|
Hello, Even when I add "optional" in interfaces file, the same error occurs and shorewall stops. Interfaces: wan ppp1 detect tcpflags,nosmurfs,optional wan ppp2 detect tcpflags,nosmurfs,optional lan eth3 detect tcpflags providers: wan1 1 0x100 main ppp1 detect optional eth3 wan2 2 0x200 main ppp2 detect optional eth3 zones: fw firewall wan ipv4 lan ipv4 Error: Processing /etc/shorewall/params ... Shorewall is not running Starting Shorewall.... Initializing... ERROR: Can't determine the IP address of ppp1 Terminated Thanks, Hebbar. > Tom Eastep wrote: > >> I have given ppp1 and ppp2 as optional interface in providers file as > >> below. > >> wan1 1 0x100 main ppp1 detect optional eth3 > >> wan2 2 0x200 main ppp2 detect optional eth3 > >> > >> ------- > >> Shorewall start fails as follows: > >> Starting Shorewall.... > >> Initializing... > >> ERROR: Can't determine the IP address of ppp1 > >> Terminated > > > > You also need to specify the 'optional' interface option in > > /etc/shorewall/interfaces. > > I should add that 4.2 will make this simpler -- specifying 'optional' for > an interface in /etc/shorewall/interfaces is all that is required to make > providers through that interface optional as well. > > -Tom |
|
From: Srinivasa Hebbar <hebbar@el...> - 2008-05-16 03:56:36
|
Hello, Even when I add "optional" in interfaces file, the same error occurs and shorewall stops. Interfaces: wan ppp1 detect tcpflags,nosmurfs,optional wan ppp2 detect tcpflags,nosmurfs,optional lan eth3 detect tcpflags providers: wan1 1 0x100 main ppp1 detect optional eth3 wan2 2 0x200 main ppp2 detect optional eth3 zones: fw firewall wan ipv4 lan ipv4 Error: Processing /etc/shorewall/params ... Shorewall is not running Starting Shorewall.... Initializing... ERROR: Can't determine the IP address of ppp1 Terminated Thanks, Hebbar. > Tom Eastep wrote: > >> I have given ppp1 and ppp2 as optional interface in providers file as > >> below. > >> wan1 1 0x100 main ppp1 detect optional eth3 > >> wan2 2 0x200 main ppp2 detect optional eth3 > >> > >> ------- > >> Shorewall start fails as follows: > >> Starting Shorewall.... > >> Initializing... > >> ERROR: Can't determine the IP address of ppp1 > >> Terminated > > > > You also need to specify the 'optional' interface option in > > /etc/shorewall/interfaces. > > I should add that 4.2 will make this simpler -- specifying 'optional' for > an interface in /etc/shorewall/interfaces is all that is required to make > providers through that interface optional as well. > > -Tom |
|
From: Tom Eastep <teastep@sh...> - 2008-05-15 22:37:25
|
Tom Eastep wrote: >> >> I have given ppp1 and ppp2 as optional interface in providers file as >> below. >> wan1 1 0x100 main ppp1 detect optional eth3 >> wan2 2 0x200 main ppp2 detect optional eth3 >> >> ------- >> Shorewall start fails as follows: >> Starting Shorewall.... >> Initializing... >> ERROR: Can't determine the IP address of ppp1 >> Terminated > > You also need to specify the 'optional' interface option in > /etc/shorewall/interfaces. > I should add that 4.2 will make this simpler -- specifying 'optional' for an interface in /etc/shorewall/interfaces is all that is required to make providers through that interface optional as well. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@... PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key |
|
From: Tom Eastep <teastep@sh...> - 2008-05-15 21:35:59
|
Srinivasa Hebbar wrote:
> Hello,
>
> Shorewall perl 4.0.10 stops with errors when
> the interface in providers file doesn't exist in the sytem.
> I have given "optional" keyword in the providers file.
>
> Code generated looks like below.
>
> define_firewall() {
>
> clear_routing_and_traffic_shaping
> #
> # Establish the values of shell variables used in the following function
> calls
> #
> ppp1_ADDRESS=$(find_first_interface_address ppp1)
> ppp2_ADDRESS=$(find_first_interface_address ppp2)
>
> .....
>
> The above lines are from /var/lib/shorewall/.restart
>
> I have given ppp1 and ppp2 as optional interface in providers file as below.
> wan1 1 0x100 main ppp1 detect optional eth3
> wan2 2 0x200 main ppp2 detect optional eth3
>
> -------
> Shorewall start fails as follows:
> Starting Shorewall....
> Initializing...
> ERROR: Can't determine the IP address of ppp1
> Terminated
You also need to specify the 'optional' interface option in
/etc/shorewall/interfaces.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@...
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
|
|
From: Srinivasa Hebbar <sshebbar@gm...> - 2008-05-15 19:08:59
|
Hello,
Shorewall perl 4.0.10 stops with errors when
the interface in providers file doesn't exist in the sytem.
I have given "optional" keyword in the providers file.
Code generated looks like below.
define_firewall() {
clear_routing_and_traffic_shaping
#
# Establish the values of shell variables used in the following function
calls
#
ppp1_ADDRESS=$(find_first_interface_address ppp1)
ppp2_ADDRESS=$(find_first_interface_address ppp2)
.....
The above lines are from /var/lib/shorewall/.restart
I have given ppp1 and ppp2 as optional interface in providers file as below.
wan1 1 0x100 main ppp1 detect optional eth3
wan2 2 0x200 main ppp2 detect optional eth3
-------
Shorewall start fails as follows:
Starting Shorewall....
Initializing...
ERROR: Can't determine the IP address of ppp1
Terminated
Thanks,
Hebbar
|
|
From: Tom Eastep <teastep@sh...> - 2008-05-03 19:37:53
|
Available for download at http://www.shorewall.net/pub/shorewall/development/4.1/shorewall-4.1.8/ Problems Corrected in Shorewall 4.1.8 1) Changes to your configuration made by NULL_ROUTE_RFC1918=Yes are now reversed during 'shorewall stop' and 'shoreawll restart'. 2) The init script on Debian now reads and utilizes the value of the OPTIONS variable from /etc/default/shorewall[-lite]. Previously, the value of that variable was not passed to the shorewall[-lite] command. 3) With both Shorewall and Shorewall Lite, the 'start' and 'restart' commands now support a '-p' option. This option causes the Netfilter connection tracking table to be flushed (purged) as part of the operation. The 'conntrack' utility must be installed to use this option. Other Changes in Shoreall 4.1.8. 1) When using Shorewall-perl, the CEIL and RATE columns must now contain arithmetic expressions consisting of: a) Numeric digits (Hex numbers not allowed). b) Parentheses. c) The arithmetic operators +-* and /. d) The word 'full'. 2) The installers (install.sh) now auto-detect a Cygwin environment and install under the current user's ID if OWNER and GROUP are not given. 3) The 'start' and 'restart' commands now support a '-p' (purge) option which cause all entries to be removed from the Netfilter conntrack table. In order to use this option, the 'conntrack' utility must be installed on your system. Although it is generally not installed by default, Most distributions have this utility in their repositories. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@... PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key |