The Shorewall team is pleased to announce the release of Shorewall 4.2.6.
This release adds a number of small enhancements in addition to correcting several reported problems.
The Shorewall team is happy to announce the availability of Shorewall 4.2.5.
In addition to correcting several problems, 4.2.5 offers new options for handling multiple WAN links as well as transparent support for the xtables-addons version of ipp2p.
The Shorewall team is pleased to announce the availability of Shorewall 4.2.4. Shorewall 4.2.4 allows creation of an IPv6 firewall using the same paradigm employed when creating an IPv4 firewall.
The Shorewall developers are pleased to announce the start of the
Shorewall Logo Design Competition.
Please visit the competition page on the Shorewall wiki for all of the
(This posting corrects the version number in the subject)
With the recent release of Shorewall 4.2.0, the Shorewall team has ceased support for Shorewall 3.4.x. The downloads have been disabled, but the 3.4 branch remains available in Subversion for those who absolutely must have it.
Shorewall 4.0.11 was released on 05-19-2008.
Please see the release announcement on the mailing list: http://article.gmane.org/gmane.comp.security.shorewall.devel/893
Please see the release announcement on the mailing list: http://article.gmane.org/gmane.comp.security.shorewall/19014
Please see the complete release announcement here: http://article.gmane.org/gmane.comp.security.shorewall/18786
Please see the complete release announcement here: http://article.gmane.org/gmane.comp.security.shorewall/18546
Shorewall 4.0.6 has been released. In addition to the normal releases available via www.shorewall.net and the SourceForge project page, this release marks the first which has been uploaded to Debian. The Debian packages should become available to users of Debian unstable within 24 hours. Please see the release announcement: http://article.gmane.org/gmane.comp.security.shorewall/18238
Please see the announcement made to the mailing lists:
Please see the release announcement: http://article.gmane.org/gmane.comp.security.shorewall/17936
Shorewall 3.4.7 is now available.
Problems Corrected in Shorewall 3.4.7
1) A bug prevented proper handling of PREROUTING marks when
HIGH_ROUTE_MARKS=No and the track option was specified in
2) Previously, if the following sequence of routing rules was
specified, then the first rule would always be omitted.
#SOURCE DEST PROVIDER PRIORITY
$SRC_A $DESTIP1 ISP1 1000
$SRC_A $DESTIP2 SOMEISP 1000
$SRC_A - ISP2 1000... read more
We are pleased to announce the availability of Shorewall version 4.0.4. Please see the announcement on the mailing list for details: http://article.gmane.org/gmane.comp.security.shorewall/17690
Please view our recent announcement about a new Trac project site:
We are pleased to announce the immediate availability of Shorewall 4.0.3. This release fixes numerous problems and introduces many other changes. Please review the release notes included with the distribution for a complete list of changes.
An iptables based firewall for systems running the Linux 2.4 or later kernel. Very flexible configuration allows the firewall to be used in a wide variety of firewall/gateway/router and VPN environments.
A bug that was supposedly fixed in Shorewall 3.4.4 was not fixed. Furthermore, the bug is present as far back as 3.2.6.
If HIGH_ROUTE_MARKS=No, then PREROUTING and OUTPUT marking rules are behaving as if TC_EXPERT=Yes was specified in shorewall.conf. In other words, these rules are being applied even if the connection has been marked as being associated with a particular ISP.... read more
We are pleased to announce the availability of Shorewall 3.4.6.
1) Shorewall can now be tailored to reduce its footprint on embedded
systems. As part of this change, actions are now completely
See http://www.shorewall.net/Modularization.html for details.
2) Exclusion is now possible in /etc/shorewall/hosts. This is required
for bridge/firewalls under kernel 2.6.20 and later.... read more