![[LWN Logo]](/images/lwn.banner.gif)
Date: Tue, 25 Jan 2000 10:10:16 +0100 (MET)
From: Lenz Grimmer <grimmer@suse.de>
To: SuSE Linux Mailing List <suse-linux-e@suse.com>
Subject: [SLE] [Security - intern] new SuSEfirewall version (beta) (fwd)
Hi,
JFYI!
Bye,
LenZ
--
------------------------------------------------------------------
Lenz Grimmer SuSE GmbH
mailto:grimmer@suse.de Schanzaeckerstr. 10
http://www.suse.de/~grimmer 90443 Nuernberg, Germany
---------- Forwarded message ----------
Date: Mon, 24 Jan 2000 20:15:32 +0100 (MET)
From: Marc Heuse <marc@suse.de>
Reply-To: security@suse.de
To: suse-security@suse.com, security@suse.de
Cc: security@suse.de
Subject: [Security - intern] new SuSEfirewall version (beta)
Hi folks!
Much much work have been put into the new version of SuSEfirewall-1.9.
This will be (hopefully) the last beta before the official v2.0 rpm update.
So please, everyone who has got time and pleasure, check this beast out.
You'll have to re-edit the rc.firewall, because variable names were changed.
You can find it at http://www.suse.de/~marc (might take some hours until
it's available on the webserver)
Local SuSE guys can find the package at ~marc/public/SuSEfirewall-1.9.tar.gz
What has changed? Many things:
CHANGES
v1.9 24.01.00 (beta version)
* If an error occurs, firewall rules will be reset now! (plus msg print)
* Added support for a DMZ in rc.firewall (FW_DEV_DMZ, FW_ALLOW_PING_DMZ)
* Restructured rc.firewall and renamed some variables !!!
* Moved code from "firewall" to "SuSEfirewall close"
* Cleaned up the "firewall" init.d script
* Removed empty lines in the error output
* Now aliased interfaces should be supported ("eth0:1"). Please test.
* Plugged a hole where FW_LOCALNETS could access any port on the
firewall from the internal network even if they should not.
* New file: EXAMPLES - shows example setup and configurations!
* New file: HOLES - these "vulnerabilities" exist when using this tool
* New executable: openports - checks which ports are accessible,
provided by Andi Kleen <ak@suse.de> - thanks!
* New option "SuSEfirewall -h" which shows commandline options
* New option "SuSEfirewall check" which runs openports queries.
* Now first rc.config will be loaded, then rc.firewall, to prevent
problems for people who have the old "firewall.rpm" installed.
* Karl <ke@suse.de> did a spell check on the german and english
textfile. Big, big thanks!
Greets,
Marc
--
Marc Heuse, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: marc@suse.de Function: Security Support & Auditing
"lynx -source http://www.suse.de/~marc/marc.pgp | pgp -fka"
Key fingerprint = B5 07 B6 4E 9C EF 27 EE 16 D9 70 D4 87 B5 63 6C
--
To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/