[Firewall] Firewall version 2.0.1a-stable available for download

Arno van Amersfoort arnova at rocky.eld.leidenuniv.nl
Wed Mar 7 07:32:17 CET 2012


Hi all,

A new stable release of my firewall which mainly brings some small 
tweaks & improvements.

You can grab it from:
http://rocky.eld.leidenuniv.nl/arno-iptables-firewall/arno-iptables-firewall_2.0.1a.tar.gz

CHANGELOG:

Version 2.0.1a (March 7, 2012)
----------------------------------------
* Misc. tweaks for arno-fwfilter (thanks Mark van Dijk)
* Use ls instead of [ -n (find) ] as it's much faster (thanks Lonnie)
* As with previous versions, when LAN_INET_OPEN_xxx and 
LAN_INET_HOST_OPEN_xxx are NOT defined the default LAN->INET policy is 
ACCEPT. Changed is when *any* of these variables are defined the default 
LAN->INET policy is DROP for all ports and protocols, not just 
TCP/UDP/IP as before.
* As with previous versions, when DMZ_INET_OPEN_xxx and 
DMZ_INET_HOST_OPEN_xxx are NOT defined the default DMZ->INET policy is 
ACCEPT. Changed is when *any* of these variables are defined the default 
DMZ->INET policy is DROP for all ports and protocols, not just 
TCP/UDP/IP as before.
* Tweak the handling of some of the sysctl kernel settings. This now 
also allows disabling setting/resetting some settings (like forwarding)
* Default UDP connection timeout to 60 seconds
+ Added support for new LOCAL_CONFIG_DIR variable, defaults to 
"/etc/arno-iptables-firewall/conf.d" (Debian bug #658458)
! Set default policy to DROP if either LAN_INET_HOST_OPEN_xxx or 
DMZ_INET_HOST_OPEN_xxx are defined, to match the documentation. (thanks 
Schilling Thomas Ing for reporting)
* Improve documentation

Njoy!

-- 
Arno van Amersfoort
E-mail    : arnova at rocky.eld.leidenuniv.nl
Donations are welcome through Paypal!
---------------------------------------------------------------------------
Arno's (Linux IPTABLES Firewall) Homepage:
http://rocky.eld.leidenuniv.nl













































 From - Thu






More information about the Firewall mailing list