[Firewall] Firewall version 2.0.1a-stable available for download

Simón simon at simonbcn.net
Wed Mar 7 09:45:18 CET 2012


Hi,
     Thanks for the new version.
     The man page speaks about documentation in 
"/usr/share/doc/arno-iptables-firewall" folder but this folder doesn't 
exist.

El 07/03/12 07:32, Arno van Amersfoort escribió:
> Hi all,
>
> A new stable release of my firewall which mainly brings some small 
> tweaks & improvements.
>
> You can grab it from:
> http://rocky.eld.leidenuniv.nl/arno-iptables-firewall/arno-iptables-firewall_2.0.1a.tar.gz 
>
>
> CHANGELOG:
>
> Version 2.0.1a (March 7, 2012)
> ----------------------------------------
> * Misc. tweaks for arno-fwfilter (thanks Mark van Dijk)
> * Use ls instead of [ -n (find) ] as it's much faster (thanks Lonnie)
> * As with previous versions, when LAN_INET_OPEN_xxx and 
> LAN_INET_HOST_OPEN_xxx are NOT defined the default LAN->INET policy is 
> ACCEPT. Changed is when *any* of these variables are defined the 
> default LAN->INET policy is DROP for all ports and protocols, not just 
> TCP/UDP/IP as before.
> * As with previous versions, when DMZ_INET_OPEN_xxx and 
> DMZ_INET_HOST_OPEN_xxx are NOT defined the default DMZ->INET policy is 
> ACCEPT. Changed is when *any* of these variables are defined the 
> default DMZ->INET policy is DROP for all ports and protocols, not just 
> TCP/UDP/IP as before.
> * Tweak the handling of some of the sysctl kernel settings. This now 
> also allows disabling setting/resetting some settings (like forwarding)
> * Default UDP connection timeout to 60 seconds
> + Added support for new LOCAL_CONFIG_DIR variable, defaults to 
> "/etc/arno-iptables-firewall/conf.d" (Debian bug #658458)
> ! Set default policy to DROP if either LAN_INET_HOST_OPEN_xxx or 
> DMZ_INET_HOST_OPEN_xxx are defined, to match the documentation. 
> (thanks Schilling Thomas Ing for reporting)
> * Improve documentation
>
> Njoy!
>


More information about the Firewall mailing list