[Shorewall-newbies] Bug in Shorewall 1.4.7 and 1.4.8

Tom Eastep teastep at shorewall.net
Tue Dec 16 08:57:57 PST 2003


"Dark Ryder" has reported a bug in Shorewall 1.4.7; this bug is also present 
in Shorewall 1.4.8.

The effect of the bug is that in DNAT rules that specify SNAT, the SNAT 
address can be effectively ignored in some cases.

I have created corrected versions of the 'firewall' script for both 1.4.7 
(based on 1.4.7c) and 1.4.8; these corrections may be downloaded from the 
Errata page (http://www.shorewall.net/errata.htm).

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net




More information about the Shorewall-newbies mailing list