Main Menu

Search Announcements

File Releases
Mailing Lists
Git Repository


rcf 5.2.1s1 released

  • Posted by: mhnoyes on 2002-01-09 14:00+0000
  • Updated by: mhnoyes on 2002-01-09 14:00+0000

The changes in this release are as follows: A makefile has been added. Several modules and functions were added, updated, or fixed. Development has moved to a CVS server.


Dougal Holmes provided several updates, including: contributing 260-spop3-servers, 220-winvnc-servers, 620-arcserve-hosts, and netstorm (online game) modules, fixed a typo in 530-snmp-clients, fixed cluster handling in 030-pptp-clients and 030-pptp-servers, patched to allow private IPs on DMZ interfaces, added missing rules to allow traffic from public interfaces to the DMZ, added the - --refresh-interfaces command line option, and fixed the jump rule problem which prevented private IPs from connecting to public interface IPs.

The rcf distribution was restructured to allow installations to be done from CVS code checkout. The file has been removed and replaced by 'make' commands. Refer to the INSTALL file for new installation procedure. Developers should read the USAGE section of the Makefile for additional 'make' options.

Most modules moved into the ./etc/firewall/modules/common directory. Removed the (now empty) contrib module directories. Added CVS headers to all functions, etc. Renamed the Interface_In_Type function to Match_Interface. Fixed the 090-PRIVATE-NETWORKS and 095-DMZ-NETWORKS modules to pass the correct parameters (in the right order) to the Match_Interface function. Renamed the and private_networks_*.sh functions to make them compatible with MacOS 9.X. Added the 570-rsync-clients and 570-rsync-servers modules for Vladimir Smelhaus. Renamed the modules imap2->imap, simap->imaps, and spop3->pop3s. Renamed all accept---ports options to ports---clients. This meant removing the *-ports modules, adding a ports action to the service module, and modifying the module accordingly. Renamed the startup script links from S11firewall to S12firewall. Renamed the accept--tcp-hostports options to accept--tcp-rhostlports. Added the mark--tcp-rhostlports option to mark incoming packets. Added server, client and port forwarding modules to support Apple Filing Protocol, used with services such as Apple's idisk and Apple file sharing. Fixed cluster operation on a number of modules. Added 125-http-requests module to drop (silently) probes from CodeRed and other similar worms to a range of IP addresses. Allowed 950-icmp-servers to send ICMP controls from virtual interfaces (required for some applications such as sendmail). Moved 050-ipsecvpn-hosts to the common directory to allow use on MZ clusters for internal ipsec clients. Added online-games modules to private interfaces, and added modules for MSN Gaming Zone and Starsiege Tribes. Updated FAQ with new configuration questions, fail-over configuration with multiple external interfaces, restarting of only one interface question and added new questions on development and CVS usage. Also updated all broken external links in the FAQ and updated all references to the obsoleted contrib directory. Fixed a typo in the VPN section of the FAQ, and replaced the 030-pptpvpn modules with the newer 030-pptp ones. Added support for building a Debian package for RCF by typing make deb. Updated RealPlayer module. Updated IANA reserved networks list. Added a function to transparently move the modules in use in the now obsoleted contrib directory to the common directory. Fixed detection of ipsec interfaces when setting rp_filter. Added support for the #i# noipsec module configuration option. Added new modules 390-jabber- clients (thanks to William F. Guyten jr.) and 180-interbase-clients (thanks to Matthew Simpson). Fixed a bug where RCF would not create the spoof and smasq chains when the only interface present is public. Added Tribes 2 module and updated ports in Tribes module.

What's Related

Hosted on Get LEAF Linux Embedded Appliance Framework at Fast, secure and Free Open Source software downloads, and powered by phpWebSite.