[611] in linux-security and linux-alert archive
[linux-security] Re: Kernels 1.3.6[12] break IP firewalling
daemon@ATHENA.MIT.EDU (owner-linux-security@tarsier.cv.nr)
Mon Feb 12 07:39:12 1996
From: owner-linux-security@tarsier.cv.nrao.edu
To: linux-security@tarsier.cv.nrao.edu
Date: Mon, 12 Feb 1996 09:36:30 +0000 (GMT)
Cc: linux-announce@vger.rutgers.edu
In-Reply-To: <199602120624.IAA10365@myntti.helsinki.fi> from "Lars Wirzenius" at Feb 12, 96 08:24:52 am
> The 1.3.61 and 1.3.62 kernels break IP firewalling due to new
> setsockopt() arguments.
>
> There is currently no publically available set of utilities to
> make firewalling work under these kernels.
>
> If you depend on firewalling, STAY AWAY FROM THESE KERNELS.
Fortunately the provided information is incorrect. You can get the
new ipfwadm from ftp.xos.nl. The new firewalling provides the ability for
the user to order firewall rules by hand, which has been requested by many
people and is a definite security advantage.
Old tools _will_ break on this release. Thats a deliberate policy decision
to improve facilities and security available before 1.4.0/2.0.0
Alan
