The Higher Education and Research forge

Home My Page Projects Code Snippets Project Openings Lsfw: a tool to list firewall rules
Summary Activity Tracker Docs News SCM Files Listes Sympa

Project Filelist for Lsfw: a tool to list firewall rules

File Release Notes and Changelog

Release Name: svn374

Release Notes
DO NOT USE THIS VERSION! Use at least svn >= rev 414

+ import groovy (http://groovy.codehaus.org/) to be able to run groovy scripts within lsfw.

Few examples of groovy scripts are provided in the /groovy directory.
This is work in progress and the binding between lsfw and groovy is
subject to change.

+ add a 'p' (PTR) format in the xref ip command. This is the same as 'h' (hostname) but much faster.

+ the '--test' option on the lsfw's command line is removed. This is
replaced by probe options on the lsfw's shell.

+ the '--verbose' option on the lsfw's command line is removed. This is
replaced by probe options on the lsfw's shell.

+ add probe option "active" which displays active rules (ie rules that allow
or deny a packet)

+ add probe option "match" which displays macthing rules. This is the default.

+ add probe option "verbose", which displays a verbose probe result.

+ add probe option "learn" which displays a short summary of the probe result.

Equipments:

Pix 
A range of ports with the first port greater than the second was always evaluated to false.

PacketFilter
Warn the user if a port range uses a first port greater than the second.
This is accepted by PF but never matches and should be an error (IMO).

No change log