[Kget] reluctance
Joseph
fnbp at dkn.com.au
Mon May 28 12:33:40 CEST 2007
Improvements and bug fixes in the GUI The user can search for objects using regular expressions matching their names or attributes. Both prolog and epilog are expected to be shell scripts and are added to the generated shell script that activates firewall. See Release Notes for the list of bug fixes and improvements. For iptables this action is translated into user-defined chain.
Added support for dynamic interface addresses in ipfilter.
This is not final implementation yet but it is already does what I indended.
For PF this action is translated into an anchor with the name the same as the name of the branch defined by the administrator. Compilers for iptables, ipfw, ipf and PIX generate bunch of rules matching each address read from the file.
The name of the chain is the name of the branch choosen by administrator. Importer can properly interpret both formats.
See Release Notes for complete list of bugs fixed in this release. Summary page shown in the end reflects this as failed install. This seems to be a decent workaround. It is now possible to generate rules to mark packets in the OUTPUT chain of the mangle table. Code has been fixed in many places where text strings were not properly marked for localization.
It also comes with bugfixes and updated localization.
This feature helps to work around errors in the policy that block access to the firewall from the management workstation. Checking "Test mode" checkbox in the installer options dialog should enable widgets that configure automatic reboot timeout.
I plan on making release some time next week. Object tree is not synchronized with firewall policy view.
GUI crash in a situation when one of the resource files was missing has been fixed, code compiles and works on Solaris and few minor bugs have been fixed in the compiler for iptables.
See Release Notes for the complete list. One of the most important improvements in the web site is that it now has a "Search" function.
The new web site is designed around a Firewall Builder "cookbook", a dynamic collection of the tips and tricks, examples of the network configurations and firewall policies that support them. Improvements in "Find" function: administrator can now drag an object into a well in the find dialog panel to make it search for this particular object.
Code has been fixed in many places where text strings were not properly marked for localization. Just type few words in the input field and click the button, it will scan all the documents, comments and postings and show everything related to your query.
This is useful when there are many firewalls in the tree that need to be compiled and installed in one go.
The GUI got confused when user enter full path to the policy file in the "Output file name" input field in the "Compiler" tab of firewall object dialog.
Safety Net Install works around this problem and maintains communication through the tunnel at all times. Improvements and changes in the GUI The GUI works much faster with very large object trees.
The name of the chain is the name of the branch choosen by administrator.
This helps avoid double warning when a library is deleted.
Interfaces without "ip address" in the configuration are marked as "unnumbered" in the firewall builder object tree. This operation also helps identify changes made to objects in two copies of the same data file.
This allows fwbedit to quickly create objects and still ensure their IDs are unique fwbedit Fwbedit can now create objects and repair broken object database.
The object can be configured to read the file at compile time or at run time.
Doing this only if original rule did not have negation and we do not add any virtual addresses for NAT. We still have quite a bit of work to do though, particularly localization has only began.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.kde.org/pipermail/kget/attachments/20070528/9170429e/attachment.html
More information about the Kget
mailing list