A new version of the Generic IP Firewall Chains code is on my page
at http://www.adelaide.net.au/~rustcorp. Most important feature of this
version (nominally 1.0.1) is that it fixes (I hope) the corruption of reading
and zeroing large firewall chains, a problem that plagues the ipfw code.
In other news:
o You can now specify RETURN as a rule target, which causes the packet
to behave as if it fell off the end of the chain. V. useful.
o Kernel patch now against 2.1.51.
o Arbitrary protocols within IP can be specified (ie. not just TCP, UDP
and ICMP).
o Tighter TOS checking in ipchains to stop you creating bogus TOS fields
(Thanks Rob).
o Couple of user-space bug fixes I found while hacking ipchains.
o Features a WHOLE HOUR of testing. Extending the test suite is on my
ToDo list (hey, it already takes > 8 hours on my '386).
Enjoy,
Paul.
-- .sig lost in the mail.