Mike Lander | 13 Apr 00:31 2015

Problem with H323 Helpers

Hello to the list and Tom,
     Building a new firewall with suse13.2.

  linux-vme6:~ # shorewall version
4.6.3.4.

 Using the H323 helpers has caused me headache's in the past. Heard it was 
poorly maintained somewhere.

 I have tried what I did in the past to remove it but it comes back like a 
bad penny. That is copy the helpers file into
 /etc/shorewall which did and commented out H323.  Tried shorewall restart 
-c as well.

  
 /etc/shorewall/helpers

  #  If you need to modify this file, copy it to /etc/shorewall and modify 
the
#  copy.
#
############################################################################
###
 # Helpers
#
loadmodule ip_conntrack_amanda
loadmodule ip_conntrack_ftp
#loadmodule ip_conntrack_h323 ports=0
loadmodule ip_conntrack_irc
loadmodule ip_conntrack_netbios_ns
(Continue reading)

Tom Eastep | 11 Apr 20:39 2015
Picon

Shorewall 4.6.8.1

Shorewall 4.6.8.1 is now available for download.

Problems Corrected:

1)  Previously, when servicd was installed and there were one or more
    required interfaces, the firewall would fail to start at boot. This
    has been corrected by Tuomo Soini.

2)  Some startup logic in lib.cli has been deleted. A bug prevented the
    code from working as intended, so there is no loss of functionality
    resulting from deletion of the code.

Thank you for using Shorewall,
-Tom
--

-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
------------------------------------------------------------------------------
(Continue reading)

Vernon Fort | 10 Apr 16:37 2015

active vpn connections

I know I am missing something but I cannot find what.  I have a working Shorewall mulitisp along with a working strongswan VPN.  However, when I do issue a ‘shorewall restart’, traffic on the vpn tunnel stops.  The ipsec statusall shows the connection still active and up but no traffic passes nor do I see anything in the logs indicating that Shorewall is blocking anything.

 

Vernon

 

------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
jonetsu | 9 Apr 21:55 2015

TC: connection mark value

Hello,

  While it is possible to set the connection mark for a packet, what does the RESTORE command do in terms of
numerical value ?  Eg. it will put into the packet the connection mark, but what is the connection mark in
the first place and how can this unknown value relate to any mark defined in classes ?  I am surely missing something.

Thanks.

------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________
Shorewall-users mailing list
Shorewall-users <at> lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
Michael Johannes | 9 Apr 18:29 2015
Picon

find_loopback_interfaces: not found error

Hi Tom,

I have compiled Shorewall 4.6.7 on OpenWRT Barrier Breaker. I have it working with all the required PERL
modules and it seems to work but I'm noticing this error when I run shorewall check:

root <at> FW:/usr/share/shorewall/Shorewall# shorewall check 
/sbin/shorewall: line 281: find_loopback_interfaces: not found

Checking...

Do you happen to know why I would get this error? 

My interfaces look like this:

br-lan    Link encap:Ethernet  HWaddr 14:CC:20:2B:7F:F8 
inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0 
inet6 addr: fd17:903a:dd36::1/60 Scope:Global 
inet6 addr: fe80::16cc:20ff:fe2b:7ff8/64 Scope:Link 
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 
RX packets:1677 errors:0 dropped:0 overruns:0 frame:0 
TX packets:1116 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:0 
RX bytes:118503 (115.7 KiB)  TX bytes:214026 (209.0 KiB) 

eth0      Link encap:Ethernet  HWaddr 14:CC:20:2B:7F:F8 
inet6 addr: fe80::16cc:20ff:fe2b:7ff8/64 Scope:Link 
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 
RX packets:14869 errors:0 dropped:9 overruns:0 frame:0 
TX packets:1224 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:1000 
RX bytes:1541334 (1.4 MiB)  TX bytes:229566 (224.1 KiB) 
Interrupt:4 

eth0.1    Link encap:Ethernet  HWaddr 14:CC:20:2B:7F:F8 
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 
RX packets:1680 errors:0 dropped:0 overruns:0 frame:0 
TX packets:1105 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:0 
RX bytes:118641 (115.8 KiB)  TX bytes:212800 (207.8 KiB) 

eth0.2    Link encap:Ethernet  HWaddr 14:CC:20:2B:7F:F8 
inet addr:172.123.xxx.xxx  Bcast:172.123.xxx.xxx  Mask:255.255.255.0 
inet6 addr: fe80::16cc:20ff:fe2b:7ff8/64 Scope:Link 
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1 
RX packets:13055 errors:0 dropped:1331 overruns:0 frame:0 
TX packets:110 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:0 
RX bytes:1138599 (1.0 MiB)  TX bytes:11008 (10.7 KiB) 

gre0      Link encap:UNSPEC  HWaddr 00-00-00-00-FE-00-00-44-00-00-00-00-00-00-00-00 
NOARP  MTU:1476  Metric:1 
RX packets:0 errors:0 dropped:0 overruns:0 frame:0 
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:0 
RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B) 

gretap0   Link encap:Ethernet  HWaddr 00:00:00:00:00:00 
BROADCAST MULTICAST  MTU:1476  Metric:1 
RX packets:0 errors:0 dropped:0 overruns:0 frame:0 
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:1000 
RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B) 

ifb0      Link encap:Ethernet  HWaddr F2:E6:2F:36:0A:E1 
BROADCAST NOARP  MTU:1500  Metric:1 
RX packets:0 errors:0 dropped:0 overruns:0 frame:0 
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:32 
RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B) 

ifb1      Link encap:Ethernet  HWaddr 8A:33:6D:CE:CC:0D 
BROADCAST NOARP  MTU:1500  Metric:1 
RX packets:0 errors:0 dropped:0 overruns:0 frame:0 
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:32 
RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B) 

lo        Link encap:Local Loopback 
inet addr:127.0.0.1  Mask:255.0.0.0 
inet6 addr: ::1/128 Scope:Host 
UP LOOPBACK RUNNING  MTU:65536  Metric:1 
RX packets:2 errors:0 dropped:0 overruns:0 frame:0 
TX packets:2 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:0 
RX bytes:96 (96.0 B)  TX bytes:96 (96.0 B) 

teql0     Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 
NOARP  MTU:1500  Metric:1 
RX packets:0 errors:0 dropped:0 overruns:0 frame:0 
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:100 
RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B) 

wlan0     Link encap:Ethernet  HWaddr 14:CC:20:2B:7F:F9 
BROADCAST MULTICAST  MTU:1500  Metric:1 
RX packets:0 errors:0 dropped:0 overruns:0 frame:0 
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:1000 
RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B) 

wlan1     Link encap:Ethernet  HWaddr 14:CC:20:2B:7F:FA 
BROADCAST MULTICAST  MTU:1500  Metric:1 
RX packets:0 errors:0 dropped:0 overruns:0 frame:0 
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 
collisions:0 txqueuelen:1000 
RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B) 

 Regards,
Mike

------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
csanyipal | 9 Apr 15:59 2015
Picon

Home network with 4 interfaces

Hi,

I plan to make a home network; one can see my plan here:

https://dl.dropboxusercontent.com/u/56020882/HomeNetwork_01.png

I shall use shorewall as firewall. This should be a firewall with 4 interfaces.

My question is: should I use for wireless LAN ( wlan0) dmz zone also, as
for web server ( eth2)?

--

-- 
Regards from Pal

------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
Paul F. Versloot | 9 Apr 15:15 2015
Picon

Solved!

Alright!

My problem / issue with Shorewall and Psad is now solved :-)
After testing and testing, the main function is working...
(See Below for details :-(  )

I post this for 2 reasons:

1. For users (newbee to prof.) who have the same problem / whish to
accomplish;
2. In respect for the whole Shorewall Team, espaccially Tom Eastep, and
he knows why...

Cheers,

Paul F. Versloot
paulversloot-at-gmail-dot-com

(call / ticket closed: <case> Shorewall and Psad tuning with autoblock
IP addresses </case closed>

------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
Gerhard Wiesinger | 8 Apr 13:07 2015

Shorewall and iptraps

Hello,

Are iptraps supported or planned to support it?
See: https://github.com/ktsaou/firehol/wiki/Working-with-traps

Thank you.

Ciao,
Gerhard

------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
Paul F. Versloot | 4 Apr 19:49 2015
Picon

Shorewall and Psad tuning with autoblock IP addresses

Hello out there,

For several weeks, I've got Shorewall happily configured on my Linux
box. All the possible multicast- and broadcast addresses are logged, but
there is no annoying email-warning-alert of the local router broadcast
anymore!. (so finally the Shorewall-firewall is properly configured and
Psad for about +/-80%

My configuration is as follows:

Shorewall 4.6.4.3 in combination with Psad v2.2.1 on Ubuntu 14.04.1 LTS
(x32).

My question is:
How do I set the options to quickly autoblock ipv4-addresses with Psad,
when somebody is tracing open ports of the firewall (net zone of course)
with nMap in stealth mode (scanning all the TCP ports, with a Windows
nMap it takes about 1.5 hour).

Last week, I've got several waring emails (from Psad of course) AFTER
1.5 HOUR, with a test with nMap and the above options. (scanning option
all UDP ports, had the same result).

My goal is very simple:
If anyone is scanning a port of my firewall, or a (little) range, I
would like to autoblock the IP-address automatically and immediately.
(of course Psad must send direct an alert to the system account)
This test was last week successful, but far to slow and with to much
Psad emails.

After filtering all the Psad (false positive warnings about all the
*-casts) AND altering a few configuration parameters in the Psad config-
file, a same rescan didn't autoblock and alert at all...

With shorewall, I USE 3 levels of logging (filtered bij RSyslogd -> shorewall.log):
1. INFO
2. WARN(ing)
3. none(!)

All the logs of the Shorewall specific iptables and netfilter rules
are filtered only to the shorewall.log file, with the standard default
prefix.

The changes I've made in Psad were the following (I've lowered the original values):

	### Danger levels.  These represent the total number of
	### packets required for a scan to reach each danger level.
	### A scan may also reach a danger level if the scan trips
	### a signature or if the scanning ip is listed in
	### auto_ips so a danger level is automatically
	### assigned.
	DANGER_LEVEL1               5;    ### Number of packets.
	DANGER_LEVEL2               10;
	DANGER_LEVEL3               50;
	DANGER_LEVEL4               100;
	DANGER_LEVEL5               1000;

Does anybody know how to trigger fast (very fast) an email out of the Shorewall logfile into the Psad warning
email AND block automatically the IP?
(unblocking is easy witch Psad --flush :-)

Schould I change the Psad config file or higher the logging levels (1-7) ie. WARN(ing) -> CRIT(ical)?

I've you don't know how, thanks for reading anyway,

Greetings,

Paul F. Versloot

ps: included, psad.conf; shorewall.conf, rules, zones, policy.

Attachment (config_files.tar.gz): application/x-compressed-tar, 16 KiB
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
Tom Eastep | 3 Apr 22:42 2015
Picon

Shorewall 4.6.8

Shorewall 4.6.8 is now available for download.

Problems Corrected:

1)  This release includes defect repair from Shorewall 4.6.6.2 and
    earlier releases.

2)  Previously, when the -n option was specified and NetworkManager was
    installed on the target system, the Shorewall-init installer would
    still create
    ${DESTDIR}etc/NetworkManager/dispatcher.d/01-shorewall, regardless
    of the setting of $CONFDIR. That has been corrected such that the
    directory
    ${DESTDIR}${CONFDIR}/NetworkManager/dispatcher.d/01-shorewall is
    created instead.

3)  Previously, handling of the IPTABLES and IP6TABLES actions in the
    conntrack file was broken. nfw provided a fix on IRC.

4)  The Shorewall-core and Shorewall6 installers would previously
    report incorrectly that the product release was not installed. Matt
    Darfeuille provided fixes.

New Features:

1)  The CLI programs (shorewall, shorewall6, etc) now support 'open'
    and 'close' commands. The 'open' command temporarily opens the
    firewall for a specified type of connection; the syntax is:

    	open   [  [  ] ]

    The  and  may be any of the following:

    - a host IP address
    - a network IP address
    - a valid DNS name (usual warnings apply)
    - the word 'all', indicating that the  or  is
      not restricted

    The protocol may be specified by number or by a name. Same with
    .

    Example: Open SSH connections to 1.2.3.4 in Shorewall:

       shorewall open all 1.2.3.4 tcp ssh

    The 'close' command reverses the effect of an earlier 'open'
    command and has two forms:

        close
	close   [  is the number displayed in the
    'num' column of the 'shorewall list opens' command (see below).

    In the second form, the parameters must match those of the earlier
    'open' command to be reversed. All temporary connections opens may
    be deleted by simply restarting the firewall.

    Both commands require that the firewall be in the started state and
    that DYNAMIC_BLACKLIST=Yes in the active configuration.

    The iptables rules created via 'open' commands can be displayed
    using the 'show opens' command.

    Example (after the above open command was executed):

    Shorewall 4.6.8 Temporarily opened connections at gateway - Fri Mar
 6 09:47:06 PST 2015
    Chain dynamic (14 references)
     num pkts bytes target     prot opt in     out     source
    destination
       1    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0
    1.2.3.4              multiport dports 22
    root <at> gateway:~#

2)  A 'safesets' command is now available to proactively save changes
    to ipset contents. Using this command can guard against accidental
    loss of ipset changes in the event of a system failure before a
    'stop' command has been completed. The exact action taken by the
    command depends on the setting of SAVE_IPSETS in shorewall[6].conf.

3)  The SOURCE and DEST columns in the rtrules file may now contains
    comma-separated lists of addresses.

Thank you for using Shorewall,
-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/
matt darfeuille | 2 Apr 15:24 2015
Picon

uninstall script

Hi,

While uninstalling shorewall6-4.6.7 and shorewall-core-4.6.7 I get 
the following warning respectively:

WARNING: Shorewall6 Version 4.6.7 is not installed
Uninstalling shorewall6
Shorewall6 Uninstalled
Uninstalling shorewall 4.6.7
Shorewall Uninstalled
WARNING: Shorewall Core Version 4.6.7 is not installed
Uninstalling Shorewall Core
Shorewall Core Uninstalled

The warning for shorewall6-4.6.7 is triggerd by the line 139 due to 
the missing "E" in the variable name ${SHAREDIR}.

For uninstalling shorewall* my assumption is as follows:
First uninstalling shorewall[6]-init; then shorewall[6]-lite or 
shorewall[6]-4.6.7 and then shorewall-core.

Based on that assumption, the warning triggered by shorewall-core is 
caused by shorewall-4.6.7 on line 200 which removes the directory 
$LIBEXECDIR/shorewall where it should only be "rmed" when $LIBEXECDIR 
has not the same path as $SHAREDIR.
Adding at the start of  the line:
[ ${LIBEXECDIR} = ${SHAREDIR} ] || rm ... 
makes the warning disappear.

Modified scripts attached.

-Matt

-------------- Enclosure number 1 ----------------
 * This message contains the file 'uninstall-scripts-4.6.7.tar.bz2', which has been
 * uuencoded. If you are using Pegasus Mail, then you can use
 * the browser's eXtract function to lift the original contents
 * out to a file, otherwise you will have to extract the message
 * and uudecode it manually.

begin 660 uninstall-scripts-4.6.7.tar.bz2
M0EIH.3%!62936<$%3(T`$I9_AOKP`$!]?__??^??ZO_O_^\`$(`0``A <at> #9\`
M`````````````````X&C1B#1IDP <at> Q`8C$T:-& <at> #330```# <at> :-&(-&F3"#$!B
M,31HT:`---````.!HT8 <at> T:9,(,0&(Q-&C1H`TTT````X&C1B#1IDP <at> Q`8C$T
M:-& <at> #330```# <at> :-&(-&F3"#$!B,31HT:`---````"I(A--`)H`C2>D,FH:&$
MT(;28A <at> T9"/4])^BC3^T?O=T[WHG^/W1PL"LY"3Q\O=G28*81KC7&4<O*GIS
MRBLY)522HI$2A%+*25*:$G4*44I%2%%(I4A0[A926+%*2BB666BBGVL3:\3P
M76/6^I1_12[L4ZF;Z-3^+%+*;5E*S2D;#4L_.UFUFQ;64FMDW-;^>UF_Y793
M^C)5F>&;C\..]JRBJ9) <at> L67QT>UK;C[S]BS!N6F+BU-C&;7);!R3G'3 <at> U*.:
MFQL66;5'UK&YB=#3XW!FIM=J6?B>U\8[.SJ=S8W^IIL*4G2WK3WF3OJ;/!W%
MSN;U-CN6ZW>\R^+#5&ZI#PPW/5_6SKR=')?)6%ZJDX-;6VK-[WE/3'I)`ZXI
M$)K>E2I%$Y*D6*2%%*4%*4I2BE2BE%DG2N\26G\E/*2[FP76'Y5.+8PD<C(Y
MLF#)F_(]"S<=[8R,WH:FI= <at> IV;-J>UDR>2F"G2P7IF\+8O-8YX6:E5)3;7!]
MBS"IK?4GV/P,WUNQP>AP=CD4I]A,5*5'Y:JRRDX?8L3L[</)D_\42^3N=2E-
MSEZ5-[K=A9=2PN>AP92NIF[7!K;JIZN1Y/I?4Z7I?$WM'-2?T2[[Z?[M%TQ\
M^Y]MG>Q8O6\%,%WP,?&JJN+ZW%^IHC-4A2G\>^NPXG[;=UEGQL&?6F"Z^Q=Y
M*F"F2SQ,7S-13UO <at> =+1J>U\SKQR=+_QL8.Q38_.+-S>\[XFI]')=U-C4V.A=
M=M;5V;J6=[:IFYM&AF]X_L=UF+1D_S6=K:;4XM2S)J4N_,SM=Z%UR9+-SS^'
M <at> >#NT:SO??^6J[.;<<FBR:VMP-7`LYNYWR0Q=S)K;"E'Q.AWLFYD;#6S<FPL
M_$>[WJXO??$^!3 <at> NV%E,?Q<<W/%DIL>32,'T/L?2^]K8K+OA\6+UFM\BBRI)
M/\B)1_`M/_F1 <at> 8J;UEA12+*?I66*4NLLHHI%(I1+J2ZERBRZR+5/GJ$O1<]X
M6'PO,]P[5FX_X4F3YW <at> R62=#Y&9]">2CH?V;'+?Y8U[/PW=S!BZSYE-6K-6J
M[-\"F]A\S6ZFBCDTT^&+6P3)4$O=5I!:/UVGL;6#4[VUL/2^Y9Q?A^'XWD;S
M]4CE(^YYSN;7(^1NMJ5,'>G^\OTLGF?-,.:[_T_0:F+*O]E.Y3<4ZV*U'?;U
MOD6NWR7Q/X?UY+OBHG6E&51EEDNRJ,NAHI1B[Y+-]5U%VD>ZBQYE**/4N)^A
M_7]''[V[WY)[(S1>*1FOA92\4J+?QW1;AA&YO;UE+*+*?$H644FC&/YTJMD5
M+U)ZL4_`Y,&.]48MV[!C%3&[-C55=N:X7X:ICKG"/!C&N*CJ8U(=<BAMSUUN
M_A>V>J1QNF46C'8MP=I]9H?ID/#YWSOR+/V.:RE2*4A3]C1]\;I&"?`J/G3Y
M'YG0S? <at> ?N8,<3$>PIJ9/WL<%>+V-CWW8LU/M)0UO[SV/ULG%]K"2,T^T]I_)
MI'Q-.J4N_J5/I34WIUO;].OH7]M+XEMF5\`J]\+L(^U*&9SFU9;^4UR18;! <at> 
MY=(FC(FZ=3.80W:U4KL'H,CDE#[&HL>2DS9<W*2+MA31B;)-LFAU,5*3%F)U
MZB42,D[5VC:H^5*':Y%A4K;+.XCGJ3"=HX.#F[A,XUQS7A8T*28'WDI]#VQB
MF(G9#H=[SNYT.+HUOI6,&"DX-[;J8<V$) <at> 2UC8G4LN)3&8DC<[U&C9'KC:M)
M&T31WC$98UI:R4\KCIIYU+KV3 <at> Z6MO'!0HXJ;U&#M-C6S,$\Z6<W0Q;G>XON
M=`HI=9M=;4G43,L:UYN>!SB<6MJ&Q2:4%*M9:$G$?,]1C&#X&#Z%A^Y\/AG,
M"?J9/U)^XL_:%*2E)44*41*)2'! <at> /PG1DV1O>U3)3:TC1],E'XF+6.)VLUV#
M4I_9K<WQFU=9OBS)J7?2N^HHZWUI_,=;(Q8&Q*+I8FI1]1B[TU,61R4A <at> Q7$
MS6?KV?65=[Z:+/0IEX/&&OBKDXN>K>\ZRR=:EM6"XI2EUCP+OE4W.318Y*:E
M-:D<SD93.-KT.2\>"I8[E,;*8.Z8.;!3%=+L$_DF];-3*-;!D=+-9DLR+L%F
MK!J:F3%S78L'BQ:+S6:27*72DIK/P778K.YRE'(JU4FYHUO!9FLUI <at> P-;<H[
MUG2YO.WMQ3>9N33%B;V(XL9(;FT^5-J.IF=Y.3 <at> UL%YUI8O3V.K;/RI0W#,I
MS="<FQ <at> IM7*=*R(F+)<\'>XI&444552E%G;)) <at> Q61=,%9.O-1+%ABTD,V=.*
MEBS$R7=V+-B4P3,:SO630OM>!,/.P19)Q.TZU.5-S"3!M5$6'GM"/=A=19ZT
MI-2)D]#(5%4I*4E*22I40P4^Y <at> ]Z1.Z<BD[S\J6/$8K.#L6662E*62T[UBFM
M <at> WK.Y=F\S7(=JI+E!XUTL&;FI)Z6XR3KBS[F+S2*4I1UQ.Q)2HI0OUI51P3\
MB7'%442EVIK46*]JZBS!9U+,&"CD]"E+NMK,9.FF*H=*4*;UEE'J5)!9XMC!
M:3J44H6H:,D6P5KPZ6":EF#1)J<63`\39(V*1L42)VFBS2:(8K)FX.E(T43T
M,QK32-[6P-J[&F",L=AFQ3P7924I*5)2I#*:$NLE+,BYS4F;%DT:L9&Q299*
M+#(L9*47B8*P3W"TA=3"1^12EXEVU,D7B/E469O=<%G_3J':D<':_&I.?89/
M <at> 75PD>3T,(9/4\_02-D:#7A(9+-SW4^0^)X'D^!K;VMZCL4LPZ72W)">+R36
M_N_,8M'K8+LT<UGB[-I9O>D\G <at> SU\:ERG1J&DFHBHLL\[0EWO,7N-JHU-2FI
M1BHLE*EFDED\ATLV]#`U2Z6UKJA=/QMIS=+)<[W!98WL"J*I2D2.!*<SMD:I
M&KO9EU7LJH;VXR^9ZX=#FZ&HBFM8<6.M9=Q)UJD:E)PCI8F3!8:AZE-#G&I/
M,T%)BQ4N=AW&+I6=T-HNM/^*:W9:/KU/[KB95&2JIE4JABH4]Q99 <at> \G7!8\7
MF<I.$B5&#G[CF=;F8NV.U?!1C95CSM:Q3Q8*>U9P8O%*+L%F:F3'^>#)X$F+
MBM-313%T+L$NG!BI))2A2S12ANI90LP&+ <at> 481C'I-I9Q-K<E/)-3U,6*V+:Z
M&!N3_[VO\5X,'E2LGOI.:> <at> P>9\[49R?XCXVBC>>C6['8R*4=ZEVC2E%,S!\
M9BB)P,6[W!P;6"9LS0W-!VNQM=SB];H4VGG>P<4N?#"3V'\9<VN#)'XWZ)_H
6M4D_32151;4= <at> C_\7<D4X4)#!!4R-+H4
`
end

------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the 
conversation now. http://goparallel.sourceforge.net/

Gmane