This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C276A4.D6028A40 Content-Type: text/plain; charset="iso-8859-1" I''d like to set my shorewall configuration to log ALL traffic into one log file. Is anyone able to help me set this up. Consider myself a complete newbie to this. Thanks in advance to anyone who replies. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Nigel George Webmaster CPiO Limited Telephone : +44 (0) 1675 467046 Facsimile : +44 (0) 1675 467682 E-Mail : mailto:nigel.george@cpio.co.uk <mailto:nigel.george@cpio.co.uk> Web : http://www.cpio.co.uk/ <http://www.cpio.co.uk/> The views expressed within this message are those of the sender, not those of the company unless endorsed by a Director of CPiO Limited. ------_=_NextPart_001_01C276A4.D6028A40 Content-Type: text/html; charset="iso-8859-1" <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD> <BODY> <DIV><FONT face=Arial size=2><SPAN class=455044812-18102002>I''d like to set my shorewall configuration to log ALL traffic into one log file.</SPAN></FONT></DIV> <DIV><FONT face=Arial size=2><SPAN class=455044812-18102002></SPAN></FONT> </DIV> <DIV><FONT face=Arial size=2><SPAN class=455044812-18102002>Is anyone able to help me set this up. Consider myself a complete newbie to this.</SPAN></FONT></DIV> <DIV><FONT face=Arial size=2><SPAN class=455044812-18102002></SPAN></FONT> </DIV> <DIV><FONT face=Arial size=2><SPAN class=455044812-18102002>Thanks in advance to anyone who replies.</SPAN></FONT></DIV> <DIV><FONT face=Arial size=2>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<BR>Nigel George<BR>Webmaster<BR>CPiO Limited</FONT></DIV> <DIV> </DIV> <DIV><FONT face=Arial size=2>Telephone : +44 (0) 1675 467046<BR>Facsimile : +44 (0) 1675 467682<BR>E-Mail : <A href="mailto:nigel.george@cpio.co.uk">mailto:nigel.george@cpio.co.uk</A><BR>Web : <A href="http://www.cpio.co.uk/">http://www.cpio.co.uk/</A></FONT></DIV> <DIV> </DIV> <DIV><FONT face=Arial size=2>The views expressed within this message are those of the sender, not <BR>those of the company unless endorsed by a Director of CPiO Limited.</FONT></DIV> <DIV> </DIV></BODY></HTML> ------_=_NextPart_001_01C276A4.D6028A40--
Hi all folks ! I am fighting with my bering RC3 to authorize one VoIP H.323 phoneset to work properly with the "rest of the world"... My VoIP phoneset is only in DMZ, not LOC to isolate problems and to avoid to have to track dynamic allocated ports ! I have done this in policy : loc net ACCEPT loc all ACCEPT vpn dmz ACCEPT vpn loc ACCEPT dmz net ACCEPT net dmz ACCEPT net loc DROP info all all REJECT info I have done this in rules : REJECT net fw tcp 113 ACCEPT fw net tcp 53 ACCEPT fw net udp 53 ACCEPT dmz net tcp 53 ACCEPT dmz net udp 53 DNAT net dmz:192.168.175.103 all ACCEPT loc fw tcp 22 ACCEPT loc dmz tcp 22 ...SNIP... cutting the normal rules for DNS and PING features, too long for this e-mail ! My local DMZ is 192.168.175.0/24 and my VoIP phoneset is 192.168.175.103 as DNAT target. What am I missing ? The call (from me) run well and my outside Internet called phone is ringing, but no audio signal and the link is broken after few seconds... I have checked this link before with another ADSL router with success this morning. I have only exchanged this router against my PC running Bering/Shorewall and called the same Internet VoIP phone after to have tempted to modifie the Shorewall rules and policies to have a "full access" from DMZ to Internet and so from Internet to my only one Public IP DNAT''ed to my DMZ. Any idea ? Tom, and others, please, help me ! Best Regards, Francois BERGERET, France.