3 days without a post on this list is a record. Just checking... -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> -----Original Message----- > From: shorewall-users-bounces@lists.sourceforge.net [mailto:shorewall- > users-bounces@lists.sourceforge.net] On Behalf Of Tom Eastep > Sent: Thursday, July 19, 2007 10:46 AM > To: Shorewall Users > Subject: [Shorewall-users] Ping > > 3 days without a post on this list is a record. > > Just checking... > > -Tom > -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > PGP Public Key \ https://lists.shorewall.net/teastep.pgp.keyThat means Shorewall has achieved Nirvana... :^) ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
List Receiver wrote:>> -----Original Message----- >> From: shorewall-users-bounces@lists.sourceforge.net [mailto:shorewall- >> users-bounces@lists.sourceforge.net] On Behalf Of Tom Eastep >> Sent: Thursday, July 19, 2007 10:46 AM >> To: Shorewall Users >> Subject: [Shorewall-users] Ping >> >> 3 days without a post on this list is a record. >> >> Just checking... >> >> -Tom >> -- >> Tom Eastep \ Nothing is foolproof to a sufficiently talented fool >> Shoreline, \ http://shorewall.net >> Washington USA \ teastep@shorewall.net >> PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key > > That means Shorewall has achieved Nirvana... :^)or irrelevance ;-) -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
certainly not irrelevance. On 7/19/07, Tom Eastep <teastep@shorewall.net> wrote:> > List Receiver wrote: > >> -----Original Message----- > >> From: shorewall-users-bounces@lists.sourceforge.net [mailto:shorewall- > >> users-bounces@lists.sourceforge.net] On Behalf Of Tom Eastep > >> Sent: Thursday, July 19, 2007 10:46 AM > >> To: Shorewall Users > >> Subject: [Shorewall-users] Ping > >> > >> 3 days without a post on this list is a record. > >> > >> Just checking... > >> > >> -Tom > >> -- > >> Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > >> Shoreline, \ http://shorewall.net > >> Washington USA \ teastep@shorewall.net > >> PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key > > > > That means Shorewall has achieved Nirvana... :^) > > or irrelevance ;-) > > -Tom > -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by: Microsoft > Defy all challenges. Microsoft(R) Visual Studio 2005. > http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > > >-- "Welcome to the end of the thought process." --Hugh Laurie as House M.D. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
--- Tom Eastep <teastep@shorewall.net> wrote:> List Receiver wrote: > >> -----Original Message----- > >> 3 days without a post on this list is a record. > > That means Shorewall has achieved Nirvana... :^) > > or irrelevance ;-)At this time of year a lot of sufficiently talented fools are simply on vacation, just waiting to come back and tackle 4.0... ____________________________________________________________________________________ Be a better Heartthrob. Get better relationship answers from someone who knows. Yahoo! Answers - Check it out. http://answers.yahoo.com/dir/?link=list&sid=396545433 ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
On Thursday 19 July 2007 18:53, Tom Eastep wrote:> List Receiver wrote: > >> -----Original Message----- > >> From: shorewall-users-bounces@lists.sourceforge.net [mailto:shorewall- > >> users-bounces@lists.sourceforge.net] On Behalf Of Tom Eastep > >> Sent: Thursday, July 19, 2007 10:46 AM > >> To: Shorewall Users > >> Subject: [Shorewall-users] Ping > >> > >> 3 days without a post on this list is a record. > >> > >> Just checking... > >> > >> -Tom > >> -- > >> Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > >> Shoreline, \ http://shorewall.net > >> Washington USA \ teastep@shorewall.net > >> PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key > > > > That means Shorewall has achieved Nirvana... :^) > > or irrelevance ;-) > > -TomTom As well as my own production and test firewalls, I provide support for friends and a previous employer with multiple Shorewall based firewalls. Shorewall irrelevant? Definitely not. Steven. ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
funny this same thing happens almost an year ago (email from 2006-09-14 11:53) maybe we all - fools - are on vacation :D Tom Eastep wrote:> 3 days without a post on this list is a record. > > Just checking... > > -Tom >------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Christian wrote on 19/07/2007 15:53:26:> funny this same thing happens almost an year ago (email from 2006-09-14 > 11:53) > maybe we all - fools - are on vacation :D > > Tom Eastep wrote: > > 3 days without a post on this list is a record. > > > > Just checking... > > > > -Tom > >from shorewall.conf: ADMINABSENTONVACATION=YES ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Tom Eastep wrote:> 3 days without a post on this list is a record. > > Just checking... > > -Tom > >Last post was on 7/17/2007 3:54AM Your current one is 7/19/2007 7:45PM It is only 2 days and 16 hours approximately :) Best wishes, Andras ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
On 19-Jul-07, at 11:15 PM, Tom Eastep wrote:> 3 days without a post on this list is a record.your fault - you give solutions faster than we can create problems ;-) -- regards Kenneth Gonsalves Associate, NRC-FOSS lawgon@au-kbc.org http://nrcfosshelpline.in/web/ ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Kenneth Gonsalves wrote:> On 19-Jul-07, at 11:15 PM, Tom Eastep wrote: > >> 3 days without a post on this list is a record. > > your fault - you give solutions faster than we can create problems ;-) > >I just released 4.0.0 -- that should solve that problem ;-) -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
On Fri, 20 Jul 2007 03:45:52 am Tom Eastep wrote:> 3 days without a post on this list is a record. > > Just checking... > > -TomFunny thing is, I only signed up for this list yesterday and wondered if it was a dead list - especially given that Shorewall is nominated for the best user supported project in the current Sourceforge Community Choice Awards ;) http://sourceforge.net/community/index.php/landing-pages/cca07/ ...and yes, I voted for Shorewall - the reputation of Shorewall was enough for me! Cheers, James -- "Thirty days hath Septober, April, June, and no wonder. all the rest have peanut butter except my father who wears red suspenders." ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Greetings to the list
I''ve used shorewall now for several years with reasonable success,
employing linux servers in small businesses for my clients here in New
Zealand.
I''ve managed to so far avoid the need for microsoft clients to vpn into
their work networks by supplying software such as winscp which uses ssh
very happily.
A.
With voip convergence however, I find myself now dumped in the situation
where the phone company assumed much about the nature and layout of one
of my clients networks and is pushing for the ceo to have a vpn so they
can install their softphone at his house.
I''m struggling to find a good howto, have read Toms guides on pptp
which
I have achieved authentication but not much network traffic. Toms guides
also say "Unmaintained" and I wonder, has the world found a better
way?
IPSEC is touted as difficult to configure, PPTP is not "secure enough"
and maybe has problems with broadcast packets?
Which VPN technology should I use with shorewall? The phone company
wants to come in with a cisco vpn router, I think I will have to
reconfigure the whole network if that''s the case.
My config is basically:
ADSL ----- eth1 -|Shorewall on server W|eth0-lan - win clients,
| |running samba, apache| \___ Printer
| |-dnsmasq, ubuntu 6.06| \__|Phone company pc
| |incl vmail softwr
|----|Server F running mail|
DNat on W gives access to a win2003 terminal server B also on the lan
ADSL is a nokia 2211 running ppp0atm.
Phone company pc is just XP with their admin package and voicemail
storage, the voip phones are only for the remote office, all their other
phone traffic is simple digital directly wired phones. I can see port
1720 open on the phone switch but don''t really know what to do with it.
Regards
Barry Clearwater
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
Hi Barry, Barry Clearwater schrieb:> Greetings to the list>> Which VPN technology should I use with shorewall? The phone company > wants to come in with a cisco vpn router, I think I will have to > reconfigure the whole network if that''s the case.So, if the phone company uses a cisco vpn router, what are the recomondations? Are they using IP Sec? Regards Götz -- Götz Reinicke IT Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail goetz.reinicke@filmakademie.de Filmakademie Baden-Württemberg GmbH Mathildenstr. 20 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: Dr. Christoph Palmer, MdL, Minister a.D. Geschäftsführer: Prof. Thomas Schadt ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
On Fri, Jul 20, 2007 at 06:21:26PM +1200, Barry Clearwater wrote:> I''m struggling to find a good howto, have read Toms guides on pptp which > I have achieved authentication but not much network traffic. Toms guides > also say "Unmaintained" and I wonder, has the world found a better way? > IPSEC is touted as difficult to configure, PPTP is not "secure enough" > and maybe has problems with broadcast packets?PPTP is Microsoft''s old approach to VPN from the Windows 95 days - it''s just a bad idea. L2TP is their new approach, and it''s still a bad idea. IPsec is the networking equivalent of invading Iraq: you might get the job done, but it''ll take years, cost a stupid amount of money, and a lot of bystanders will get caught in the crossfire. You should look at openvpn, it''s disgustingly easy to set up and works with almost anything. http://shorewall.net/OPENVPN.html ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
ha..ha.. thats a nice one...>--- Kenneth Gonsalves <lawgon@au-kbc.org> wrote: > On 19-Jul-07, at 11:15 PM, Tom Eastep wrote: > > > 3 days without a post on this list is a record. > > your fault - you give solutions faster than we can > create problems ;-) >thanx tom for being there for everybody.... ____________________________________________________________________________________ Boardwalk for $500? In 2007? Ha! Play Monopoly Here and Now (it''s updated for today''s economy) at Yahoo! Games. http://get.games.yahoo.com/proddesc?gamekey=monopolyherenow ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/