Displaying 4 results from an estimated 4 matches for "1ef597fa".
2004 Sep 03
7
Shorewall as a "commercial" firewall
I am considering replacing my old checkpoint and watchguard firewalls witha
single Linux box using iptables and shorewall. I have two ISP''s (with
separate routing tables), two DMZ''s, at least one VPN to a remote office, and
a local trusted network. The configuration will look like:
+----------------+
| |
net0 ----------+ eth1
2004 Dec 14
4
ipsec-netfilter patches for 2.6.9
The patches may be found at:
http://shorewall.net/pub/shorewall/contrib/IPSEC
ftp://shorewall.net/pub/shorewall/contrib/IPSEC
I found these patches on the netfilter-devel list and make no warranties
as to how well they work (or not).
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP
2004 Sep 01
11
IPSEC VPN clients on local network
I have problems connecting IPSEC VPN clients on the masqueraded network
to outside VPN servers.
It looks like this:
ipsec-user
| 192.168.1.10 (DHCP assigned)
|
| 192.168.1.1
fw-1 (shorewall, Linux 2.6)
| 20.20.20.20
(internet)
| 30.30.30.30
fw-2 (IPSEC VPN endpoint)
| 192.168.100.1
|
| 192.168.100.2
server
ipsec-user (a road warrior) is supposed to create an IPSEC tunnel to his
home
2004 Nov 05
8
Using Shorewall + Linux Virtual Server LVS/DR
I''m havign a HUGE amount of difficulty getting shoreline to work with LVS.
We use it here constantly so we know it works. The problem is packets come
in, get directed to a webserver, webserver returns the packet to firewall,
and then it goes into a black hole. rp_filter is off globally on all
interfaces. LVS seems to be working right....
I use shorewall tcrules to mark packets on