search for: allowrel

Displaying 18 results from an estimated 18 matches for "allowrel".

Did you mean: allowed
2003 Apr 15
8
repost (passive FTP server in DMZ and shorewall 1.4.2)
...the mailing list and found these 2 threads 1. http://lists.shorewall.net/pipermail/shorewall-users/2003-February/005291.html 2. http://lists.shorewall.net/pipermail/shorewall-users/2002-December/003879.html -------------------- In the 1st link, Tom mentioned "FTP tracking/NAT" and "ALLOWRELATED". I checked what modules are being loaded and found these: ip_conntrack_irc 4400 1 [ip_nat_irc] ip_conntrack_ftp 5424 2 [ip_nat_ftp] ip_conntrack 29920 5 [ipt_MASQUERADE ipt_state ip_nat_irc ip_nat_ftp iptable_nat ip_conntrack_irc ip_conntrack_ftp] In rega...
2002 Sep 10
2
Traceroute
How do I allow traceroute to reach my server? Pings work fine but traceroute stops at the last hop before my server. If I shut off the firewall it reaches it fine. PING danicar.net (24.222.246.120): 56 data bytes 64 bytes from 24.222.246.120: icmp_seq=0 ttl=237 time=104.0 ms 64 bytes from 24.222.246.120: icmp_seq=1 ttl=237 time=74.9 ms 64 bytes from 24.222.246.120: icmp_seq=2 ttl=237 time=90.6
2003 Feb 21
0
Shorewall 1.4.0 Beta 1
...ace options. 4. The ''routestopped'' option in the /etc/shorewall/interfaces and /etc/shorewall/hosts files is no longer supported and will generate an error at startup if specified. 5. The Shorewall 1.2 syntax for DNAT and REDIRECT rules is no longer accepted. 6. The ALLOWRELATED variable in shorewall.conf is no longer supported. Shorewall 1.4 behavior is the same as 1.3 with ALLOWRELATED=Yes. 7. The ''multi'' interface option is no longer supported. Shorewall will generate rules for sending packets back out the same interface that they...
2003 Feb 19
0
Proposed Shorewall 1.4.0 Content
...options. 4. The ''routestopped'' option in the /etc/shorewall/interfaces and /etc/shorewall/hosts files is no longer supported and will generate an error at startup if specified. 5. The Shorewall 1.2 syntax for DNAT and REDIRECT rules is no longer accepted. 6. The ALLOWRELATED variable in shorewall.conf is no longer supported. Shorewall 1.4 behavior is the same as 1.3 with ALLOWRELATED=Yes. 7. The ''multi'' interface option is no longer supported. Shorewall will generate rules for sending packets back out the same interface that t...
2002 Dec 19
4
Shorewall 1.3.12 Beta1
The first Beta Version is available at: http://www.shorewall.net/pub/shorewall/Beta ftp://ftp.shorewall.net/pub/shorewall/Beta New features include: 1) "shorewall refresh" now reloads the traffic shaping rules (tcrules and tcstart). 2) "shorewall debug [re]start" now turns off debugging after an error occurs. This places the point of the failure near the end of the
2006 Oct 23
3
command not found error
I am running version 3.0.7 of Shorewall on a Debian Sarge system, but when I start Shorewall I get this: /usr/share/shorewall/firewall: line 204: 4: command not found I looked there and found this: # Run ip and if an error occurs, stop the firewall and quit # run_ip() { if ! ip $@ ; then if [ -z "$STOPPING" ]; then error_message "ERROR: Command \"ip
2003 Mar 05
3
Shorewall 1.4.0 RC1
...erface options. 4) The ''routestopped'' option in the /etc/shorewall/interfaces and /etc/shorewall/hosts files is no longer supported and will generate an error at startup if specified. 5) The Shorewall 1.2 syntax for DNAT and REDIRECT rules is no longer accepted. 6) The ALLOWRELATED variable in shorewall.conf is no longer supported. Shorewall 1.4 behavior is the same as 1.3 with ALLOWRELATED=Yes. 7) The ''multi'' interface option is no longer supported. Shorewall will generate rules for sending packets back out the same interface that they arri...
2003 Aug 12
1
Shorewall Keeps sending false IP Address Conflict
...my_mutex_off; exit 2'' 1 2 3 4 5 6 9 + command=start + ''['' 1 -ne 1 '']'' + do_initialize + export LC_ALL=C + LC_ALL=C + PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin + terminator=startup_error + version= + FW= + SUBSYSLOCK= + STATEDIR= + ALLOWRELATED=Yes + LOGRATE= + LOGBURST= + LOGPARMS= + ADD_IP_ALIASES= + ADD_SNAT_ALIASES= + TC_ENABLED= + LOGUNCLEAN= + BLACKLIST_DISPOSITION= + BLACKLIST_LOGLEVEL= + CLAMPMSS= + ROUTE_FILTER= + NAT_BEFORE_RULES= + DETECT_DNAT_IPADDRS= + MUTEX_TIMEOUT= + NEWNOTSYN= + LOGNEWNOTSYN= + FORWARDPING= + MACLIST_D...
2003 Feb 27
6
Shorewall 1.4.0 Beta 2
...erface options. 5) The ''routestopped'' option in the /etc/shorewall/interfaces and /etc/shorewall/hosts files is no longer supported and will generate an error at startup if specified. 6) The Shorewall 1.2 syntax for DNAT and REDIRECT rules is no longer accepted. 7) The ALLOWRELATED variable in shorewall.conf is no longer supported. Shorewall 1.4 behavior is the same as 1.3 with ALLOWRELATED=Yes. 8) The ''multi'' interface option is no longer supported. Shorewall will generate rules for sending packets back out the same interface that they arri...
2002 Aug 22
0
Shorewall 1.3.7
This is a bug-fix roleup together with changes to the way ICMP is handled= =2E 1) The ''icmp.def'' file is now empty! The rules in that file were required in ipchains firewalls but are not required in Shorewall. Users who have ALLOWRELATED=3DNo in shorewall.conf should see the Upgrade Issues. 2) A ''FORWARDPING'' option has been added to shorewall.conf. The effect of setting this variable to Yes is the same as the effect of adding an ACCEPT rule for ICMP echo-request in /etc/shorewall/icmpdef. Users wh...
2002 Aug 07
2
Re: [Shorewall-users] Common Rules
John, I''m taking the liberty of copying the Shorwall Development list since I believe that these issues will be of interest. On Tue, 6 Aug 2002, Links at Momsview wrote: > Tom, > I''m not sure if you ever saw this document but it describes some of the > reasons you are seeing strange packets > after setting up NEW not SYN >
2002 May 14
4
Redirect loc::80 to fw::3128 not work
...loc $FW tcp ssh ACCEPT net $FW tcp ssh,auth ACCEPT $FW net udp ntp #[/etc/shorewall/shorewall.conf]-------------------------------------------- --- FW=fw SUBSYSLOCK=/var/lock/subsys/shorewall STATEDIR=/var/lib/shorewall ALLOWRELATED="yes" MODULESDIR="" LOGRATE="1/minute" LOGBURST="5" LOGUNCLEAN=info LOGFILE="/var/log/messages" NAT_ENABLED="Yes" MANGLE_ENABLED="Yes" IP_FORWARDING="On" ADD_IP_ALIASES="Yes" ADD_SNAT_ALIASES="No&quot...
2002 May 14
3
[Shorewall-users] Redirect loc::80 to fw::3128 not work (fwd)
...loc $FW tcp ssh ACCEPT net $FW tcp ssh,auth ACCEPT $FW net udp ntp #[/etc/shorewall/shorewall.conf]-------------------------------------------- --- FW=fw SUBSYSLOCK=/var/lock/subsys/shorewall STATEDIR=/var/lib/shorewall ALLOWRELATED="yes" MODULESDIR="" LOGRATE="1/minute" LOGBURST="5" LOGUNCLEAN=info LOGFILE="/var/log/messages" NAT_ENABLED="Yes" MANGLE_ENABLED="Yes" IP_FORWARDING="On" ADD_IP_ALIASES="Yes" ADD_SNAT_ALIASES="No&quot...
2003 Feb 22
4
Shorewall with ProxyARP
Hi, Thanks for your reply . I am attaching the files needed by you herewith. The NAT device is called Pronto gateway which has two interfaces , namely eth0 and eth1. ''eth0'' has an ip address of 203.124.152.66 and eth1 has an ip address of 192.168.1.3 . All the client PCs are in 192.168.1.0 network [behind the NAT, the Pronto gateway] and use 192.168.1.3 as the default
2003 Mar 23
12
Shorewall 1.4.1
This is a minor release of Shorewall. WARNING: This release introduces incompatibilities with prior releases. See http://www.shorewall.net/upgrade_issues.htm. Changes are: a) There is now a new NONE policy specifiable in /etc/shorewall/policy. This policy will cause Shorewall to assume that there will never be any traffic between the source and destination zones. b) Shorewall no longer
2003 Jan 09
19
New on the Web Site
While I''m in temporary retirement, I''ve decided spend a little time experimenting with new things and making some updates to the web site. The biggest result of this effort to date has been: http://shorewall.sf.net/Shorewall_Squid_Usage.html This outlines how to use Squid as a transparent proxy running on the firewall, in the DMZ or in the local network. In the latter two
2005 May 31
11
More Tests for 2.4.0-RC2 - strange behaviour
...start + case "$COMMAND" in + ''['' 1 -ne 1 '']'' + do_initialize + export LC_ALL=C + LC_ALL=C + umask 177 + PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin + terminator=startup_error + version= + IPTABLES= + FW= + SUBSYSLOCK= + STATEDIR= + ALLOWRELATED=Yes + LOGRATE= + LOGBURST= + LOGPARMS= + LOGLIMIT= + ADD_IP_ALIASES= + ADD_SNAT_ALIASES= + TC_ENABLED= + BLACKLIST_DISPOSITION= + BLACKLIST_LOGLEVEL= + CLAMPMSS= + ROUTE_FILTER= + LOG_MARTIANS= + DETECT_DNAT_IPADDRS= + MUTEX_TIMEOUT= + NEWNOTSYN= + LOGNEWNOTSYN= + FORWARDPING= + MACLIST_DISPOSI...
2005 Feb 01
4
Shorewall problem
I am getting the following message when Shorewall stops can anybody shed any light on this message and where I should be looking? Thanks root@bobshost:~# shorewall stop Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Stopping Shorewall...Processing /etc/shorewall/stop ... IP Forwarding Enabled