search for: allowtrcrt

...ads:- #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST fw net DROP info net all DROP info # The FOLLOWING POLICY MUST BE LAST all all REJECT info In the rules file I have: AllowTrcrt net fw AllowTrcrt fw net ACCEPT fw net icmp 11 ACCEPT net fw icmp 11 Yet traceroute requests are not honoured coming into this box:- Jan 10 11:37:00 nwww kernel: Shorewall:net2all:DROP:IN=...

...ACCEPT info all bb1 ACCEPT info all net ACCEPT info Will everybody be able to access $FW (if any services in $FW is running) Or I''ve to speficy all of them one by one with the rules? AllowPing all all AllowTrcrt all all Regards, -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFCpm+rV0p9slMZLW4RAgh0AKDuJevDnWZLlGTjxAN3EwUkBiHbcQCgknpT +zmvWf2nsdhcUwZBHdnQvU8= =UZNm -----END PGP SIGNATURE-----

My sincere apologies for the messed up 2.0.14. I didn''t realize that I had merged a change from 2.2.0 but hadn''t tested it. http://shorewall.net/pub/shorewall/2.0/shorewall-2.0.15 ftp://shorewall.net/pub/shorewall/2.0/shorewall-2.0.15 1. The range of ports opened by the AllowTrcrt action has been expanded to 33434:33524 to allow for a maximum of 30 hops. 2. Code mis-ported from 2.2.0 in release 2.0.14 caused the following error during "shorewall start" where SYN rate-limiting is present in /etc/shorewall/policy: Bad argument `DROP'' Tr...

I am getting the following message when Shorewall stops can anybody shed any light on this message and where I should be looking? Thanks root@bobshost:~# shorewall stop Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Stopping Shorewall...Processing /etc/shorewall/stop ... IP Forwarding Enabled

...date = xINCLUDE '']'' + echo ''AllowRdate #Allow remote time (rdate).'' + read first rest + ''['' xAllowNNTP = xINCLUDE '']'' + echo ''AllowNNTP #Allow network news (Usenet).'' + read first rest + ''['' xAllowTrcrt = xINCLUDE '']'' + echo ''AllowTrcrt #Allows Traceroute (20 hops)'' + read first rest + ''['' xAllowSNMP = xINCLUDE '']'' + echo ''AllowSNMP #Allows SNMP (including traps)'' + read first rest + ''['' xAl...

....AllowVNC... Pre-processing /usr/share/shorewall/action.AllowVNCL... Pre-processing /usr/share/shorewall/action.AllowNTP... Pre-processing /usr/share/shorewall/action.AllowRdate... Pre-processing /usr/share/shorewall/action.AllowNNTP... Pre-processing /usr/share/shorewall/action.AllowTrcrt... Pre-processing /usr/share/shorewall/action.AllowSNMP... Pre-processing /usr/share/shorewall/action.AllowPCA... Pre-processing /usr/share/shorewall/action.Drop... Pre-processing /usr/share/shorewall/action.Reject... Deleting user chains... Setting up Accounting... Creating Interfa...

...1 I''m hoping that this will be the last RC and that I can release 2.2.0 on February 1. I appreciate your help in testing this RC. http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC5 ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-RC5 Problems Corrected: 1. The AllowTrcrt action has been changed to allow up to 30 hops (same as default for ''traceroute''). Previously, the action was documented as allowing 20 hops but actually only allowed for 6 hops. 2. Using some lightweight shells, valid entries in /etc/shorewall/ecn produce startup errors. New...

Hi! I don;t know what i am doing wrong because i have still Low ID on aMule. I have action.AllowaMule and accept tcp 4662:4771 and udp 4672. Thanks, Mitja

....AllowVNC... Pre-processing /usr/share/shorewall/action.AllowVNCL... Pre-processing /usr/share/shorewall/action.AllowNTP... Pre-processing /usr/share/shorewall/action.AllowRdate... Pre-processing /usr/share/shorewall/action.AllowNNTP... Pre-processing /usr/share/shorewall/action.AllowTrcrt... Pre-processing /usr/share/shorewall/action.AllowSNMP... Pre-processing /usr/share/shorewall/action.AllowPCA... Pre-processing /usr/share/shorewall/action.Drop... Pre-processing /usr/share/shorewall/action.Reject... Processing /etc/shorewall/rules... Rule "ACCEPT fw net t...

...ction.AllowVNC... Pre-processing /usr/share/shorewall/action.AllowVNCL... Pre-processing /usr/share/shorewall/action.AllowNTP... Pre-processing /usr/share/shorewall/action.AllowRdate... Pre-processing /usr/share/shorewall/action.AllowNNTP... Pre-processing /usr/share/shorewall/action.AllowTrcrt... Pre-processing /usr/share/shorewall/action.AllowSNMP... Pre-processing /usr/share/shorewall/action.AllowPCA... Pre-processing /usr/share/shorewall/action.Drop... Pre-processing /usr/share/shorewall/action.Reject... Validating rules file... Rule "ACCEPT net fw tcp 22" che...

...are/shorewall/action.AllowVNC... Pre-processing /usr/share/shorewall/action.AllowVNCL... Pre-processing /usr/share/shorewall/action.AllowNTP... Pre-processing /usr/share/shorewall/action.AllowRdate... Pre-processing /usr/share/shorewall/action.AllowNNTP... Pre-processing /usr/share/shorewall/action.AllowTrcrt... Pre-processing /usr/share/shorewall/action.AllowSNMP... Pre-processing /usr/share/shorewall/action.AllowPCA... Pre-processing /usr/share/shorewall/action.Drop... Pre-processing /usr/share/shorewall/action.Reject... Processing /etc/shorewall/rules... Rule "ACCEPT net fw icmp 8" added. R...

Hello, You will find in attachment the layout of my current physical configuration. For now, the Cable ISP is not used. Since it is a dynamic ISP, my mailserver is rejected and my domain name registers on blacklists like ORDB and al. I want it to be used as a default gateway except for my mail server that would be seen as coming from my "honest" ADSL ISP. Here is