search for: allowweb

Release candidate 1 is available at: http://shorewall.net/pub/shorewall/Beta ftp://shorewall.net/pub/shorewall/Beta The ''releasenotes.txt'' file tells you about the release. -Tom PS to those of you on the Shorewall Announcement List: Feedback to this point is overwelmingly in favor of keeping Beta and Release Candidate announcements on this list. I have configured the list

I am getting the following message when Shorewall stops can anybody shed any light on this message and where I should be looking? Thanks root@bobshost:~# shorewall stop Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Stopping Shorewall...Processing /etc/shorewall/stop ... IP Forwarding Enabled

...rst rest + ''['' xAllowDNS = xINCLUDE '']'' + echo ''AllowDNS #Accept DNS'' + read first rest + ''['' xAllowSSH = xINCLUDE '']'' + echo ''AllowSSH #Accept SSH'' + read first rest + ''['' xAllowWeb = xINCLUDE '']'' + echo ''AllowWeb #Allow Web Browsing'' + read first rest + ''['' xAllowSMB = xINCLUDE '']'' + echo ''AllowSMB #Allow MS Networking'' + read first rest + ''['' xAllowAuth = xINCLUDE '...

...2 DST=62.2.24.158 LEN=59 TOS=0x00 PREC=0x00 TTL=64 ID=17070 DF PROTO=UDP SPT=32770 DPT=53 LEN=39 ---------------------------------------------------------------------- but never such: ---------------------------------------------------------------------- Dec 3 15:49:12 [kernel] Shorewall:fw2net:AllowWeb ... ---------------------------------------------------------------------- but i have set in rules: ---------------------------------------------------------------------- AllowWeb:info fw net ---------------------------------------------------------------------- no if the problem is with...

...tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 Chain AllowSSH (7 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 Chain AllowWeb (9 references) pkts bytes target prot opt in out source destination 77 3972 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443...

...o the network # ACCEPT fw net tcp 53 ACCEPT fw net udp 53 # # Accept SSH connections from the local network for administration # ACCEPT loc fw tcp 22 # # Allow Ping To And From Firewall # ACCEPT loc fw icmp 8 ACCEPT net fw icmp 8 ACCEPT fw loc icmp ACCEPT fw net icmp AllowSMB fw loc AllowSMB loc fw AllowWeb net fw AllowWeb loc fw Conf CLAMPMSS=yes IP_FORWARDING=on -- ?? Your kernel must # have CONFIG_IP_NF_TARGET_TCPMSS set. : Deze setting kan ik niet vinden in mijn debian 2.6 kernel ?? ------------------------- horewall-2.2.3 Status at ziggy - Sun May 29 07:46:31 CEST 2005 Counters reset Sun...

i am doing a clean install on fedora core 2 using the shorewall rpm and the Shorewall Setup Guide for multiple IP''s using a stock configuration except for AllowDNS and AllowWeb on the firewall (so i can post this message). my shorewall status file is attached. my setup 69.17.65.105 = firewall 69.17.65.22 = dmz server 1 69.17.65.161 = dmz server 2 my local network is 192.168.0.0/24 using IP address (no name resolution) i am unable to browse the servers in the DMZ...

...amount of traffic is to leave the techroom. Below are a few log entries I looking to get explained. DHCP is handled by the firewall, DNS is handled by servers side our techroom. my rules file AllowSSH all fw AllowDNS all net:10.1.1.159,10.1.1.160 AllowFTP loc net AllowWeb loc net AllowPOP3 loc net AllowSMTP loc net:172.16.35.10,172.16.35.33 AllowSMB loc net:10.1.1.159,10.1.1.160 my policy file loc all DROP info net all DROP info all all...

If I''m using eth1 as my lan zone on my router box, it needs a static ip... what do I set the gateway option to in /etc/network/interfaces since this computer is actually the gateway for the rest of the lan? Itself? My "net" NIC''s address? Something else? My lan isn''t getting internet access using the default Shorewall config file (edited per

...n.DropDNSrep... Pre-processing /usr/share/shorewall/action.AllowPing... Pre-processing /usr/share/shorewall/action.AllowFTP... Pre-processing /usr/share/shorewall/action.AllowDNS... Pre-processing /usr/share/shorewall/action.AllowSSH... Pre-processing /usr/share/shorewall/action.AllowWeb... Pre-processing /usr/share/shorewall/action.AllowSMB... Pre-processing /usr/share/shorewall/action.AllowAuth... Pre-processing /usr/share/shorewall/action.AllowSMTP... Pre-processing /usr/share/shorewall/action.AllowPOP3... Pre-processing /usr/share/shorewall/action.AllowICMPs...

When I install the two-interfaces files in /etc/shorewall on my FC-5 system (with shorewall-3.2.3) and run "services shorewall restart" I get ------------------------------------------------------ cp -a interfaces masq policy routestopped rules zones /etc/shorewall/ ... [root@alfred shorewall]# service shorewall restart ... Determining Zones... ERROR: Zone fw is defined more than once

This rule with a long name and logging: AllowInternetPrintingProtocol:debug causes this iptables error: Processing /etc/shorewall/rules... Rule "AllowSSH:info net fw" added. Rule "AllowPing:info net fw" added. Rule "AllowWeb:debug net fw" added. iptables v1.2.9: Maximum prefix length 29 for --log-prefix Try `iptables -h'' or ''iptables --help'' for more information. Fixing this means checking the length of the expansion of the LOGFORMAT variable after printf has had its way. Perha...

I have hosts connected to interface INTERNAL with IPs that are on the public interface PUBLIC. Zones are "net" & "loc". I have proxy-ARP turned on for thoses hosts. The firewall is denying packets going to those proxied hosts, which is logical. What is the appropriate rule to allow it? In my mind, this is sort of "net" to "net", which

Hi! I don;t know what i am doing wrong because i have still Low ID on aMule. I have action.AllowaMule and accept tcp 4662:4771 and udp 4672. Thanks, Mitja

...PROTO DEST SOURCE ORIGINAL RATE USER/ # PORT PORT(S) DEST LIMIT GROUP AllowPing loc fw AllowPing fw net RejectAuth net fw RejectAuth fw net AllowDNS fw net #AllowFTP fw net AllowWeb fw net REJECT loc net tcp 80,443 # # squid ACCEPT loc fw tcp 3128 # #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE Tunnels # TYPE ZONE GATEWAY GATEWAY ZONE openvpn:1194 net 0.0.0.0/0 # #LAST LINE...

...cal to firewall # ACCEPT loc fw tcp 10000 # # ACCEPT FTP TO loc LAN PC DNAT net loc:192.168.0.50 tcp 21 21 # # INCOMING #AllowPing net fw #AllowSSH net fw #AllowSSH loc fw #AllowDNS net fw #AllowFTP net fw #AllowWeb net fw #AllowSMTP net fw #AllowPOP3 net fw #AllowIMAP net fw #REDIRECT net 22 tcp 22 # #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE SHOREWALL.CONF: ---------------------------------------------------------------------------- ------------...

...SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ # PORT PORT(S) DEST LIMIT GROUP ACCEPT net fw icmp 8 ACCEPT fw net icmp AllowSSH net:208.181.211.253,216.232.104.112 fw AllowWeb net fw AllowSMTP net fw AllowNTP net fw #IRLP ports ACCEPT net fw tcp 15425:15427 ACCEPT net fw udp 2074:2093 #TNOS ports ACCEPT net fw udp 53 ACCEPT net fw udp 93:94 #LAST LINE -...

...n.DropDNSrep... Pre-processing /usr/share/shorewall/action.AllowPing... Pre-processing /usr/share/shorewall/action.AllowFTP... Pre-processing /usr/share/shorewall/action.AllowDNS... Pre-processing /usr/share/shorewall/action.AllowSSH... Pre-processing /usr/share/shorewall/action.AllowWeb... Pre-processing /usr/share/shorewall/action.AllowSMB... Pre-processing /usr/share/shorewall/action.AllowAuth... Pre-processing /usr/share/shorewall/action.AllowSMTP... Pre-processing /usr/share/shorewall/action.AllowPOP3... Pre-processing /usr/share/shorewall/action.AllowIMAP....

...action.DropDNSrep... Pre-processing /usr/share/shorewall/action.AllowPing... Pre-processing /usr/share/shorewall/action.AllowFTP... Pre-processing /usr/share/shorewall/action.AllowDNS... Pre-processing /usr/share/shorewall/action.AllowSSH... Pre-processing /usr/share/shorewall/action.AllowWeb... Pre-processing /usr/share/shorewall/action.AllowSMB... Pre-processing /usr/share/shorewall/action.AllowAuth... Pre-processing /usr/share/shorewall/action.AllowSMTP... Pre-processing /usr/share/shorewall/action.AllowPOP3... Pre-processing /usr/share/shorewall/action.AllowIMAP......

...hare/shorewall/action.DropDNSrep... Pre-processing /usr/share/shorewall/action.AllowPing... Pre-processing /usr/share/shorewall/action.AllowFTP... Pre-processing /usr/share/shorewall/action.AllowDNS... Pre-processing /usr/share/shorewall/action.AllowSSH... Pre-processing /usr/share/shorewall/action.AllowWeb... Pre-processing /usr/share/shorewall/action.AllowSMB... Pre-processing /usr/share/shorewall/action.AllowAuth... Pre-processing /usr/share/shorewall/action.AllowSMTP... Pre-processing /usr/share/shorewall/action.AllowPOP3... Pre-processing /usr/share/shorewall/action.AllowIMAP... Pre-processing /u...