Displaying 9 results from an estimated 9 matches for "construx".
Did you mean:
constru
2003 Jan 13
5
Using private & public addresses together i n the Shorewall''s DMZ zone
To rephrase the question, "Can I use masquerading and proxy ARP in the same
zone simultaneously?" It''s not a stupid question--I couldn''t see any reason
why it wouldn''t work, but I had actually try it out to convince myself that
it did (which isn''t a bad thing to do before posting the question to the
list, by the way). In any case, the answer is
2003 Jan 10
1
Forcing ISP ARP cache to refresh immediately
>From http://shorewall.net/ProxyARP.htm (and the Setup Guide):
> A word of warning is in order here. ISPs typically configure their
> routers with a long ARP cache timeout. If you move a system from
> parallel to your firewall to behind your firewall with Proxy ARP, it
> will probably be HOURS before that system can communicate with the
> internet. You can call your ISP and ask
2003 Jan 10
5
Shorewall site search is now available agai n
Hmm--either the indexing process is still running, or it''s broken again.
It''s 0443 GMT, and I can''t get the search engine to find anything on the
mailing list or the web site (I used ''dns'' as my search term).
It''s not that big of an inconvenience, though--Googling for
''site:shorewall.net dns'' does pretty much the same thing.
2003 Jan 14
1
Two web servers on DMZ zone with private ad dresses. How to?
That log message looks like someone (or some program) is trying to browse to
moreover.com from your web server machine--it''s not a reply to an external
request. You''d see messages like that if you were running some sort of HTTP
proxy server (like Squid) on that box (although they''d likely be to multiple
IPs, unless your users only browsed to p.moreover.com). It could
2003 Jan 06
5
SMTP traffic gets blocked
Hi,
I am trying to configure the SMTP service on DMZ host. Added the rule:
ACCEPT wan dmz:66.58.99.84 tcp pop3 -
ACCEPT wan dmz:66.58.99.84 tcp 25 -
ACCEPT dmz:66.58.99.84 wan tcp 25 -
ACCEPT dmz:66.58.99.84 wan tcp pop3 -
issued shorewall clear, shorewall restart, but still couldn''t telnet to
the mail server
2003 Jan 09
19
New on the Web Site
While I''m in temporary retirement, I''ve decided spend a little time
experimenting with new things and making some updates to the web site. The
biggest result of this effort to date has been:
http://shorewall.sf.net/Shorewall_Squid_Usage.html
This outlines how to use Squid as a transparent proxy running on the
firewall, in the DMZ or in the local network. In the latter two
2005 Jan 04
0
RE: Outlook Web Access behind shorewallfirewalldoesn''t work
Tom Eastep wrote:
> On Mon, 2005-01-03 at 15:22 -0800, Boyd Kelly (Coast Systems) wrote:
> > Thanks for such a quick reply Tom!
> >
> > Any suggestions then as to what I might do other than
> putting a second
> > nic in the SBS and opening it up for web access? I don''t
> like the idea,
> > but since MS SBS includes fireall that is actually what
2003 Jan 08
0
Is this an exploit of some sort?
Those are just late DNS replies--port 53 is DNS, and the IP you gave points
to a DNS server (ns1.gci.net). "dig -x" is your friend :)
The connection tracking table used by iptables to masquerade your internal
network will only "hold open" a UDP connection for a certain amount of time;
if no traffic flows in either direction, the entry in the connection
tracking table will be
2007 Nov 02
1
[Patch, enh] Permit host and IP addresses in (Allow|Deny)Groups
Hi,
I ran across a case in which my server maintenance was simplified by
using
SSHD configuration options like this in sshd_config:
AllowGroups admin at 192.168.0.* sshuser
in much the same fashion as (Allow|Deny)Users. In this case, the goal is
to
provide access to administrators only from the local network, while
allowing
SSH users to login from anywhere. This (IMHO) simplifies access