Displaying 13 results from an estimated 13 matches for "dmz0".
Did you mean:
dmz
2005 May 05
1
Ping Requests issue
....
I do not want to allow ping by default from internet. I have not copied the files action.drop
and action.reject into /etc/shorewall. Nor I have a AllowPing rule in rules file.
The policy file is pasted below.
#SOURCE DEST POLICY LOG LEVEL LIMIT:BURST
#loc net ACCEPT
net all DROP info
dmz0 net ACCEPT info
dmz1 net ACCEPT info
fw net ACCEPT info
fw dmz0 ACCEPT info
fw dmz1 ACCEPT info
dmz0 fw ACCEPT info
dmz1 fw ACCEPT info
dmz0 dmz1 ACCEPT info
all all REJECT info
Just thought you could enlighten
Thanks
Siva
This email contains Indsc...
2004 Sep 07
6
Syntax for address range
I would like to add a rule allowing only the address 192.168.150.20 and the
range of addresses from 192.169.150.100 to 192.168.150.150 in zone dmz0 to
connect to two terminal servers in the local zone.
Is there a syntax that can specify a range of addresses in the rules file? Do
I have to enter each one separately?
--
Stephen Carville
Unix and Network Adminstrator
DPSI
6033 W.Century Blvd.
Los Angeles, CA 90045
310-342-3602
2004 Sep 03
7
Shorewall as a "commercial" firewall
...shorewall. I have two ISP''s (with
separate routing tables), two DMZ''s, at least one VPN to a remote office, and
a local trusted network. The configuration will look like:
+----------------+
| |
net0 ----------+ eth1 eth3 +---- DMZ0 (~20 nodes)
| |
net1 ----------+ eth2 eth4 +---- DMZ1 (~5 nodes)
| eth0 |
+--------+-------+
|
|
Local (~120 nodes)
The 1.544 M$ question is can Shorewa...
2006 Oct 08
0
Xen 3: Untethered bridges??
...with the two
other physical interfaces plus a dummy interface tied to "untethered" bridges
(as I also have physical switches plugged into the "LAN" and "DMZ"
interfaces).
Here is what the ''/etc/network/nterfaces'' file looks like:
auto br-lan0 br-dmz0 br-adm0
iface br-lan0 inet manual
bridge_ports eth0
iface br-dmz0 inet manual
bridge_ports eth1
iface br-adm0 inet static
address 10.253.3.2
netmask 255.255.255.0
gateway 10.253.3.1
bridge_ports dummy0
the ''br-adm0'' bridge is for remote administr...
2007 Jan 11
3
problem with mapped group
Hello!
We have samba 3.0.23d PDC and windows 2003 terminal server as samba
domain member.
And we have mapped group with about 170 members.
We found that last added users (looks like last member of group) can't
connect to windows server, i.e. they are not recognized by windows as
group members.
How can we check that this is samba problem , not windows problem?
2006 Apr 21
0
Split traffic problem
...-- router1
|
lan2----------|
lan1 use router1, lan2 router2.
The linux default gw is set to router2, lan2 browse internet without
any problem (icmp, tcp..).
Lan1 is blocked.
>From lan1 i can ping router1, and i''ve set this iproute rules:
ip route add 10.0.0.0/24 dev dmz0 table cnet
ip route add 195.43.x.x dev bad0 table cnet (firewall interface ip
address connected to router1)
ip route add 192.168.1.0/24 dev lan0 table cnet
ip route add default via 195.43.x.x dev bad0 table cnet (router1 ip address)
ip rule add from 195.43.x.x/29 lookup cnet
ip rule add to 195.43....
2007 Sep 25
1
Local server unreachable by remote lan in dual isp configuration
...route script:
ISP1_NET="x.x.x.192/29"
ISP1_IP="x.x.x.195"
ISP1_GW="x.x.x.193"
ISP1_IF="bad0"
ISP2_NET="x.x.x.96/29"
ISP2_IP="x.x.x.98"
ISP2_GW="x.x.x.97"
ISP2_IF="bad1"
DMZ_NET="192.168.0.0/24"
DMZ_IF="dmz0"
LAN_NET="10.0.0.0/24"
LAN_IF="lan0"
SERVER_MAIL="10.0.0.50"
SERVER_1="10.0.0.10"
SERVER_2="10.0.0.2"
SERVER_3="10.0.0.3"
/sbin/ip rule add fwmark 100 table ISP2
/sbin/ip rule add fwmark 101 table ISP1
/sbin/ip route add $ISP1_NE...
2005 Mar 02
12
Problem with outgoing Masquerade
...want outgoing port
25 from my mail server to appear on the address 65.223.121.227 so I created
the file masq:
eth2 192.168.124.18 65.223.121.227 tcp 25
eth1 eth5
eth1 eth3
eth1 eth4
eth1 == net0 == 209.189.103.196/27
eth2 == net1 == 65.223.121.237/28
eth3 == dmz0
eth4 == dmz1
eth5 == loc == 192.168.124.249/24
(Yes I know the danger of having a production server in the local network. I
inherited this setup and I am trying to fix it)
65.223.121.227 is on eth2:1
Shorewall restarts cleanly and I see in the status:
0 0 SNAT tcp -- * *...
2019 Apr 10
1
chown: changing ownership of 'test': Invalid argument
...OADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc
> noqueue state UP group default qlen 1000
> link/ether 00:c1:2a:15:5c:fe brd ff:ff:ff:ff:ff:ff link-netnsid 0
> inet 10.10.18.50/24 brd 10.10.18.255 scope global native0
> inet6 fe80::2c1:2aff:fe15:5cfe/64 scope link
> 46: dmz0 at if47: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue
> state UP group default qlen 1000
> link/ether 00:c1:b1:ea:6c:fe brd ff:ff:ff:ff:ff:ff link-netnsid 0
> inet 10.10.11.50/24 brd 10.10.11.255 scope global dmz0
> inet6 fe80::2c1:b1ff:feea:6cfe/64 scope l...
2019 Apr 10
6
chown: changing ownership of 'test': Invalid argument
Hi All,
I have a very weird issue on one of my servers. I think I might just be
missing something quite obviously... I will post the config files at the
bottom
I have a brand new Debian server running as an LXC container
> root at ho-vpn-ctx-ac01:~# lsb_release -a
> No LSB modules are available.
> Distributor ID: Debian
> Description: Debian GNU/Linux 9.8 (stretch)
>
2019 Apr 10
4
chown: changing ownership of 'test': Invalid argument
...mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:c1:2a:15:5c:fe brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet MailScanner warning: numerical links are often malicious: 10.10.18.50/24 brd 10.10.18.255 scope global native0
inet6 fe80::2c1:2aff:fe15:5cfe/64 scope link
46: dmz0 at if47: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:c1:b1:ea:6c:fe brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet MailScanner warning: numerical links are often malicious: 10.10.11.50/24 brd 10.10.11.255 scope global dmz0
ine...
2005 Apr 07
4
Shorewall in a Routed network
Hi,
In a routed network environment, without the router , we want to use the shorewall as the firewall/router. The ISP has assigned the following set of IP addresses.
WAN IP for subnet 1 (DATA)
220.227.202.X/30 ( to be assigned to eth0 of the shorewall)
WAN IP for subnet 2 (Voice)
220.227.202.Y/30 ( to be assigned to eth1 of the shorewall)
Addresses assigned for Subnet 1 by
2019 Apr 10
1
chown: changing ownership of 'test': Invalid argument
...mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:c1:2a:15:5c:fe brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet MailScanner warning: numerical links are often malicious: 10.10.18.50/24 brd 10.10.18.255 scope global native0
inet6 fe80::2c1:2aff:fe15:5cfe/64 scope link
46: dmz0 at if47: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 00:c1:b1:ea:6c:fe brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet MailScanner warning: numerical links are often malicious: 10.10.11.50/24 brd 10.10.11.255 scope global dmz0
ine...