search for: dropbcast

Hi all, I''m using Fedora Core 2, kernel 2.6.5. I''ve installed shorewall 2.1.9 from rpm package. It seems that there is a builtin action called "dropBcast" drops all broadcast packages on my ethernet interfaces base on package type "pkttype=broadcast". For a particular reason, I need all traffics of broadcast packages are allowed to pass my ethernet interfaces. I''ve searched for days on shorewall''s FAQ,troubleshootin...

I am getting the following message when Shorewall stops can anybody shed any light on this message and where I should be looking? Thanks root@bobshost:~# shorewall stop Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Stopping Shorewall...Processing /etc/shorewall/stop ... IP Forwarding Enabled

...l and Shorewall2 use the same state directory. /etc/shorewall/actions.std defines the actions that I release and currently contains just the actions I need to replace the ''common'' chain (plus AllowPing) which I personally like). # # Shorewall 2.0 /etc/shorewall/actions.std # # DropBcast #Silently Drops Broadcast Traffic DropSMB #Silently Drops Microsoft SMB Traffic RejectSMB #Silently Reject Microsoft SMB Traffic DropUPnP #Silently Drop UPnP Probes DropNonSyn #Silently Drop Non-syn TCP packets RejectAuth #Silently Reject Auth DropPing #S...

...9;]'' + echo ''#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE'' + read first rest + cut -d# -f1 + grep -v ''^[[:space:]]*$'' + echo ''Pre-processing Actions...'' Pre-processing Actions... + process_actions1 + ACTIONS=''dropBcast allowBcast dropNonSyn dropNotSyn rejNotSyn dropInvalid allowInvalid allowinUPnP allowoutUPnP forwardUPnP'' + USEDACTIONS= + strip_file actions + local fname + ''['' 1 = 1 '']'' ++ find_file actions ++ local saveifs= directory ++ case $1 in ++ ''['...

Hi! I don;t know what i am doing wrong because i have still Low ID on aMule. I have action.AllowaMule and accept tcp 4662:4771 and udp 4672. Thanks, Mitja

...ing up Route Filtering... Setting up Martian Logging... Setting up Accept Source Routing... Setting up SYN Flood Protection... Setting up IPSEC management... Setting up Rules... Setting up Tunnels... Setting up Actions... Creating action chain Drop Creating action chain Reject Creating action chain dropBcast Creating action chain dropInvalid Creating action chain dropNotSyn Applying Policies... Setting up Masquerading/SNAT... Activating Rules... done. see attached file for /sbin/shorewall dump > /tmp/status.txt I really do hope I can receive some extra help with this If there is anything else...

...OUTPUT:REJECT:'' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain Drop (1 references) pkts bytes target prot opt in out source destination 0 0 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropSMB all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 0...

...CCEPT [0:0] :tcfor - [0:0] :tcout - [0:0] :tcpost - [0:0] :tcpre - [0:0] -A PREROUTING -j tcpre -A FORWARD -j tcfor -A OUTPUT -j tcout -A POSTROUTING -j tcpost COMMIT *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] :Drop - [0:0] :Reject - [0:0] :all2all - [0:0] :blacklst - [0:0] :dropBcast - [0:0] :dropInvalid - [0:0] :dropNotSyn - [0:0] :dynamic - [0:0] :eth0_fwd - [0:0] :eth0_in - [0:0] :eth0_out - [0:0] :fw2wan - [0:0] :logdrop - [0:0] :logflags - [0:0] :logreject - [0:0] :reject - [0:0] :smurfs - [0:0] :tcpflags - [0:0] :wan2fw - [0:0] -A INPUT -i eth0 -j eth0_in -A INPUT -i lo -...

...wall:OUTPUT:ACCEPT:'' 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain Drop (4 references) pkts bytes target prot opt in out source destination 576K 59M RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 576K 59M dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 384K 19M DropSMB all -- * * 0.0.0.0/0 0.0.0.0/0 367K 18M DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 367K 18M dropNonSyn all -- * * 0.0.0.0/0 0.0.0.0/0 367K 18M...

...wall:OUTPUT:REJECT:'' 0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain Drop (1 references) pkts bytes target prot opt in out source destination 65 8740 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 65 8740 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 60 8508 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0 60 8508 DropSMB all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 0 0...

...wall:OUTPUT:ACCEPT:'' 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain Drop (4 references) pkts bytes target prot opt in out source destination 576K 59M RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 576K 59M dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 384K 19M DropSMB all -- * * 0.0.0.0/0 0.0.0.0/0 367K 18M DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 367K 18M dropNonSyn all -- * * 0.0.0.0/0 0.0.0.0/0 367K 18M...

...uot; added. Rule "ACCEPT loc fw tcp 993" added. Rule "ACCEPT net fw tcp 993" added. Rule "REJECT loc net:213.228.128.64 tcp 25" added. Processing Actions... Processing /usr/share/shorewall/action.Drop... Rule "RejectAuth" added. Rule "dropBcast" added. Rule "DropSMB" added. Rule "DropUPnP" added. Rule "dropNotSyn" added. Rule "DropDNSrep" added. Processing /usr/share/shorewall/action.Reject... Rule "RejectAuth" added. Rule "dropBcast" added. Rule...

...tcp 22" checked. Rule "ACCEPT net fw tcp 80" checked. Rule "ACCEPT net fw tcp 8080" checked. Rule "ACCEPT net fw tcp 10000" checked. Validating Actions... Processing /usr/share/shorewall/action.Drop... Rule "RejectAuth" checked. Rule "dropBcast" checked. Rule "dropInvalid" checked. Rule "DropSMB" checked. Rule "DropUPnP" checked. Rule "dropNotSyn" checked. Rule "DropDNSrep" checked. Processing /usr/share/shorewall/action.Reject... Rule "RejectAuth" checked....

...e "ACCEPT net fw tcp 2096" added. Rule "ACCEPT dmz fw tcp smtp" added. Rule "ACCEPT dmz fw tcp domain" added. Rule "ACCEPT net fw tcp 26" added. Processing Actions... Processing /usr/share/shorewall/action.Drop... Rule "RejectAuth" added. Rule "dropBcast" added. Rule "dropInvalid" added. Rule "DropSMB" added. Rule "DropUPnP" added. Rule "dropNotSyn" added. Rule "DropDNSrep" added. Processing /usr/share/shorewall/action.Reject... Rule "RejectAuth" added. Rule "dropBcast" adde...

Hi everybody I have a Problem with Masquerading from my local net (loc) to my VPN (loc2). I can reach every Service from loc2 in loc, but I can''t get reach any service from loc in loc2. Has somebody an Idea where my mistake is ? Without shorewall, it was working. Thanks for helping Lars Technical Information : Shorewall 2.0.13 Suse 9.0 *177.177.77.X The first 3 Counts are changed

...romo - Sat Jan 28 22:58:35 CET 2006 Counters reset Sat Jan 28 22:58:31 CET 2006 Chain Drop (0 references) pkts bytes target prot opt in out source destination 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 0 0 dropInvalid all -- *...

...0 reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain Drop (1 references) pkts bytes target prot opt in out source destination 63 8700 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 63 8700 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 43 2140 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0 43 2140 DropSMB all -- * * 0.0.0.0/0 0.0.0.0/0 29 1464 DropUPnP all -- * * 0.0.0.0/...

Dear List! I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection to the Internet (ppp0 - eth1 to the modem) and a bridge to the local lan. The bridged config i''ve made with bridge.html from the shorewall site. The Bridge is between local net and a openvpn tap device. This works. I ccan make tunnels, and a can make a lot of things through the firewall. I can get a list

Hello !! I ve just install shorewall-common and shorewall-shell I can''t defined a network using the CIDR format for my DMZ in /etc/shorewall/hosts fast eth2:172.17.0.0/16 epac eth2:172.18.0.0/16 fsa eth2:172.19.0.0/16 bu eth2:172.20.0.0/16 recto eth2:172.21.0.0/16 dmz eth1:81.91.225.224/27 I receive this error: ERROR: Invalid zone definition for

...) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 Chain Drop (1 references) pkts bytes target prot opt in out source destination 81 4164 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 81 4164 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 AllowICMPs icmp -- * * 0.0.0.0/0 0.0.0.0/0 81 4164 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0 81 4164 DropSMB all -- * * 0.0.0.0/0 0.0.0.0/0 81 4164 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 81 4164 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0 79 4084 DropDNSrep all --...