Displaying 20 results from an estimated 32 matches for "dropnotsyn".
2005 Feb 01
4
Shorewall problem
I am getting the following message when Shorewall stops can anybody shed
any light on this message and where I should be looking? Thanks
root@bobshost:~# shorewall stop
Loading /usr/share/shorewall/functions...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Stopping Shorewall...Processing /etc/shorewall/stop ...
IP Forwarding Enabled
2004 Jun 28
6
URGENT: Shorewall Security Vulnerability
Javier Fernández-Sanguino Peña has discovered an exploitable
vulnerability in the way that Shorewall handles temporary files and
directories. The vulnerability can allow a non-root user to cause
arbitrary files on the system to be overwritten. LEAF Bering and Bering
uClibc users are generally not at risk due to the fact that LEAF boxes
do not typically allow logins by non-root users.
For 2.0
2005 May 31
11
More Tests for 2.4.0-RC2 - strange behaviour
...LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE''
+ read first rest
+ cut -d# -f1
+ grep -v ''^[[:space:]]*$''
+ echo ''Pre-processing Actions...''
Pre-processing Actions...
+ process_actions1
+ ACTIONS=''dropBcast allowBcast dropNonSyn dropNotSyn rejNotSyn dropInvalid allowInvalid allowinUPnP allowoutUPnP forwardUPnP''
+ USEDACTIONS=
+ strip_file actions
+ local fname
+ ''['' 1 = 1 '']''
++ find_file actions
++ local saveifs= directory
++ case $1 in
++ ''['' -n '''' -a...
2005 Mar 10
7
upgrade question
Hi,
I''ve upgraded my shorewall version from 2.0 to 2.2.1 using the .tgz
I followed the instructions for upgrade
and got a warning when running shorewall check
on /usr/share/shorewall/action.DROP and action.Reject using "dropNonSyn"
while that has changed to DropNotSyn .
I manually copied over action.DROP from the source tree.
Question: Are there more files to check ? Even though I get no warnings
running shorewall check ?
Do I have to be worried about the upgrade not being succesful ?
thanks,
Peter
2005 Apr 09
12
aMule
Hi!
I don;t know what i am doing wrong because i have still Low ID on aMule. I
have action.AllowaMule and accept tcp 4662:4771 and udp 4672.
Thanks,
Mitja
2008 May 29
1
shorewall & ipsec rules with "FORWARD:DROP" packets
...Accept Source Routing...
Setting up SYN Flood Protection...
Setting up IPSEC management...
Setting up Rules...
Setting up Tunnels...
Setting up Actions...
Creating action chain Drop
Creating action chain Reject
Creating action chain dropBcast
Creating action chain dropInvalid
Creating action chain dropNotSyn
Applying Policies...
Setting up Masquerading/SNAT...
Activating Rules...
done.
see attached file for /sbin/shorewall dump > /tmp/status.txt
I really do hope I can receive some extra help with this
If there is anything else I can submit to help trouble shoot with me,
please let me know....
2005 Jul 02
6
Port redirection on standalone pc to pop3 proxy AV scanner
...-- * * 0.0.0.0/0
0.0.0.0/0
0 0 dropInvalid all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 DropSMB all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 DropUPnP all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 dropNotSyn all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 DropDNSrep all -- * * 0.0.0.0/0
0.0.0.0/0
Chain DropDNSrep (2 references)
pkts bytes target prot opt in out source
destination
0 0 DROP udp -- * * 0.0....
2004 Aug 05
9
Not able to access website
...all -- * * 0.0.0.0/0
0.0.0.0/0
60 8508 dropInvalid all -- * * 0.0.0.0/0
0.0.0.0/0
60 8508 DropSMB all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 DropUPnP all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 dropNotSyn all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 DropDNSrep all -- * * 0.0.0.0/0
0.0.0.0/0
Chain DropDNSrep (2 references)
pkts bytes target prot opt in out source
destination
0 0 DROP udp -- * * 0.0.0.0/0
0...
2004 Aug 30
6
Shorewall upgrade messed up my firewall
...Rule "REJECT loc net:213.228.128.64 tcp 25" added.
Processing Actions...
Processing /usr/share/shorewall/action.Drop...
Rule "RejectAuth" added.
Rule "dropBcast" added.
Rule "DropSMB" added.
Rule "DropUPnP" added.
Rule "dropNotSyn" added.
Rule "DropDNSrep" added.
Processing /usr/share/shorewall/action.Reject...
Rule "RejectAuth" added.
Rule "dropBcast" added.
Rule "RejectSMB" added.
Rule "DropUPnP" added.
Rule "dropNotSyn" added.
Rul...
2004 Sep 13
5
Config problems
...10000" checked.
Validating Actions...
Processing /usr/share/shorewall/action.Drop...
Rule "RejectAuth" checked.
Rule "dropBcast" checked.
Rule "dropInvalid" checked.
Rule "DropSMB" checked.
Rule "DropUPnP" checked.
Rule "dropNotSyn" checked.
Rule "DropDNSrep" checked.
Processing /usr/share/shorewall/action.Reject...
Rule "RejectAuth" checked.
Rule "dropBcast" checked.
Rule "dropInvalid" checked.
Rule "RejectSMB" checked.
Rule "DropUPnP" checked...
2004 Aug 12
1
SMTP, IP, WHM news problems....
...ded.
Rule "ACCEPT net fw tcp 26" added.
Processing Actions...
Processing /usr/share/shorewall/action.Drop...
Rule "RejectAuth" added.
Rule "dropBcast" added.
Rule "dropInvalid" added.
Rule "DropSMB" added.
Rule "DropUPnP" added.
Rule "dropNotSyn" added.
Rule "DropDNSrep" added.
Processing /usr/share/shorewall/action.Reject...
Rule "RejectAuth" added.
Rule "dropBcast" added.
Rule "dropInvalid" added.
Rule "RejectSMB" added.
Rule "DropUPnP" added.
Rule "dropNotSyn" ad...
2004 Dec 28
5
Multiple IP´s in one Zone
Hi everybody
I have a Problem with Masquerading from my local net (loc) to my VPN (loc2).
I can reach every Service from loc2 in loc, but I can''t get reach any
service from loc in loc2.
Has somebody an Idea where my mistake is ?
Without shorewall, it was working.
Thanks for helping
Lars
Technical Information :
Shorewall 2.0.13
Suse 9.0
*177.177.77.X The first 3 Counts are changed
2007 Jul 29
12
Shorewall 4.0.0 + Kernel 2.6.21.5-grsec
...]
:tcpost - [0:0]
:tcpre - [0:0]
-A PREROUTING -j tcpre
-A FORWARD -j tcfor
-A OUTPUT -j tcout
-A POSTROUTING -j tcpost
COMMIT
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:Drop - [0:0]
:Reject - [0:0]
:all2all - [0:0]
:blacklst - [0:0]
:dropBcast - [0:0]
:dropInvalid - [0:0]
:dropNotSyn - [0:0]
:dynamic - [0:0]
:eth0_fwd - [0:0]
:eth0_in - [0:0]
:eth0_out - [0:0]
:fw2wan - [0:0]
:logdrop - [0:0]
:logflags - [0:0]
:logreject - [0:0]
:reject - [0:0]
:smurfs - [0:0]
:tcpflags - [0:0]
:wan2fw - [0:0]
-A INPUT -i eth0 -j eth0_in
-A INPUT -i lo -j ACCEPT
-A INPUT -j Drop
-A INPUT -j DRO...
2006 Jan 28
3
Shorewall/Xen setup (correct from-address this time)
...0.0.0.0/0 0.0.0.0/0
udp spt:137 dpts:1024:65535
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
multiport dports 135,139,445
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp dpt:1900
0 0 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
udp spt:53
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT...
2004 Nov 29
2
SFTP
...0.0.0.0/0
43 2140 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0
43 2140 DropSMB all -- * * 0.0.0.0/0 0.0.0.0/0
29 1464 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0
29 1464 dropNotSyn all -- * * 0.0.0.0/0 0.0.0.0/0
28 1424 DropDNSrep all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DropDNSrep (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP...
2004 Sep 24
10
hopeless - smb over bridged firewall
Dear List!
I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection
to the Internet (ppp0 - eth1 to the modem) and a bridge to the local
lan. The bridged config i''ve made with bridge.html from the shorewall
site. The Bridge is between local net and a openvpn tap device. This
works. I ccan make tunnels, and a can make a lot of things through the
firewall. I can get a list
2005 May 31
2
Local machine not through firewall
...81 4164 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0
81 4164 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 AllowICMPs icmp -- * * 0.0.0.0/0 0.0.0.0/0
81 4164 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0
81 4164 DropSMB all -- * * 0.0.0.0/0 0.0.0.0/0
81 4164 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0
81 4164 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0
79 4084 DropDNSrep all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DropDNSrep (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53
Chain DropSMB (1 references)
pkts bytes target prot opt in out source destinatio...
2004 Aug 27
3
Proxy Arp Ip Conflicts
...-- * * 0.0.0.0/0 0.0.0.0/0
60 3060 dropInvalid all -- * * 0.0.0.0/0
0.0.0.0/0
60 3060 DropSMB all -- * * 0.0.0.0/0 0.0.0.0/0
14 672 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0
14 672 dropNotSyn all -- * * 0.0.0.0/0 0.0.0.0/0
14 672 DropDNSrep all -- * * 0.0.0.0/0 0.0.0.0/0
Chain DropDNSrep (2 references)
pkts bytes target prot opt in out source
destination
0 0 DROP udp -- * * 0.0...
2004 Sep 22
2
IPSEc versus Multipath routing
...ll -- * * 0.0.0.0/0
0.0.0.0/0
189 26286 dropBcast all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 DropSMB all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 DropUPnP all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 dropNotSyn all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 DropDNSrep all -- * * 0.0.0.0/0
0.0.0.0/0
Chain DropDNSrep (2 references)
pkts bytes target prot opt in out source
destination
0 0 DROP udp -- * * 0.0.0.0/0...
2004 Dec 30
0
MultipleIP´s in one Zone
...all -- * * 0.0.0.0/0
0.0.0.0/0
321 18582 dropInvalid all -- * * 0.0.0.0/0
0.0.0.0/0
134 8110 DropSMB all -- * * 0.0.0.0/0
0.0.0.0/0
111 7008 DropUPnP all -- * * 0.0.0.0/0
0.0.0.0/0
111 7008 dropNotSyn all -- * * 0.0.0.0/0
0.0.0.0/0
102 6648 DropDNSrep all -- * * 0.0.0.0/0
0.0.0.0/0
Chain DropDNSrep (2 references)
pkts bytes target prot opt in out source
destination
0 0 DROP udp -- * * 0.0.0.0/0
0...