search for: eastep

Im new to shorewal but have read the docs includint the ping section of the FAQ but I cant seem to get the fw to respod to pings.... my policys are ... loc net ACCEPT info net fw ACCEPT info loc loc ACCEPT info fw net ACCEPT info net all DROP

This article describes how to implement "Port Knocking" in Shorewall. http://shorewall.net/PortKnocking.html -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key

Anex. Thanks Tom. 2010/5/12 Tom Eastep <teastep@shorewall.net> > On 5/12/10 2:47 PM, Orlandinei Vujanski wrote: > > Tom, all right? > > > > Until yesterday my shorewall was working perfectly, but today it stopped > > working. I already restarted the server, already changed the rules and > > did n...

Dear All I have added the following line to /etc/shorewall/rules: ACCEPT net fw tcp 4662 However, the program aMule continues to give me the following error: NG : Your 4662 port is not reachable. Any further ideas? Thanks in advance, Paul

I just setup the Shorewall in my school, but now all clients can''t through to internet, all servers can through to internet with NAT, when I disabled NAT that all servers can''t through to internet. Below is my school network: internet ---> shorewall ----> loc ---> ciso router ---> loc1 Below is my config files: policy: # If you want to force clients to

i have no idea how to definie for a parallel zone the host file if the second zone (net) should be the composition of the first zone (dmz). i tried all the following combinations in the interface and host files: interface: - eth0 - (variante 1) - eth0 192.168.0.255,255,255,255,255 (variante 2) - eth0 192.168.0.255,!192.168.0.255 (variante 3)

The patches may be found at: http://shorewall.net/pub/shorewall/contrib/IPSEC ftp://shorewall.net/pub/shorewall/contrib/IPSEC I found these patches on the netfilter-devel list and make no warranties as to how well they work (or not). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key

Hello, I reinstalled my Slackware 10.1 a few days ago, before i did that i stored all files in /etc/shorewall to an external HDD. After reinstallation was complete i installed shorewall and restored the config files i backed up before, but now if the FW is running i can´t ping the adsl modem and so i can´t connect to the internet using pptp. Note, it worked before with exactly the same

I''ve uploaded Beta 4. It corrects a bad bug involving exclusion in the hosts file. In addition, it contains the first release of a new Bridge/firewall implementation that uses the reduced-function physdev match found in kernel 3.6.20 and 3.6.21. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sp...

I''ve uploaded Beta 4. It corrects a bad bug involving exclusion in the hosts file. In addition, it contains the first release of a new Bridge/firewall implementation that uses the reduced-function physdev match found in kernel 3.6.20 and 3.6.21. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- This SF.net email is sp...

...w work within embedded Shell and Perl scripts. 5) The ''shorewall6 dump'' command now reads the Shorewall version file from the correct directory when $SHAREDIR != /usr/share/. 6) An extraneous character was removed from ifupdown.sh. Thank you for testing. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ --------------------------------------------...

...w work within embedded Shell and Perl scripts. 5) The ''shorewall6 dump'' command now reads the Shorewall version file from the correct directory when $SHAREDIR != /usr/share/. 6) An extraneous character was removed from ifupdown.sh. Thank you for testing. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ --------------------------------------------...

I just installed Fedora Core 3 uname -r 2.6.9-1.667 I got the latest shorewall''s rpm: http://www.shorewall.net/pub/shorewall/2.2/shorewall-2.2.0/shorewall-2.2.0-1 .noarch.rpm Made my changes Attempted to run shorewall and got: [root@demo shorewall]# shorewall start ERROR: Can''t find iptables executable I haven''t seen this before. I tried to go through all the

I don''t know whether this is the right place to ask, but kindly point me to an FM that I can R if it isn''t. My wife is creating lots of Kazaa traffic, and I am using rsync to create a full mirror of Red Hat''s FTP site, Aurora Linux FTP site, the LDP site, and some other stuff. Clearly, when one is moving well over 100GB over a 128 Kbps link, this is going to take a

Having moved from a "cascading LANs" configuration to two independent LANs on eth0 and eth1, I still get some "state INVALID" for which I am not sure what the cause is. Can somebody help me understand its probable origin? Thanks, Costantino [see attachment]

Beta 3 is now available for testing. Corrections in this release: 1) Corrections included in Shorewall 4.4.21.1. 2) Several problems reported by Steven Springl. The rest is largely cleanup of the new rule infrastructure. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ -----------------------------------------...

Beta 3 is now available for testing. Corrections in this release: 1) Corrections included in Shorewall 4.4.21.1. 2) Several problems reported by Steven Springl. The rest is largely cleanup of the new rule infrastructure. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ -----------------------------------------...

...he bogons file has been updated. 3) Service names are replaced by port numbers in /etc/shorewall/tos. 4) A typo in the install.sh file that caused an error during a new install has been corrected. New Features in 2.0.11 1) The AllowNNTP action now allows NNTP over SSL/TLS (NTTPS). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key

Hello, I have been using shorewall for a long time now. I find it a great piece of software and I am looking forward to the IPv6 version that Tom is planning to start working on. I do however have a problem now that I do not seem to be able to solve. On my firewall system I have a Fedora Core 2 installation with Shorewall (2.0.13) running fine with kernel 2.6.6-1.435.2.3. When I however use a new

Hi, I''ve set up a bridge which connects two parts of the same subnet with each other. I''ve set up everything as described in the Documentation and it works very nicely. However: I have a problem with adding hosts to zones dynamically. The zone I want to add hosts to is called ''work''. Since only the bridge br0 is defined in /etc/shorewall/interfaces