Displaying 20 results from an estimated 40 matches for "eth0_in".
Did you mean:
eth0_ip
2004 Dec 25
5
Thick head still having problems with subnets (?)
...a
host 192.168.174.242 as a trusted host. Now if I ping from 242 to my fw
it works just fine (also tweaked the norfc1918 file).
Thing I do not understand is why if I try pinging or FTPing from FW to
242 I hit the all2all reject rule !
I tried reading the rules and from the INPUT chain I see a eth0_in chain
which in turn refers to the home2fw chain accepting all protocols with
source 242 ...
What am I doing wrong ?
No hurry for the reply ... please rest a little, it''s Xmas :)
Bob
PS Here are segments of the shorewall show command output
Chain INPUT (policy DROP 0 packets, 0 bytes...
2002 Sep 12
2
reset /proc/net/dev
HI List,
How do i reset the values in /proc/net/dev ?
This file holds values for count of each (packet && byte),
(sent && received) through all interfaces.
I''m using a monitor which reads values from this
file and prints out some nicely formatted output.
But i need to reset the values. ie. set then to zero.
Restarting the network does not do what i want.
I guess a reboot
2005 Jan 03
1
vpn2fw before nordc1918 in ???_in
...bed to the list, so if you could CC me on replies, it
would be appreciated.
Hi there. I am running 2.0.8 on a linux 2.6 kernel with ipsec (i.e. no
ipsec<n> interfaces).
Since ipsec traffic comes in on the same interface as "net" traffic, I
have been looking at the rules for "eth0_in" on my ipsec
gateway/firewall. I see that "norfc1918" is before "vpn2fw". Since it
is common to route rfc1918 addresses over vpn tunnels, would it not make
more sense to reverse the order of those two rules? That would
eliminate the need to alter the rfc1918 rules file....
2005 May 25
9
Newbie going through a probably stupid thing
...rs reset Wed May 25 18:04:14 CEST 2005
>
> Chain INPUT (policy DROP 0 packets, 0 bytes)
> pkts bytes target prot opt in out source destination
> 1748 279K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
> 251 168K eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0/0
> 0 0 ppp0_in all -- ppp0 * 0.0.0.0/0 0.0.0.0/0
> 0 0 ath0_in all -- ath0 * 0.0.0.0/0 0.0.0.0/0
> 0 0 Reject all -- *...
2004 Oct 25
4
enquiry on shorewall functions
hi all,
shorewall claim that support stateful connection. But I read the
document, I can''t found any configuration on it like in iptables e.g.
-m -state NEW, ESTABLISHED
something like like.
Is shorewall by default is staeful connection for any connectione.g. web, http
2007 Jul 29
12
Shorewall 4.0.0 + Kernel 2.6.21.5-grsec
...e
-A FORWARD -j tcfor
-A OUTPUT -j tcout
-A POSTROUTING -j tcpost
COMMIT
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
:Drop - [0:0]
:Reject - [0:0]
:all2all - [0:0]
:blacklst - [0:0]
:dropBcast - [0:0]
:dropInvalid - [0:0]
:dropNotSyn - [0:0]
:dynamic - [0:0]
:eth0_fwd - [0:0]
:eth0_in - [0:0]
:eth0_out - [0:0]
:fw2wan - [0:0]
:logdrop - [0:0]
:logflags - [0:0]
:logreject - [0:0]
:reject - [0:0]
:smurfs - [0:0]
:tcpflags - [0:0]
:wan2fw - [0:0]
-A INPUT -i eth0 -j eth0_in
-A INPUT -i lo -j ACCEPT
-A INPUT -j Drop
-A INPUT -j DROP
-A FORWARD -i eth0 -j eth0_fwd
-A FORWARD -j Drop...
2005 Feb 08
15
Few questions
Hi,
I have a few problems with my shorewall configuration.
First of all, the option maclist seems no to be recognized.
I have this:
ghostwheel /etc/shorewall # cat interfaces | grep -v ''^#''
- eth1 detect dhcp,tcpflags,routefilter
loc eth0 detect tcpflags,maclist
When I look at shorewall-init.log, I found out:
2005 Feb 15
1
Shorewall reporting with rrdtool and human readeable iptables output problem.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi everybody,
this is my first post here, i''ve just syubscribed and i woud like to
ask a question.
i''m running shorewall latest version with mrtg and rrdtool, with the
perl shorewall-stats.pl for reporting.
the problem is that the pearl gets the stats by the shorewall show
command and it''s human readeable bytes form, so
2003 Aug 31
4
linux-ha heartbeat .. failover firewall
I have searched your FAQ''s and read the documentation on your site as well
as googling. I am not able to figure this out. If you have any ideas can
you please help.
I am using the linux-ha failover with redundant firewalls.
As part of the function of the linux-ha software consists a service called
heartbeat which is a connection from each failover node through a serial
cable or ethernet.
2003 Feb 25
0
Shorewall Setup.
...5 21:39:23 AST 2003
Counters reset Tue Feb 25 21:31:04 AST 2003
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
79 12869 eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0/0
5 1015 eth1_in all -- eth1 * 0.0.0.0/0 0.0.0.0/0
7 361 tunl_in all -- tunl+ * 0.0.0.0/0 0.0.0.0/0
0 0 common all -- * * 0.0.0.0/...
2003 Feb 27
3
Unknown commments in shorewall status.
...7 19:10:53 AST 2003
Counters reset Wed Feb 26 20:50:34 AST 2003
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
310 15500 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
16820 7400K eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0/0
332 45305 eth1_in all -- eth1 * 0.0.0.0/0 0.0.0.0/0
3726 828K tunl_in all -- tunl+ * 0.0.0.0/0 0.0.0.0/0
0 0 common all -- * * 0.0.0.0/...
2005 Feb 28
1
Mail server on DMZ
...in out source
destination
592 34399 ACCEPT all -- lo * 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
299K 333M eth1_in all -- eth1 * 0.0.0.0/0
0.0.0.0/0
490K 69M eth0_in all -- eth0 * 0.0.0.0/0
0.0.0.0/0
12739 5222K eth2_in all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Drop all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0...
2004 Aug 05
9
Not able to access website
...in INPUT (policy DROP 4 packets, 1208 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- lo * 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
65 8740 eth0_in all -- eth0 * 0.0.0.0/0
0.0.0.0/0
1747 1175K eth1_in all -- eth1 * 0.0.0.0/0
0.0.0.0/0
0 0 eth2_in all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0...
2005 Mar 07
10
DNS Name problem with mail server on LAN
...in out source
destination
592 34399 ACCEPT all -- lo * 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
299K 333M eth1_in all -- eth1 * 0.0.0.0/0
0.0.0.0/0
490K 69M eth0_in all -- eth0 * 0.0.0.0/0
0.0.0.0/0
12739 5222K eth2_in all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Drop all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0...
2003 Feb 22
4
Shorewall with ProxyARP
...3 12:09:07 IST 2003
Counters reset Sun Feb 23 12:04:33 IST 2003
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0/0
11 1181 eth1_in all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 common all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/...
2004 Dec 28
5
Multiple IP´s in one Zone
Hi everybody
I have a Problem with Masquerading from my local net (loc) to my VPN (loc2).
I can reach every Service from loc2 in loc, but I can''t get reach any
service from loc in loc2.
Has somebody an Idea where my mistake is ?
Without shorewall, it was working.
Thanks for helping
Lars
Technical Information :
Shorewall 2.0.13
Suse 9.0
*177.177.77.X The first 3 Counts are changed
2006 Jan 28
3
Shorewall/Xen setup (correct from-address this time)
...pt:53
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 xenbr0_in all -- xenbr0 * 0.0.0.0/0 0.0.0.0/0
0 0 eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0/0
97 6100 eth1_in all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in...
2004 Nov 29
2
SFTP
...0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
63 8700 eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0/0
602 38984 eth1_in all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/...
2003 Aug 26
1
ADSL router, two nics, web server not visible from internet
...0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
6 312 eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0/0
0 0 eth1_in all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 common all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/...
2005 Feb 01
4
Shorewall problem
I am getting the following message when Shorewall stops can anybody shed
any light on this message and where I should be looking? Thanks
root@bobshost:~# shorewall stop
Loading /usr/share/shorewall/functions...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Stopping Shorewall...Processing /etc/shorewall/stop ...
IP Forwarding Enabled