Displaying 12 results from an estimated 12 matches for "eth1_masq".
Did you mean:
eth0_masq
2004 Nov 20
5
Differences in masq from 1.4 -> 2.0?
In the panic of replacing our firewall(s) earlier in the week, we ended up
moving our original shorewall 1.4 config onto a machine with 2.0.10
already installed, overwriting all the 2.0.10 config files.
Most things seem to work fine, except for our masq entries. I''ve examined
the default 2.0.10 files compared with our 1.4 files, and can''t spot the
problem. What am I missing?
2004 Nov 30
5
Problem with 2.4.28 kernel config
I just recompiled a plain vanilla 2.4.28 kernel, and used the Shorewall.net
kernel config as a guideline. For some reason, I get this:
Nov 30 12:05:34 fw shorewall: Shorewall has detected the following
iptables/netfilter capabilities:
Nov 30 12:05:34 fw shorewall: NAT: Available
Nov 30 12:05:34 fw shorewall: Packet Mangling: Available
Nov 30 12:05:34 fw shorewall: Multi-port Match:
2004 Sep 23
0
two internet connections don''t appear to be masqing
...CEPT)
target prot opt source destination
net_dnat all -- 0.0.0.0/0 0.0.0.0/0
net_dnat all -- 0.0.0.0/0 0.0.0.0/0
loc_dnat all -- 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
eth1_masq all -- 0.0.0.0/0 0.0.0.0/0
eth2_masq all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain eth1_masq (1 references)
target prot opt source destination
MASQUERADE all -- 192.168.0.0/24...
2004 Nov 25
12
simple dual Internet connection setup not sending return packets on correct interface
...c 24.235.240.15
ip rule add from 66.11.173.224 table 11
ip rule add from 24.235.240.15 table 12
My iptables "nat" setup looks like this:
Chain POSTROUTING (policy ACCEPT 364 packets, 26735 bytes)
pkts bytes target prot opt in out source destination
258 19801 eth1_masq all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 ppp0_masq all -- * ppp0 0.0.0.0/0 0.0.0.0/0
Chain eth1_masq (1 references)
pkts bytes target prot opt in out source destination
252 19021 SNAT all -- * * 10.75....
2003 Mar 23
12
Shorewall 1.4.1
This is a minor release of Shorewall.
WARNING: This release introduces incompatibilities with prior releases.
See http://www.shorewall.net/upgrade_issues.htm.
Changes are:
a) There is now a new NONE policy specifiable in
/etc/shorewall/policy. This policy will cause Shorewall to assume that
there will never be any traffic between the source and destination
zones.
b) Shorewall no longer
2007 Feb 09
26
transient "martian source ..." errors
Hi All,
As you probably all know :-) I''m trying to do the multi-isp thing. I''ve
resolved my last issue with the route_rules as suggested by Tom and
Jerry suggested.
Lately I have been seeing "transient" (I say transient because the
problem will persist for a while and then magically clear itself up some
number of minutes later) situations where my gateway will log:
2005 Jul 28
3
Routing for multiple uplinks/providers problem.
...ACCEPT)
target prot opt source destination
net_dnat all -- anywhere anywhere
net_dnat all -- anywhere anywhere
loc_dnat all -- anywhere anywhere
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
eth1_masq all -- anywhere anywhere
eth2_masq all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain eth1_masq (1 references)
target prot opt source destination
masq2 all -- 192.168.2.0/24...
2007 Jun 09
20
Shorewall 4.0.0 Beta 4
I''ve uploaded Beta 4. It corrects a bad bug involving exclusion in the
hosts file. In addition, it contains the first release of a new
Bridge/firewall implementation that uses the reduced-function physdev
match found in kernel 3.6.20 and 3.6.21.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \
2007 Jun 09
20
Shorewall 4.0.0 Beta 4
I''ve uploaded Beta 4. It corrects a bad bug involving exclusion in the
hosts file. In addition, it contains the first release of a new
Bridge/firewall implementation that uses the reduced-function physdev
match found in kernel 3.6.20 and 3.6.21.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \
2006 Jan 17
12
Multiple ISPs: How to force $FW traffic to a specific ISP (reprise)
...source
> destination
> 1 60 MARK tcp -- * * 0.0.0.0/0 !
> 192.168.0.0/16 tcp dpt:22 MARK set 0x5
> 7 420 MARK tcp -- * * 0.0.0.0/0 !
> 192.168.0.0/16 tcp dpt:25 MARK set 0x5
>
> Chain eth1_masq (1 references)
> pkts bytes target prot opt in out source
> destination
> 7 420 SNAT all -- * * 192.168.0.2
> 0.0.0.0/0 to:80.18.151.125
> 10 677 SNAT all -- * * 0.0.0.0/0
> 0.0.0.0/0 to:80...
2005 May 31
2
Local machine not through firewall
...ROTO=TCP SPT=1062 DPT=4662
WINDOW=65535 RES=0x00 SYN URGP=0
NAT Table
Chain PREROUTING (policy ACCEPT 321 packets, 17177 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 151 packets, 9048 bytes)
pkts bytes target prot opt in out source destination
1 60 eth1_masq all -- * eth1 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 145 packets, 9162 bytes)
pkts bytes target prot opt in out source destination
Chain eth1_masq (1 references)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * * 192.168.1.0/24 0.0.0.0/0
Mangle Table
Chain P...
2004 Dec 30
0
MultipleIPĀ“s in one Zone
...GP=0
NAT Table
Chain PREROUTING (policy ACCEPT 2221K packets, 115M bytes)
pkts bytes target prot opt in out source
destination
Chain POSTROUTING (policy ACCEPT 2530K packets, 117M bytes)
pkts bytes target prot opt in out source
destination
7200 433K eth1_masq all -- * eth1 0.0.0.0/0
0.0.0.0/0
Chain OUTPUT (policy ACCEPT 630K packets, 51M bytes)
pkts bytes target prot opt in out source
destination
Chain eth1_masq (1 references)
pkts bytes target prot opt in out source
destination
9...