Displaying 20 results from an estimated 20 matches for "eth2_fwd".
Did you mean:
eth0_fwd
2008 Dec 25
2
Problems with exclusion in host definition - shorewall 4.2.3 latest
...----------------------------------------------------
Setting up TCP Flags checking...
iptables v1.3.8: host/network `169.254.0.0/16!169.254.1.0'' not found
Try `iptables -h'' or ''iptables --help'' for more information.
ERROR: Command "/usr/sbin/iptables -A eth2_fwd -p tcp -s
169.254.0.0/16!169.254.1.0/24 -j tcpflags" Failed
Processing /etc/shorewall/stop ...
IP Forwarding Enabled
Processing /etc/shorewall/stopped ...
/sbin/shorewall: line 742: 9333 Terminated
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
-------------------------------------...
2003 Jan 13
5
Using private & public addresses together i n the Shorewall''s DMZ zone
To rephrase the question, "Can I use masquerading and proxy ARP in the same
zone simultaneously?" It''s not a stupid question--I couldn''t see any reason
why it wouldn''t work, but I had actually try it out to convince myself that
it did (which isn''t a bad thing to do before posting the question to the
list, by the way). In any case, the answer is
2005 Feb 28
1
Mail server on DMZ
...in out source
destination
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
302K 170M eth1_fwd all -- eth1 * 0.0.0.0/0
0.0.0.0/0
1095K 409M eth0_fwd all -- eth0 * 0.0.0.0/0
0.0.0.0/0
752K 360M eth2_fwd all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Drop all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:DROP:''
0 0 DROP all...
2004 Aug 05
9
Not able to access website
...in out source
destination
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
34 15323 eth0_fwd all -- eth0 * 0.0.0.0/0
0.0.0.0/0
56 13757 eth1_fwd all -- eth1 * 0.0.0.0/0
0.0.0.0/0
0 0 eth2_fwd all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix
`Shorewall:FORWARD:REJECT:''
0 0 reject al...
2005 Mar 07
10
DNS Name problem with mail server on LAN
...in out source
destination
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
302K 170M eth1_fwd all -- eth1 * 0.0.0.0/0
0.0.0.0/0
1095K 409M eth0_fwd all -- eth0 * 0.0.0.0/0
0.0.0.0/0
752K 360M eth2_fwd all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Drop all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:DROP:''
0 0 DROP all...
2004 Dec 28
5
Multiple IP´s in one Zone
Hi everybody
I have a Problem with Masquerading from my local net (loc) to my VPN (loc2).
I can reach every Service from loc2 in loc, but I can''t get reach any
service from loc in loc2.
Has somebody an Idea where my mistake is ?
Without shorewall, it was working.
Thanks for helping
Lars
Technical Information :
Shorewall 2.0.13
Suse 9.0
*177.177.77.X The first 3 Counts are changed
2005 Jan 08
8
Shorewall problem, perhaps with PPPoE
...tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp flags:0x06/0x02 TCPMSS clamp to PMTU
26 1688 ppp0_fwd all -- ppp0 * 0.0.0.0/0 0.0.0.0/0
4 170 eth1_fwd all -- eth1 * 0.0.0.0/0 0.0.0.0/0
24 1592 eth2_fwd all -- eth2 * 0.0.0.0/0 0.0.0.0/0
0 0 common all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:...
2004 Aug 27
3
Proxy Arp Ip Conflicts
...e
destination
0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID
42 2332 eth0_fwd all -- eth0 * 0.0.0.0/0 0.0.0.0/0
21 1384 eth1_fwd all -- eth1 * 0.0.0.0/0 0.0.0.0/0
6 384 eth2_fwd all -- eth2 * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:''
0 0...
2004 Sep 22
2
IPSEc versus Multipath routing
...* 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
29 1555 eth0_fwd all -- eth0 * 0.0.0.0/0
0.0.0.0/0
0 0 eth1_fwd all -- eth1 * 0.0.0.0/0
0.0.0.0/0
29 1405 eth2_fwd all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 eth3_fwd all -- eth3 * 0.0.0.0/0
0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags...
2004 Dec 30
0
MultipleIP´s in one Zone
...in out source
destination
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
99 4761 eth1_fwd all -- eth1 * 0.0.0.0/0
0.0.0.0/0
736 155K eth0_fwd all -- eth0 * 0.0.0.0/0
0.0.0.0/0
579 68667 eth2_fwd all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain OUTPUT (policy DROP 1 packets, 60 bytes)
pkts bytes target prot opt in ou...
2003 Aug 31
4
linux-ha heartbeat .. failover firewall
I have searched your FAQ''s and read the documentation on your site as well
as googling. I am not able to figure this out. If you have any ideas can
you please help.
I am using the linux-ha failover with redundant firewalls.
As part of the function of the linux-ha software consists a service called
heartbeat which is a connection from each failover node through a serial
cable or ethernet.
2003 Apr 15
8
repost (passive FTP server in DMZ and shorewall 1.4.2)
I apologize for the first message. :)
---------------------------------------
I have an FTP server running in the DMZ section of my home network. It uses port 23000 for connection and ports 19990 to 19994 for data transfer.
I have setup the following rule for outside people to connect to it:
DNAT net dmz:192.168.2.2 tcp 23000
I''m at work right now and I can''t use
2005 May 29
17
Plans for 2.4.0
Hi folks,
Has anyone tested the changes to multiple ISPs/load balancing or
routestopped in 2.4.0-RC1 yet? We need to talk about what criteria we
will use for determining whether 2.4.0 is ready for release.
I''ve started configuring a firewall at work with the multiple ISPs
support, but its kernel doesn''t have connection marking support, so it''s
going to be a couple of
2004 Sep 21
1
squid on DMZ using proxyarp
...destination
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
43951 9522K eth0_fwd all -- eth0 * 0.0.0.0/0
0.0.0.0/0
42821 2267K eth1_fwd all -- eth1 * 0.0.0.0/0
0.0.0.0/0
3636 787K eth2_fwd all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt i...
2003 Mar 28
9
Squid
...OP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
413 61925 eth0_fwd ah -- eth0 * 0.0.0.0/0
0.0.0.0/0
237 12324 eth1_fwd ah -- eth1 * 0.0.0.0/0
0.0.0.0/0
176 16908 eth2_fwd ah -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 eth3_fwd ah -- eth3 * 0.0.0.0/0
0.0.0.0/0
0 0 common ah -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG ah -- * * 0.0.0.0/0...
2005 Jan 11
2
dnat problem
...0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
17 1080 eth0_fwd all -- eth0 * 0.0.0.0/0
0.0.0.0/0
38 2916 br0_fwd all -- br0 * 0.0.0.0/0
0.0.0.0/0
2 96 eth2_fwd all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Drop all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:DROP:...
2005 Jan 11
1
Squid and DMZ (ProxyARP)
...S tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
55 9423 eth0_fwd all -- eth0 * 0.0.0.0/0 0.0.0.0/0
109 8764 eth1_fwd all -- eth1 * 0.0.0.0/0 0.0.0.0/0
168 52365 eth2_fwd all -- eth2 * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:FORWARD:REJECT:'...
2004 Nov 25
6
Logfile entry query
Hi,
I get frequent logfile entries from Shorewall similar to the following:
Nov 25 11:22:51 10.0.0.248 kernel: Shorewall:net2mill:DROP:IN=eth2
OUT=eth0 SRC=202.96.117.50 DST=10.0.0.10 LEN=56 TOS=0x00 PREC=0x00
TTL=241 ID=0 PROTO=ICMP TYPE=11 CODE=0 [SRC=10.0.0.10
DST=202.101.167.133 LEN=48 TOS=0x00 PREC=0x00 TTL=1
ID=13591 DF PROTO=TCP INCOMPLETE [8 bytes] ]
Could someone explain what the
2005 May 31
11
More Tests for 2.4.0-RC2 - strange behaviour
...' -f /tmp/shorewall.nm8830/iprange '']''
+ /sbin/iptables -A eth0_in -m state --state NEW,INVALID -j dynamic
+ for interface in ''$ALL_INTERFACES''
++ forward_chain eth2
+++ chain_base eth2
+++ local c=eth2
+++ true
+++ case $c in
+++ echo eth2
+++ return
++ echo eth2_fwd
+ createchain eth2_fwd no
++ chain_base eth2_fwd
++ local c=eth2_fwd
++ true
++ case $c in
++ echo eth2_fwd
++ return
+ local c=eth2_fwd
+ run_iptables -N eth2_fwd
+ ''['' -n '''' '']''
+ ''['' -n Yes '']''
+ ''...
2005 Sep 29
20
maclist problem on a firewall/bridge/router system with masquerading
Hy,
sorry for my poor english
i think i''m having a very unusual problem and very dificult to track,
but i''ll try to explain it as best as i can.
here is my scenario:
a firewall/bridge composed of 3 ethernet devices and 1 virtual one.
my bridge (br0 ) is composed of eth0, eth1 and tap0
br0:eth0 is my connection to my router (200.244.92.1)
br0:eth1 is my connection to my