Displaying 20 results from an estimated 20 matches for "eth2_in".
Did you mean:
eth0_in
2008 Jan 10
5
Want to log all ISP traffic to ULOG
I want to use fprobe-ulog (http://fprobe.sourceforge.net/) to generate
NetFlow information about traffic going through my router. The question
is how to get the logging rules added to the appropriate chains (I''m
assuming eth2_in and eth2_out in my case)? I''m using the perl version
of shorewall 4.0.6.
--
Orion Poplawski
Technical Manager 303-415-9701 x222
NWRA/CoRA Division FAX: 303-415-9702
3380 Mitchell Lane orion@cora.nwra.com
Boulder, CO 80301...
2003 Aug 31
4
linux-ha heartbeat .. failover firewall
I have searched your FAQ''s and read the documentation on your site as well
as googling. I am not able to figure this out. If you have any ideas can
you please help.
I am using the linux-ha failover with redundant firewalls.
As part of the function of the linux-ha software consists a service called
heartbeat which is a connection from each failover node through a serial
cable or ethernet.
2005 Feb 15
1
Shorewall reporting with rrdtool and human readeable iptables output problem.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi everybody,
this is my first post here, i''ve just syubscribed and i woud like to
ask a question.
i''m running shorewall latest version with mrtg and rrdtool, with the
perl shorewall-stats.pl for reporting.
the problem is that the pearl gets the stats by the shorewall show
command and it''s human readeable bytes form, so
2005 Feb 28
1
Mail server on DMZ
...* 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
299K 333M eth1_in all -- eth1 * 0.0.0.0/0
0.0.0.0/0
490K 69M eth0_in all -- eth0 * 0.0.0.0/0
0.0.0.0/0
12739 5222K eth2_in all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Drop all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:DROP:''
0 0 DROP all...
2004 Aug 05
9
Not able to access website
...* 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
65 8740 eth0_in all -- eth0 * 0.0.0.0/0
0.0.0.0/0
1747 1175K eth1_in all -- eth1 * 0.0.0.0/0
0.0.0.0/0
0 0 eth2_in all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:''
0 0 reject all...
2005 Mar 07
10
DNS Name problem with mail server on LAN
...* 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
299K 333M eth1_in all -- eth1 * 0.0.0.0/0
0.0.0.0/0
490K 69M eth0_in all -- eth0 * 0.0.0.0/0
0.0.0.0/0
12739 5222K eth2_in all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Drop all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:DROP:''
0 0 DROP all...
2004 Dec 28
5
Multiple IP´s in one Zone
Hi everybody
I have a Problem with Masquerading from my local net (loc) to my VPN (loc2).
I can reach every Service from loc2 in loc, but I can''t get reach any
service from loc in loc2.
Has somebody an Idea where my mistake is ?
Without shorewall, it was working.
Thanks for helping
Lars
Technical Information :
Shorewall 2.0.13
Suse 9.0
*177.177.77.X The first 3 Counts are changed
2005 Jan 08
8
Shorewall problem, perhaps with PPPoE
...0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID
27 1831 ppp0_in all -- ppp0 * 0.0.0.0/0 0.0.0.0/0
1 236 eth1_in all -- eth1 * 0.0.0.0/0 0.0.0.0/0
137 10528 eth2_in all -- eth2 * 0.0.0.0/0 0.0.0.0/0
0 0 common all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:&...
2004 Aug 27
3
Proxy Arp Ip Conflicts
...0.0.0/0 0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID
988 75519 eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0/0
4 968 eth1_in all -- eth1 * 0.0.0.0/0 0.0.0.0/0
235 21620 eth2_in all -- eth2 * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:''
0 0...
2004 Sep 22
2
IPSEc versus Multipath routing
...* 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
160 14446 eth0_in all -- eth0 * 0.0.0.0/0
0.0.0.0/0
0 0 eth1_in all -- eth1 * 0.0.0.0/0
0.0.0.0/0
189 26286 eth2_in all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 eth3_in all -- eth3 * 0.0.0.0/0
0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flag...
2004 Dec 30
0
MultipleIP´s in one Zone
...* 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
103K 25M eth1_in all -- eth1 * 0.0.0.0/0
0.0.0.0/0
5449 631K eth0_in all -- eth0 * 0.0.0.0/0
0.0.0.0/0
10372 1277K eth2_in all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in o...
2003 Apr 15
8
repost (passive FTP server in DMZ and shorewall 1.4.2)
I apologize for the first message. :)
---------------------------------------
I have an FTP server running in the DMZ section of my home network. It uses port 23000 for connection and ports 19990 to 19994 for data transfer.
I have setup the following rule for outside people to connect to it:
DNAT net dmz:192.168.2.2 tcp 23000
I''m at work right now and I can''t use
2009 Dec 16
3
Dual-homing BGP gate problem
Hi Tom,
After two weeks of nightmares I decided ask You (and anyone reading this mail).
Context is as follows:
I try to update system on my central router from kernel 2.6.29.6 and Shorewall
4.2.6 (old) to kernel 2.6.31.6 and Shorewall 4.4.4.2 (new).
This is LiveCD image boot (Devil-Linux distribution compiled by me), so config
is this same.
I have established ten OpenVPN tunnels and two
2005 May 29
17
Plans for 2.4.0
Hi folks,
Has anyone tested the changes to multiple ISPs/load balancing or
routestopped in 2.4.0-RC1 yet? We need to talk about what criteria we
will use for determining whether 2.4.0 is ready for release.
I''ve started configuring a firewall at work with the multiple ISPs
support, but its kernel doesn''t have connection marking support, so it''s
going to be a couple of
2004 Sep 21
1
squid on DMZ using proxyarp
.../0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
239 57749 eth0_in all -- eth0 * 0.0.0.0/0
0.0.0.0/0
69020 5750K eth1_in all -- eth1 * 0.0.0.0/0
0.0.0.0/0
121 19329 eth2_in all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain FORWARD (policy DROP 8 packets, 924 bytes)
pkts bytes target prot o...
2003 Mar 28
9
Squid
...destination
32 2688 ACCEPT ah -- lo * 0.0.0.0/0
0.0.0.0/0
22 3068 eth0_in ah -- eth0 * 0.0.0.0/0
0.0.0.0/0
105 8004 eth1_in ah -- eth1 * 0.0.0.0/0
0.0.0.0/0
1 230 eth2_in ah -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 eth3_in ah -- eth3 * 0.0.0.0/0
0.0.0.0/0
0 0 common ah -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG ah -- * * 0.0.0.0/...
2005 Jan 11
2
dnat problem
...0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
42 3730 eth0_in all -- eth0 * 0.0.0.0/0
0.0.0.0/0
533 142K br0_in all -- br0 * 0.0.0.0/0
0.0.0.0/0
0 0 eth2_in all -- eth2 * 0.0.0.0/0
0.0.0.0/0
0 0 Drop all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:DROP:...
2005 Jan 11
1
Squid and DMZ (ProxyARP)
...0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
0 0 eth0_in all -- eth0 * 0.0.0.0/0 0.0.0.0/0
24 1920 eth1_in all -- eth1 * 0.0.0.0/0 0.0.0.0/0
0 0 eth2_in all -- eth2 * 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:INPUT:REJECT:'...
2004 Nov 25
6
Logfile entry query
Hi,
I get frequent logfile entries from Shorewall similar to the following:
Nov 25 11:22:51 10.0.0.248 kernel: Shorewall:net2mill:DROP:IN=eth2
OUT=eth0 SRC=202.96.117.50 DST=10.0.0.10 LEN=56 TOS=0x00 PREC=0x00
TTL=241 ID=0 PROTO=ICMP TYPE=11 CODE=0 [SRC=10.0.0.10
DST=202.101.167.133 LEN=48 TOS=0x00 PREC=0x00 TTL=1
ID=13591 DF PROTO=TCP INCOMPLETE [8 bytes] ]
Could someone explain what the
2005 May 31
11
More Tests for 2.4.0-RC2 - strange behaviour
...39;' -n Yes '']''
+ ''['' -f /tmp/shorewall.nm8830/iprange '']''
+ /sbin/iptables -A eth2_fwd -m state --state NEW,INVALID -j dynamic
++ input_chain eth2
+++ chain_base eth2
+++ local c=eth2
+++ true
+++ case $c in
+++ echo eth2
+++ return
++ echo eth2_in
+ createchain eth2_in no
++ chain_base eth2_in
++ local c=eth2_in
++ true
++ case $c in
++ echo eth2_in
++ return
+ local c=eth2_in
+ run_iptables -N eth2_in
+ ''['' -n '''' '']''
+ ''['' -n Yes '']''
+ ''['...