Displaying 20 results from an estimated 29 matches for "fw2loc".
2005 Apr 30
5
SPT vs. DPT Sanity Check (Samba rules)
Before wasting a lot of time going at this in the wrong list, I would like
to confirm whether my thinking is on or off base with respect to source
and destination ports.
Samba is being blocked by fw2loc even though I have accept rules
set up. I believe I can explain why, but I could be wrong.
I think that for some reason, samba is sourcing stuff on the commonly
used port 137, but trying to send it to a destination port that is not a
common port for the protocol.
Should samba not be sending to a...
2005 Jun 27
5
Bridging problem with Shorewall and OpenVpn
...ot browse the internet anymore from the local
network pc.
The strange thing is that the /var/log/messages file contains shorewall
output
telling me that it accepted the ping request from the firewall to the local
network pc even though I dont receive an answer back.
it says something like ACCEPT fw2loc out=br0 Phys out=eth1
source=192.168.3.12
dest=192.168.3.10 Proto=icmp which is correct.
I have IP Forwarding set to on.
setting Bridging=Yes or No in shorewall.conf makes no difference at all.
here''s my shorewall configuration:
Hosts
#ZONE HOST(S) OPTIONS
loc...
2003 Mar 23
12
Shorewall 1.4.1
This is a minor release of Shorewall.
WARNING: This release introduces incompatibilities with prior releases.
See http://www.shorewall.net/upgrade_issues.htm.
Changes are:
a) There is now a new NONE policy specifiable in
/etc/shorewall/policy. This policy will cause Shorewall to assume that
there will never be any traffic between the source and destination
zones.
b) Shorewall no longer
2003 Aug 31
4
linux-ha heartbeat .. failover firewall
I have searched your FAQ''s and read the documentation on your site as well
as googling. I am not able to figure this out. If you have any ideas can
you please help.
I am using the linux-ha failover with redundant firewalls.
As part of the function of the linux-ha software consists a service called
heartbeat which is a connection from each failover node through a serial
cable or ethernet.
2005 Feb 28
1
Mail server on DMZ
...in out source
destination
592 34399 ACCEPT all -- * lo 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
318K 30M fw2net all -- * eth1 0.0.0.0/0
0.0.0.0/0
373K 366M fw2loc all -- * eth0 0.0.0.0/0
0.0.0.0/0
7741 471K fw2dmz all -- * eth2 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:ACCEPT:''
0 0 ACCEPT a...
2005 Mar 07
10
DNS Name problem with mail server on LAN
...in out source
destination
592 34399 ACCEPT all -- * lo 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
318K 30M fw2net all -- * eth1 0.0.0.0/0
0.0.0.0/0
373K 366M fw2loc all -- * eth0 0.0.0.0/0
0.0.0.0/0
7741 471K fw2dmz all -- * eth2 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:ACCEPT:''
0 0 ACCEPT a...
2005 Jan 08
8
Shorewall problem, perhaps with PPPoE
...29 3189 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0
state INVALID
29 1896 fw2net all -- * ppp0 0.0.0.0/0 0.0.0.0/0
2 356 fw2loc all -- * eth1 0.0.0.0/0 0.0.0.0/0
75 8198 fw2loc all -- * eth2 0.0.0.0/0 0.0.0.0/0
2 340 common all -- * * 0.0.0.0/0 0.0.0.0/0
2 340 LOG all -- * * 0.0....
2005 Dec 08
3
trouble with shorewall on Mandriva 2006 (2nd)
...source
destination
6049 486K LOG all -- * eth0 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 7 prefix `BANDWIDTH_OUT:''
2738 156K ACCEPT all -- * lo 0.0.0.0/0
0.0.0.0/0
6049 486K fw2net all -- * eth0 0.0.0.0/0
0.0.0.0/0
0 0 fw2loc all -- * ath0 0.0.0.0/0
0.0.0.0/0
139K 195M fw2loc all -- * eth1 0.0.0.0/0
0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewal...
2004 Dec 28
5
Multiple IP´s in one Zone
Hi everybody
I have a Problem with Masquerading from my local net (loc) to my VPN (loc2).
I can reach every Service from loc2 in loc, but I can''t get reach any
service from loc in loc2.
Has somebody an Idea where my mistake is ?
Without shorewall, it was working.
Thanks for helping
Lars
Technical Information :
Shorewall 2.0.13
Suse 9.0
*177.177.77.X The first 3 Counts are changed
2003 Mar 25
7
DNAT not working after changing BIND to use views
...0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
2 205 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 fw2net all -- * eth0 0.0.0.0/0 0.0.0.0/0
1 40 fw2loc all -- * eth1 0.0.0.0/0 192.168.10.0/24
0 0 fw2loc all -- * ppp+ 0.0.0.0/0 192.168.10.0/24
0 0 fw2loc all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 common all -- * * 0.0.0.0...
2004 Nov 29
2
SFTP
...0 0 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
0 0 fw2net all -- * eth0 0.0.0.0/0 0.0.0.0/0
448 96464 fw2loc all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:...
2004 Sep 24
10
hopeless - smb over bridged firewall
Dear List!
I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection
to the Internet (ppp0 - eth1 to the modem) and a bridge to the local
lan. The bridged config i''ve made with bridge.html from the shorewall
site. The Bridge is between local net and a openvpn tap device. This
works. I ccan make tunnels, and a can make a lot of things through the
firewall. I can get a list
2003 Aug 26
1
ADSL router, two nics, web server not visible from internet
...0 DROP !icmp -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
0 0 ACCEPT udp -- * eth0 0.0.0.0/0 0.0.0.0/0 udp dpts:67:68
12 1366 fw2net all -- * eth0 0.0.0.0/0 0.0.0.0/0
0 0 fw2loc all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 common all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:...
2005 May 31
2
Local machine not through firewall
...all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
410 42869 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT udp -- * eth1 0.0.0.0/0 0.0.0.0/0 udp dpts:67:68
364 41726 fw2net all -- * ppp0 0.0.0.0/0 0.0.0.0/0
20 1740 fw2loc all -- * eth0 0.0.0.0/0 0.0.0.0/0
798 70693 fw2modem all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix
`Shorewall:OUTPUT:REJECT:''
0 0 reject all -- * * 0.0.0.0/0 0.0.0.0/0
Chain AllowICMPs (2 refer...
2004 Dec 30
0
MultipleIP´s in one Zone
...0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
36 11829 ACCEPT udp -- * eth0 0.0.0.0/0
0.0.0.0/0 udp dpts:67:68
112K 16M fw2net all -- * eth1 0.0.0.0/0
0.0.0.0/0
6019 4437K fw2loc all -- * eth0 0.0.0.0/0
0.0.0.0/0
12645 5282K fw2loc2 all -- * eth2 0.0.0.0/0
0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 reject all -- * * 0.0.0.0/0
0.0.0.0/0
Chain Dro...
2004 Dec 04
7
vpn-zone wide open
Hello!
I am using shorewall shorewall-2.0.11-1 on fedora core2
(iptables-1.2.9-95.7). My box has 2 physical nic´s plus one virt. ipsec
interface for a freeswan-vpn connection.
A few days ago, portsentry spit out a lot of connections from windows
clients (port 135, 445). Ooops.
I review my shorewall settings but could not find a mistake. So I took a
win-client and established a second
2004 Dec 29
18
No response on port 80 with Shorewall
...-- * lo 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp -- * * 0.0.0.0/0
0.0.0.0/0 state INVALID
0 0 ACCEPT udp -- * ppp0 0.0.0.0/0
0.0.0.0/0 udp dpts:67:68
533 51169 fw2net all -- * ppp0 0.0.0.0/0
0.0.0.0/0
1354 133K fw2loc all -- * eth0 0.0.0.0/0
0.0.0.0/0
0 0 Reject all -- * * 0.0.0.0/0
0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0
0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:OUTPUT:REJECT:''
0 0 reject all -- * *...
2005 Jan 09
19
Shorewall and CUPS printing interference
I''m having a problem with the Shorewall firewall and CUPS printing
interfering with each other. My Linux firewall machine is acting as both
a CUPS server and client for all of my tests.
Shorewall 2.0.13
CUPS 1.1.22-2
Linux kernel 2.6.9
CUPS was working fine to print to my Epson C84 (network connected via a
Netgear PS101 print server using lpd://PS101.IP.address/raw ) until I
2005 Dec 08
7
Two Subnets on routed to the other, Setup?
Hi there,
I''ve read Routing on One Interface, and Shorewall and Aliased
Interfaces docs but I''m a little confused, and all my test attempts
have mostly failed. Here is my setup:
CentOS 4.2
ShoreWall 3.0.2
My server has a subnet 192.168.50.0/29 routed to it via 192.168.1.2.
Currently 192.168.1.2 is setup on eth0. With no ShoreWall involved
routing seems to work if I just setup
2003 Apr 15
8
repost (passive FTP server in DMZ and shorewall 1.4.2)
I apologize for the first message. :)
---------------------------------------
I have an FTP server running in the DMZ section of my home network. It uses port 23000 for connection and ports 19990 to 19994 for data transfer.
I have setup the following rule for outside people to connect to it:
DNAT net dmz:192.168.2.2 tcp 23000
I''m at work right now and I can''t use