Displaying 17 results from an estimated 17 matches for "icmp_echo_ignore_all".
2003 Jan 15
3
Mandrake 9.0 won''t ping ...
When installing Mandrake 9.0 with the higher security option you cannot
ping any of it interfaces, localhost (127.0.0.1) included.
All other connections to the system are fine, e.g. ssh, www, squid, etc.
"shorewall clear" doesn''t help.
Does anyone know how to turn this off for at least localhost and eth1??
Yours truly,
Ben
2004 Nov 26
6
Help! AllowPing not working
Sorry for the frantic nature of this message, but we need to allow pings on
our firewall so our ISP can test things. I''ve done this, and it still doesn''t
work: (I am now at v.2.0.10)
rules:
AllowPing net fw
AllowPing sls fw
show indicates some matches, so where are they?
Chain AllowPing (4 references)
pkts bytes target prot opt in out source
2006 Mar 15
6
Can't get port forwarded from net to net
I have followed the instructions at http://shorewall.net/FAQ.htm#faq2
along with some coaching on IRC from _Omache to get a machine (with IP
address 66.93.22.233) to forward all port 25 traffic to another host in
my network (with IP 66.93.22.254). This has not worked. I have tested
by trying `telnet 66.93.22.233 25`, expecting to see the SMTP banner on
66.93.22.254. Of course, I don''t
2000 Jan 23
2
portmap messages under /var/log/messages
I am running Redhat 6.1 as a firewall between a cable modem and my home
network.
Occasionally, I see messages such as these under /var/log/messages:
Jan 17 13:38:16 saturn5 portmap[3726]: connect from 24.28.77.200 to dump():
request from unauthorized host
Jan 18 14:00:34 saturn5 portmap[1544]: connect from 204.151.148.146 to
dump(): request from unauthorized host
My assumption is that the
2013 May 21
1
samba4 AD - strange slowness after enable iptables based firewall
...n - I based on samba tutorial and aexples and official
microsoft web page with needed ports:
Have you similar problems after firewall implementations ?
iptables -F
iptables -X
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
/bin/echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
/bin/echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
/bin/echo "0" > /proc/sys/net/ipv4/conf/all/accept_source_route
/bin/echo "0" > /proc/sys/net/ipv4/conf/all/accept_redirects
/bin/echo "1" > /proc/sys/net/ipv4/icmp_ignore_bo...
2004 Nov 26
0
Shorwall 2.2.0 Beta 5
.../pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta5
Problems corrected:
1. A typo in shorewall.conf (NETNOTSYN) has been corrected.
New Features:
1. For consistency, the CLIENT PORT(S) column in the tcrules file
has been renamed SOURCE PORT(S).
2. The contents of /proc/sys/net/ip4/icmp_echo_ignore_all is now
shown in the output of "shorewall status".
3. A new IPTABLES option has been added to shorewall.conf. IPTABLES
can be used to designate the iptables executable to be used by
Shorewall. If not specified, the iptables executable determined
by the...
2005 Nov 14
3
shorewall and broadcast
Hi,
I configured some ha services using heartbeat, I have this on my log:
Nov 14 09:59:06 mail1 heartbeat[3932]: ERROR: Unable to send bcast [-1]
packet: Operation not permitted
Nov 14 09:59:06 mail1 heartbeat[3932]: ERROR: write failure on bcast
bond1.: Operation not permitted
how allow broadcast only on some interfaces with shorewall?
attacched is shorewall status
Thanks
Nicola
2000 Mar 13
1
I can't get multiple interfaces to work
I've looked through all the doc and searched the list archives, but I just
can't seem to get it to work. I have a Linux box with 5 ethernet
interfaces, 3 of which have winboxes I'd like to include in my little Samba
network. I'm able to get it far enough for each winbox to see the linbox,
but they can't see each other.
Here's my setup:
Winboxes Linbox
Win2k -
2003 Feb 03
4
[Bug 40] system hangs, Availability problems, maybe conntrack bug, possible reason here.
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=40
laforge@netfilter.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
------- Additional Comments From laforge@netfilter.org 2003-02-03 16:49 -------
We haven't seen this
2005 Apr 10
28
dumb, dumb question
I''m very new to shorewall. My setup is IP Gateway (CentOS 4 + Shorewall)
with 3 NIC cards.
Shorewall works great on the firewall machine. Bind also works (local
net machines get IPs fine). Under firestarter, all works great.
With shorewall, the loc machines can not route past the firewall. They
can connect to the firewall, but not past it.
Exactly what information should I post to get
2005 May 31
2
Local machine not through firewall
...tes packets errors dropped carrier collsns
0 0 0 0 0 0
6: ppp0: mtu 1500 qdisc pfifo_fast qlen 3
link/ppp
RX: bytes packets errors dropped overrun mcast
240393 400 0 0 0 0
TX: bytes packets errors dropped carrier collsns
42348 380 0 0 0 0
/proc
/proc/sys/net/ipv4/ip_forward = 1
/proc/sys/net/ipv4/icmp_echo_ignore_all = 0
/proc/sys/net/ipv4/conf/all/proxy_arp = 0
/proc/sys/net/ipv4/conf/all/arp_filter = 0
/proc/sys/net/ipv4/conf/all/rp_filter = 1
/proc/sys/net/ipv4/conf/all/log_martians = 0
/proc/sys/net/ipv4/conf/default/proxy_arp = 0
/proc/sys/net/ipv4/conf/default/arp_filter = 0
/proc/sys/net/ipv4/conf/defaul...
2005 May 25
9
Newbie going through a probably stupid thing
...ropped overrun mcast
> 8655889 6994 0 0 0 0
> TX: bytes packets errors dropped carrier collsns
> 381569 3735 0 0 0 0
>
> /proc
>
> /proc/sys/net/ipv4/ip_forward = 1
> /proc/sys/net/ipv4/icmp_echo_ignore_all = 0
> /proc/sys/net/ipv4/conf/all/proxy_arp = 0
> /proc/sys/net/ipv4/conf/all/arp_filter = 0
> /proc/sys/net/ipv4/conf/all/rp_filter = 1
> /proc/sys/net/ipv4/conf/all/log_martians = 0
> /proc/sys/net/ipv4/conf/default/proxy_arp = 0
> /proc/sys/net/ipv4/conf/defau...
2005 Dec 08
3
trouble with shorewall on Mandriva 2006 (2nd)
...it 0.0.0.0 brd 0.0.0.0
RX: bytes packets errors dropped overrun mcast
0 0 0 0 0 0
TX: bytes packets errors dropped carrier collsns
0 0 0 0 0 0
/proc
/proc/sys/net/ipv4/ip_forward = 1
/proc/sys/net/ipv4/icmp_echo_ignore_all = 0
/proc/sys/net/ipv4/conf/all/proxy_arp = 0
/proc/sys/net/ipv4/conf/all/arp_filter = 0
/proc/sys/net/ipv4/conf/all/rp_filter = 0
/proc/sys/net/ipv4/conf/all/log_martians = 0
/proc/sys/net/ipv4/conf/default/proxy_arp = 0
/proc/sys/net/ipv4/conf/default/arp_filter = 0
/proc/sys...
2005 Jun 27
5
Bridging problem with Shorewall and OpenVpn
...:ff:ff:ff:ff:ff
RX: bytes packets errors dropped overrun mcast 3670
48 0 0 0 0 TX: bytes packets errors
dropped carrier collsns
3994 61 0 0 0 0
/proc
/proc/sys/net/ipv4/ip_forward = 1
/proc/sys/net/ipv4/icmp_echo_ignore_all = 0
/proc/sys/net/ipv4/conf/all/proxy_arp = 0
/proc/sys/net/ipv4/conf/all/arp_filter = 0
/proc/sys/net/ipv4/conf/all/rp_filter = 1
/proc/sys/net/ipv4/conf/all/log_martians = 0
/proc/sys/net/ipv4/conf/br0/proxy_arp = 0
/proc/sys/net/ipv4/conf/br0/arp_filter = 0
/proc/sys/net/ipv4/conf/...
2005 May 29
17
Plans for 2.4.0
Hi folks,
Has anyone tested the changes to multiple ISPs/load balancing or
routestopped in 2.4.0-RC1 yet? We need to talk about what criteria we
will use for determining whether 2.4.0 is ready for release.
I''ve started configuring a firewall at work with the multiple ISPs
support, but its kernel doesn''t have connection marking support, so it''s
going to be a couple of
2005 Jun 14
1
Problem with samba broadcast
...rors dropped carrier collsns
5661258 36597 0 0 0 0
Bridges
bridge name bridge id STP enabled interfaces
br0 8000.000d8855d210 no ath0
eth1
/proc
/proc/sys/net/ipv4/ip_forward = 1
/proc/sys/net/ipv4/icmp_echo_ignore_all = 0
/proc/sys/net/ipv4/conf/all/proxy_arp = 0
/proc/sys/net/ipv4/conf/all/arp_filter = 0
/proc/sys/net/ipv4/conf/all/rp_filter = 1
/proc/sys/net/ipv4/conf/all/log_martians = 0
/proc/sys/net/ipv4/conf/ath0/proxy_arp = 0
/proc/sys/net/ipv4/conf/ath0/arp_filter = 0
/proc/sys/net/i...
2011 Jul 21
42
Problem With OpenVPN Connectivity
Hi,
I''m running Slackware 13.37 x86 using Shorewall 4.4.21 with OpenVPN and the
VPN options I''m using in Slackware 13.37 will not work in Shorewall, but in
Slackware 13.1 using the same Shorewall version and files, the ''interfaces'',
''policy'' and ''zone'', are all I have configured, it was working and this also
works in Arch at