search for: loc2loc

Hallo, i have a problem to configure shorewall to enable scanning over the network with sane. The scanner is located at the firewall hosts local interface. Why do i get a "all2all" message and not "loc2loc" Aug 25 14:55:26 router saned[26946]: saned from sane-backends 1.0.11 ready Aug 25 14:55:26 router saned[26946]: check_host: access by remote host: 192.168.0.250 Aug 25 14:55:26 router saned[26946]: init: access by root@192.168.0.250 accepted Aug 25 14:55:27 router kernel: Attached scsi...

...destination 0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 loc2net all -- * eth0 192.168.10.0/24 0.0.0.0/0 0 0 loc2net all -- * eth0 0.0.0.0/0 0.0.0.0/0 0 0 loc2loc all -- * eth1 192.168.10.0/24 192.168.10.0/24 0 0 loc2loc all -- * ppp+ 192.168.10.0/24 192.168.10.0/24 0 0 loc2loc all -- * eth1 192.168.10.0/24 0.0.0.0/0 0 0 loc2loc all -- * eth1 0.0.0.0/...

To rephrase the question, "Can I use masquerading and proxy ARP in the same zone simultaneously?" It''s not a stupid question--I couldn''t see any reason why it wouldn''t work, but I had actually try it out to convince myself that it did (which isn''t a bad thing to do before posting the question to the list, by the way). In any case, the answer is

...ewall 1.4.6b, 1.4.7, 1.4.8. Now with an older Shorewall 1.3.11, I do get the expected results (at least when the "loc loc ACCEPT" policy is in place): Chain tun_fwd (1 references) pkts bytes target prot opt in out source destination ... 1417K 133M loc2loc all -- * tun+ 0.0.0.0/0 0.0.0.0/0 ... --eric

...depending on the subnet (modem is for the tunnel and "loc" is, well, the local zone.) I have read the aliased-interfaces HOWTO, checked the "hosts" configuration documentation and I simply cannot find my mistake! Why are the packets being rejected in all2all and not match and loc2loc or loc2foo rule?? I would be very happy if someone could point me to a useful link or tell me what I did wrong... * kernel version: Linux quake 2.4.22-grsec #2 Tue Sep 30 01:44:07 CEST 2003 i686 unknown unknown GNU/Linux Slackware 9.1 * Shorewall version: 1.4.6c * Interfaces 1: lo: <LOOP...

Hi, I installed the shorewall 1.3.8-2 debian package to my debian testing machine which serves as the gateway to the internet. Since I have two other machine connect to internet thru this gateway machine, I also downloaded the configuration guide for "basic two-interface firewall" and followed the instructions. When I try to start the shorewall I get the following message and can not

Hi everybody I have a Problem with Masquerading from my local net (loc) to my VPN (loc2). I can reach every Service from loc2 in loc, but I can''t get reach any service from loc in loc2. Has somebody an Idea where my mistake is ? Without shorewall, it was working. Thanks for helping Lars Technical Information : Shorewall 2.0.13 Suse 9.0 *177.177.77.X The first 3 Counts are changed

...Chain eth0_fwd (1 references) pkts bytes target prot opt in out source destination 102 4896 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 165 7803 loc2net all -- * eth1 0.0.0.0/0 0.0.0.0/0 0 0 loc2loc all -- * eth0 0.0.0.0/0 0.0.0.0/0 571 147K loc2loc2 all -- * eth2 0.0.0.0/0 0.0.0.0/0 Chain eth0_in (1 references) pkts bytes target prot opt in out source destination 1382 150K dynamic all -- * * 0.0.0.0/0 0.0...

This is a minor release of Shorewall. WARNING: This release introduces incompatibilities with prior releases. See http://www.shorewall.net/upgrade_issues.htm. Changes are: a) There is now a new NONE policy specifiable in /etc/shorewall/policy. This policy will cause Shorewall to assume that there will never be any traffic between the source and destination zones. b) Shorewall no longer