Displaying 20 results from an estimated 59 matches for "loc2net".
2003 Jan 16
3
Jan 16 17:49:33 murowall kernel: Shorewall:loc2net:CONTINUE:IN=eth0 OUT=eth2 SRC Shorewall:FORWARD:REJECT:IN=eth0 OUT=eth2
...INE -- DO NOT REMOVE
interfaces
net eth2 detect filterping
loc eth0 detect filterping
dmz eth1 detect
and when I tried to go to the net the messages are:
Jan 16 17:49:33 murowall kernel: Shorewall:loc2net:CONTINUE:IN=eth0
OUT=eth2 SRC
=192.168.2.96 DST=80.25.233.57 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=6877
DF PROT
O=TCP SPT=1813 DPT=23 WINDOW=16384 RES=0x00 SYN URGP=0
Jan 16 17:49:33 murowall kernel: Shorewall:FORWARD:REJECT:IN=eth0
OUT=eth2 SRC=1
92.168.2.96 DST=80.25.233.57 LEN=48 TOS=0x00 PREC...
2005 Feb 04
3
loc2net no longer working (and I read the FAQ)
...interface setup, using Shorewall 2.0.15 (installed via
Debian). eth0 is connected to my DSL modem (uses PPPoE) and eth1 is the
local 192.168.1.0/24 subnet.
I run a dnsmasq on the firewall. All loc machines can do DNS lookups
without problems.
loc2fw connections work fine, as do fw2net. Just loc2net seems to be
failing.
I''m attaching the output from:
- shorewall version
- shorewall status
- ip addr show
- ip route show
I''ll gladly send more info if more info is needed.
- Colin
p.s. please cc your responses to colin@viebrock.ca and colin@easydns.com
... since I...
2003 Nov 04
1
IP Keeps being Dropped.
here''s a snippet from my /var/log/messages:
Nov 4 00:24:45 firewall kernel: Shorewall:net2all:DROP:IN=ppp0 OUT= MAC=
SRC=80.143.227.136 DST=165.247.174.243 LEN=76 TOS=0x00 PREC=0x00 TTL=114
ID=41910 PROTO=UDP SPT=9940 DPT=9940 LEN=56
Nov 4 00:24:45 firewall kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=ppp0
SRC=10.0.0.2 DST=4.4.130.47 LEN=76 TOS=0x00 PREC=0x00 TTL=127 ID=26091
PROTO=UDP SPT=9940 DPT=63225 LEN=56
Nov 4 00:24:49 firewall kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=ppp0
SRC=10.0.0.2 DST=4.4.130.47 LEN=76 TOS=0x00 PREC=0x00 TTL=127 ID=43243
PROTO=UDP SPT=9940 DPT=632...
2005 Jun 10
11
/etc/network/interfaces
If I''m using eth1 as my lan zone on my router box, it needs a static
ip... what do I set the gateway option to in /etc/network/interfaces
since this computer is actually the gateway for the rest of the lan?
Itself? My "net" NIC''s address? Something else?
My lan isn''t getting internet access using the default Shorewall config
file (edited per
2003 Jan 14
1
logging
I would like to cut down on packets logged from "loc2net". I have modified
my policy file so that the logging for loc2net is "err" but dns packets and
smtp are still being logged. Is it possible to filter these out?
On a separate note, if I define ULOG in policy, I get an error on shorewall
startup "ULOG not defined" or somethi...
2007 Jun 29
1
ipp2p traffic not rejected
Hi,
I''m using following rule in /etc/shorewall/rules
REJECT:ULOG:P2P loc net ipp2p:all ipp2p
iptables -L :
Chain loc2net (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
ULOG all -- anywhere anywhere ipp2p
v0.8.2--ipp2p ULOG copy_range 0 nlgroup 1 prefix
`Shorewall:loc2net:REJECT:P2...
2005 May 27
3
Requesting help with a log entry
Does anyone know what this log entry indicates? What service running on a
WinNT server would send out a UDP packet with source port 137 and
destination port 1? (I was unable to get any clarity from Google...)
---------
May 27 11:01:47 ykrgw kernel: Shorewall:loc2net:DROP:IN=eth0 OUT=eth1
SRC=192.168.3.3 DST=166.84.151.198 LEN=84 TOS=0x00 PREC=0x00 TTL=127
ID=37008 PROTO=UDP SPT=137 DPT=1 LEN=64
----------
Thanks in advance.
Jim Werkowski
jwerkowski@attglobal.net
2005 Jan 25
3
IPP2P broken?
Hi,
I tried shorewall 2.2.0-rc4 and 2.2.0-rc5 on 3 different machines (just to be sure it''s not pebkac). The IPP2P support is broken, line like:
DROP loc net ipp2p
generates:
iptables -A loc2net -j DROP
that''s _wrong_ :)
i have tried playing with debug to no avail, and I''m not that good at bashing...
just to be complete, the suggested status.txt from one of the machines is attached.
btw if any of you have any hint on setting up P2P filtering, or some good howto, pleas...
2005 Feb 21
12
NAT
Hello,
I installed my linux server for 3 months now. It does almost everything
(dns, web & mail server, firewall ...).
I just encounterd two problems with the firewall: behind this server
there are 2 computers: i got emule on one and msn on the other. The
problem is that I can''t configure well the firewall fore these 2 rules.
I''ve added DNAT rules but it
2003 Jan 16
0
Jan 16 17:49:33 murowall kernel: Shorewall Shorewall:FORWARD:REJECT:IN=eth0 O UT=eth2
...out to the net.
Hope this helps
Mike
-----Original Message-----
From: Alan Sparks [mailto:asparks@doublesparks.net]
Sent: Thursday, January 16, 2003 11:02 AM
To: marta_jara@zenithmedia.es
Cc: Shorewall-users@shorewall.net
Subject: Re: [Shorewall-users] Jan 16 17:49:33 murowall kernel:
Shorewall:loc2net:CONTINUE:IN=eth0 OUT=eth2 SRC
Shorewall:FORWARD:REJECT:IN=eth0 OUT=eth2
You should probably have shown the rules file also... but
I see the loc->net policy is CONTINUE, but don''t see where the policy
subsequently allows this outbound traffic. Do you really mean for that to
be CONTINU...
2007 Nov 20
11
rfc1918 on external interface
Please, help me. Can i forbid and how any outgoing traffic
(ping,trace) to rfc1918 networks on my external interfaces?
Thank you very much.
Aleksandr
--------------------
Продукция AcmePower - это зарядные устройства, аккумуляторы формата АА
и ААА, сетевые адаптеры, аккумуляторные батареи для фото и видеокамер,
ноутбуков и PDA. Гарантия минского сервисного центра.
2004 Aug 03
2
dns strange problem
...r is outside the firewall,
Now, the rule stop working for sometime, my mail gateway couldnt resolve
any hostname anymore.
but when i restart shorewall, it''s work , just for while, and so on.
what happened to my shorewall ? log from kernel seem fine
Aug 3 17:51:51 fw kernel: Shorewall:loc2net:ACCEPT:IN=eth0 OUT=eth2
SRC=172.16.0.229 DST=202.x.x.x LEN=77 TOS=0x00 PREC=0x00 TTL=63 ID=31630
PROTO=UDP SPT=51468 DPT=53 LEN=57
please help me..
regards
reza
2004 Sep 03
3
getting up and running
...net ACCEPT
dmz net ACCEPT
net all DROP info
all all REJECT info
interfaces:
loc eth0 detect dhcp
I interpret this to mean that eth0 is in the local zone, and therefore
by the loc2net policy should be able to browse. However, I get stuff
like this in the log:
Sep 3 19:43:35 all2all:REJECT:IN=eth0 OUT= SRC=[my ip]
DST=[isp dns ip] LEN=48 TOS=0x00 PREC=0x00 TTL=62 ID=0 DF PROTO=ICMP
TYPE=8 CODE=0 ID=18568 SEQ=0
...and I can''t connect to the outside world if shorewall...
2002 Oct 23
23
"basic two-interface" setup problem
...ot;ACCEPT fw net udp 53" added.
Rule "ACCEPT loc fw tcp 22" added.
Setting up ICMP Echo handling...
Processing /etc/shorewall/policy...
Policy REJECT for fw to net using chain all2all
Policy REJECT for loc to fw using chain all2all
Policy ACCEPT for loc to net using chain loc2net
Masqueraded Subnets and Hosts:
Cannot send dump request: Connection refused
Terminated
==========================================================
When I follow the tracing instruction, I get the following
# tail /tmp/trace
++ ''['' -f /etc/shorewall/stopped '']''
+...
2004 Nov 17
6
Problems with routing
Hi,
here my system on shorewall:
eth0 192.168.108.1 net
eth1 192.168.109.1 dmz
eth2 192.168.110.1 loc_110
eth3 192.168.111.1 loc
I haven''t access from or to server in loc_110 through shorewall. I can
use ssh or other types from loc to dmz or from loc to fw, but I can''t use connections
to loc_110.
I can also use ssh - connection from fw to loc_110 or redirectly.
Where is the
2003 Mar 23
12
Shorewall 1.4.1
This is a minor release of Shorewall.
WARNING: This release introduces incompatibilities with prior releases.
See http://www.shorewall.net/upgrade_issues.htm.
Changes are:
a) There is now a new NONE policy specifiable in
/etc/shorewall/policy. This policy will cause Shorewall to assume that
there will never be any traffic between the source and destination
zones.
b) Shorewall no longer
2005 Jun 27
5
Bridging problem with Shorewall and OpenVpn
...all -- * * 0.0.0.0/0
0.0.0.0/0
Chain br0_fwd (1 references)
pkts bytes target prot opt in out source
destination 4 240 dynamic all -- * *
0.0.0.0/0 0.0.0.0/0 state INVALID,NEW
4 240 loc2net all -- * eth0 0.0.0.0/0
0.0.0.0/0 PHYSDEV match --physdev-in eth1
0 0 loc2road all -- * br0 0.0.0.0/0
0.0.0.0/0 PHYSDEV match --physdev-in eth1 --physdev-out tap+
0 0 all2all all -- * eth0 0.0.0.0/0...
2003 Jun 13
8
Oracle SQL*Net through Shorewall
...server. I''ve googled for some days and found no way to do it.
Any advice please?
This is my rules and log file (IP addresses faked)
Rules:
ACCEPT loc:w.x.y.z net:a.b.c.d tcp 1024:65535
And this is the log file:
Jun 13 10:29:22 firewall kernel: Shorewall:loc2net:DROP:IN=eth1 OUT=eth0 SRC=w.x.y.z DST=a.b.c.d LEN=44 TOS=0x00 PREC=0x00 TTL=127 ID=4040
DF PROTO=TCP SPT=1358 DPT=1696 WINDOW=8192 RES=0x00 SYN URGP=0
Regards
2006 Aug 29
3
masq problem
...39;t get masq working. Maybe this is because
something changed in masq since I have been using similar configuration
in 2.x
But I can''t see what... There is nothing in messages so it doesn''t point
me in the right direction. No REJECT, no loc2something... No
communication like loc2net is logged when I try to get through (ping,
dns, telnet...)
It is not a vmware-related issue since the same problem is when I try to
masq a real computer like from eth1.
THANKS!
This is my config:
interfaces:
net eth2 detect dhcp # wan -- to cable modem
loc eth1 detect
loc vmnet0 detec...
2007 Apr 18
1
Re: IPSec Passthrough fails when using CiscoVPNclient
Hi Vene,
Would appreciate any help you can give as I am not sure which NAT you are talking about.
A little more background. I am replacing a Windows 2000 routing and remote access machine that was acting as the gateway and performing NAT for Internet access for our local clients. In this setup the cisco VPN clients had no problem connecting to the vpn concentrator. The only difference in any