search for: net2al

...net:217.116.227.249 all - # DNAT net fw:24.91.102.152:1411 tcp 411 - DNAT net fw:24.91.102.152:1411 udp 411 - #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE Here is the last 50 lines of what shorewall logged to /var/log/messages Jan 27 00:23:15 h0000b49d5510 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:00:b4:9d:55:10:00:05:9a:d6:f0:54:08:00 SRC=216.175.104.127 DST=24.91.102.152 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=20585 DF PROTO=TCP SPT=2689 DPT=901 WINDOW=16384 RES=0x00 SYN URGP=0 Jan 27 00:24:30 h0000b49d5510 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:00:b4:9d...

...slog logging doesn''t seem to work for REJECT / DROP policies Context: Shorewall version 1.4.4b on a single IP address setup Diagnosis: Default /etc/shorewall/common.def triggers a DROP prior to policy based -j LOG actions For example selected lines (from the generated iptables) ... The net2all policy: a) -A net2all -m state --state RELATED,ESTABLISHED -j ACCEPT b) -A net2all -p tcp -m state --state NEW -m tcp ! --tcp-flags SYN,RST,ACK SYN -j newnotsyn c) -A net2all -j common d) -A net2all -j LOG --log-prefix "Shorewall:net2all:DROP:" --log-level 6 e) -A net2all -j DROP allie...

...ip route show: 203.17.101.28 dev ppp0 proto kernel scope link src 203.113.232.72 192.168.0.0/24 dev eth0 scope link 169.254.0.0/16 dev eth1 proto kernel scope link src 169.254.19.126 127.0.0.0/8 dev lo scope link default via 203.17.101.28 dev ppp0 shorewall show log: Nov 27 22:54:40 net2all:DROP:IN=ppp0 OUT= SRC=211.154.167.13 DST=203.113.232.72 LEN=48 TOS=0x10 PREC=0x00 TTL=106 ID=8267 DF PROTO=TCP SPT=50812 DPT=21 WINDOW=65535 RES=0x00 SYN URGP=0 Nov 27 22:54:43 net2all:DROP:IN=ppp0 OUT= SRC=211.154.167.13 DST=203.113.232.72 LEN=48 TOS=0x10 PREC=0x00 TTL=106 ID=8362 DF PROTO=TCP S...

...(used like a "personal firewall"). Have sshd running on the FW. Want the sshd daemon to be accessible only from 2 LANs: 1) My other home LAN machine 2) IBM intranet machines (9.0.0.0) Whatever I have tried if the rule is written like Any2FW or Net2FW it works but IBM2FW does not (the net2all chain is hit with it''s DROP action). Here follows my FW status. Thank you very much for any help, Bob Alexander > Shorewall-2.2.3 Status at t40 - Wed May 25 18:10:00 CEST 2005 > > Counters reset Wed May 25 18:04:14 CEST 2005 > > Chain INPUT (policy DROP 0 packets, 0...

...out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 4 level 6 prefix `Shorewall:logflags:DROP:'' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2all (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 63 8700 Drop all -- * * 0.0.0.0/0 0.0.0.0/0...

...with kernel 2.4.20. Nightly, LogWatch emails a portion of the logs for my review. I notice that there are tons of dropped packets from port 445, somedays as many as 7,000. See sample below: >From 24.226.192.22 - 2 packets To 24.227.147.124 - 2 packets Service: microsoft-ds (tcp/445) (Shorewall:net2all:DROP:,eth0,none) - 2 packets My question is, what can I do to have these silently dropped and not log any drops from 445. I have reviewed anything that I could find on the website and the mailing list archive, but couldn''t find anything about it. Maybe my search terms were bad, if so apo...

Dear List! I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection to the Internet (ppp0 - eth1 to the modem) and a bridge to the local lan. The bridged config i''ve made with bridge.html from the shorewall site. The Bridge is between local net and a openvpn tap device. This works. I ccan make tunnels, and a can make a lot of things through the firewall. I can get a list

...0/32 scope global ppp0 ip route show 217.5.98.30 dev ppp0 proto kernel scope link src 217.225.24.150 10.0.0.0/24 dev eth1 scope link 192.168.0.0/24 dev eth0 scope link 127.0.0.0/8 dev lo scope link default via 217.5.98.30 dev ppp0 shorewall show log ( lots of those :) ) Jan 9 00:24:41 net2all:DROP:IN=ppp0 OUT=eth0 SRC=80.200.230.75 DST=192.168.0.10 LEN=139 TOS=0x00 PREC=0x00 TTL=54 ID=0 DF PROTO=UDP SPT=4528 DPT=4665 LEN=119 Jan 9 00:24:44 net2all:DROP:IN=ppp0 OUT=eth0 SRC=24.185.67.165 DST=192.168.0.10 LEN=47 TOS=0x00 PREC=0x00 TTL=109 ID=32948 PROTO=UDP SPT=8548 DPT=4665 LEN=27 Ja...

Hi My situation: I have two pc''s with public ip''s (192.159.56.206(webserver) and 84.196.123.65(mail-gateway)) in the dmz. The firewall (84.196.123.66) is configures with proxyarp, so nothing is changed on the pc''s from when they were not behind the firewall (i.e. they don''t have the firewall as gateway (and they each have different gateways, only 84.196.123.65

(I''m not a member of the list at the moment so please answer this e-mail CC to my personal address. Thank you all) I am part of a community network in Buenos Aires and I''m now trying to set up a bridge between my local net and the community net. The problem is that appart from the bridge between these I need to share an internet connection and the cable modem assigns me a

...onnect to? An Nmap scan of my network shows no open ports anywhere near 32230. Obviously, the DST= address is changed to a ficticious one. I left the SRC= address unchanged. John Stroud Someday I''ll make a real sig. ----------------------------- May 16 16:54:56 cave kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:10:a4:8e:6d:df:00:a0:c5:44:55:75:08:00 SRC=216.177.89.29 DST=46.331.328.18 LEN=50 TOS=0x00 PREC=0x00 TTL=113 ID=18662 PROTO=UDP SPT=4690 DPT=32230 LEN=30 May 16 16:54:58 cave kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:10:a4:8e:6d:df:00:a0:c5:44:55:75:08:00 SRC=216...

...net (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 6 384 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2all (3 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 137 8234 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 14 6...

...ts:67:68 5412 619K loc2fw all -- * * 0.0.0.0/0 0.0.0.0/0 Chain eth1_fwd (1 references) pkts bytes target prot opt in out source destination 0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 99 4761 net2all all -- * eth0 0.0.0.0/0 0.0.0.0/0 0 0 net2all all -- * eth2 0.0.0.0/0 0.0.0.0/0 Chain eth1_in (1 references) pkts bytes target prot opt in out source destination 574 31090 dynamic all -- * * 0.0.0.0/0 0....

Hello! I am using shorewall shorewall-2.0.11-1 on fedora core2 (iptables-1.2.9-95.7). My box has 2 physical nic´s plus one virt. ipsec interface for a freeswan-vpn connection. A few days ago, portsentry spit out a lot of connections from windows clients (port 135, 445). Ooops. I review my shorewall settings but could not find a mistake. So I took a win-client and established a second

...ain dynamic (6 references) pkts bytes target prot opt in out source destination Chain eth0_fwd (1 references) pkts bytes target prot opt in out source destination 0 0 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID,NEW 0 0 net2all all -- * ath0 0.0.0.0/0 0.0.0.0/0 1384K 1325M net2all all -- * eth1 0.0.0.0/0 0.0.0.0/0 Chain eth0_in (1 references) pkts bytes target prot opt in out source destination 20731 6964K dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 state I...

The BBC are currently trialling multicasting the Olympics. This requires multicast and IGMP to be available. As far as I can make out, in 2.0.8 at least, all multicast addresses are filtered out and, to my naive eyes, can''t be re-enabled. Please prove me wrong :-) Dirk -- Please Note: Some Quantum Physics Theories Suggest That When the Consumer Is Not Directly Observing This Message,

...just AFTER I tried to print (above). Note that the rejected packets occurred before the print job, and none during or after. Dec 28 11:54:38 rfc1918:DROP:IN=eth0 OUT= SRC=10.0.0.1 DST=255.255.255.255 LEN=62 TOS=0x00 PREC=0x00 TTL=255 ID=0 PROTO=UDP SPT=50729 DPT=53 LEN=42 Dec 28 11:56:15 net2all:DROP:IN=eth0 OUT= SRC=212.194.238.252 DST=24.225.153.172 LEN=907 TOS=0x00 PREC=0x00 TTL=112 ID=45094 PROTO=UDP SPT=24846 DPT=1026 LEN=887 Dec 28 11:56:16 net2all:DROP:IN=eth0 OUT= SRC=212.83.228.10 DST=24.225.153.172 LEN=907 TOS=0x00 PREC=0x00 TTL=113 ID=46145 PROTO=UDP SPT=17677 DPT=10...

...'' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain modem2fw (1 references) pkts bytes target prot opt in out source destination 482 260K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT 47 -- * * 10.0.0.138 0.0.0.0/0 0 0 all2all all -- * * 0.0.0.0/0 0.0.0.0/0 Chain net2all (3 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 81 4164 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 79 4084 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:net2all:DROP:'' 79 4084 DROP...

...- udp 137:139" added. Rule "REJECT - - udp 445" added. Rule "REJECT - - tcp 135" added. Rule "REJECT - - tcp 139" added. Rule "REJECT - - tcp 445" added. Processing /etc/shorewall/policy... Warning: Log Prefix shortened to "Shorewall:@net2all:@net2all:-" Bad argument `DROP'' Try `iptables -h'' or ''iptables --help'' for more information. Processing /etc/shorewall/stop ... Stopping IPsec ... Stopping Openswan IPsec... stop ordered, but IPsec does not appear to be running! doing cleanup anyway... /usr...

...e dynamic open port in ftp is some how broken after the firewall reboot. I made the ftp attempts myself in the logs below using a Chrome Data Application. Any Ideas on what to try next. Thanks Mike [root@ns1 root]# shorewall version 2.0.2d -- redhat 8 [root@ns1 root]# uname -r 2.4.18-14 net2all:DROP:IN=eth0 OUT=eth2 SRC=64.42.53.202 DST=66.224.62.103 LEN=48 TOS=0x00 PREC=0x00 TTL=123 ID=4989 DF PROTO=TCP SPT=2011 DPT=1350 WINDOW=65535 RES=0x00 SYN URGP=0 Jan 24 21:56:59 ns1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT=eth2 SRC=64.42.53.202 DST=66.224.62.103 LEN=48 TOS=0x00 PREC=0x00 TTL...