search for: nlgroup

Dear all: Im using shorewall 2.0.3a (debian) w/ ULOG. shorewall starts ok, and the firewall is running, but nothing is printed on the logs. I try, for example, to do a connection to a port that is opened on the server but closed by the FW and I get a connection refused. If I stop the firewall, this port is accesible from the outside. I think I''ve followed all the steps on

...n the router to map virtual ip/port to realip/realport. That all works fine. For axample: users connecting to 192.168.1.129:80 are brought to 192.168.1.2:80 users connecting to 192.168.1.145:80 are brought to 192.168.1.2:81 I have to put all traffic I need for accounting to "-j ULOG --ulog-nlgroup 10". And, packets should have ips seen to users. For axample: 10.10.102.50 -> 192.168.1.145:80 192.168.1.145:80 -> 10.10.102.50 and 10.10.102.50 -> 192.168.1.129:80 192.168.1.129:80 -> 10.10.102.50 BUT, instead I have: 10.10.102.50 -> 192.168.1.145:80 192.168.1.2:81 -&g...

Dear List! I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection to the Internet (ppp0 - eth1 to the modem) and a bridge to the local lan. The bridged config i''ve made with bridge.html from the shorewall site. The Bridge is between local net and a openvpn tap device. This works. I ccan make tunnels, and a can make a lot of things through the firewall. I can get a list

...pp2p:all ipp2p iptables -L : Chain loc2net (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ULOG all -- anywhere anywhere ipp2p v0.8.2--ipp2p ULOG copy_range 0 nlgroup 1 prefix `Shorewall:loc2net:REJECT:P2P'' queue_threshold 1 reject all -- anywhere anywhere ipp2p v0.8.2--ipp2p ACCEPT all -- anywhere anywhere but ipp2p traffic is not rejected. Why? Am I doing something wrong? There are also no records of P2P...

Hi, I''m running Slackware 13.37 x86 using Shorewall 4.4.21 with OpenVPN and the VPN options I''m using in Slackware 13.37 will not work in Shorewall, but in Slackware 13.1 using the same Shorewall version and files, the ''interfaces'', ''policy'' and ''zone'', are all I have configured, it was working and this also works in Arch at

...t ipt_ulog_info *) target->data; if (strcmp(loginfo->prefix, "") != 0) - printf("--ulog-prefix %s ", loginfo->prefix); + printf("--ulog-prefix \`%s\` ", loginfo->prefix); if (loginfo->nl_group != ULOG_DEFAULT_NLGROUP) { printf("--ulog-nlgroup "); diff -urN iptables-1.2.7a.org/iptables-restore.c iptables-1.2.7a/iptables- restore.c --- iptables-1.2.7a.org/iptables-restore.c Wed Aug 7 18:07:41 2002 +++ iptables-1.2.7a/iptables-restore.c Sat Mar 8 02:08:01 2003 @@ -262,6 +262,7 @@...

...tcp -- 0.0.0.0/0 !10.183.4.2 tcp dpt:80 redir ports 3128 This rule was created with: iptables -t nat -A PREROUTING -d ! 10.183.4.2 -p tcp --dport www -j REDIRECT --to-port 3128 For loggin purposes: iptables -N droplog iptables -A droplog -j ULOG --ulog-prefix Dropado --ulog-nlgroup 6 After the firewall rules, there is a final one: iptables -A FORWARD -j droplog Transparent proxy is working most of the time, but sometimes this shows on log: Apr 24 10:18:10 proxy: Dropado IN=eth0 OUT=eth1 SRC=10.183.4.37 DST=200.181.75.130 LEN=40 TOS=0x00 PREC=0x00 TTL=63 ID=53281 DF PROTO=TC...

http://bugzilla.netfilter.org/show_bug.cgi?id=793 Summary: ulogd -d does not close all fds Product: ulogd Version: SVN (please provide timestamp) Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ulogd AssignedTo: netfilter-buglog at lists.netfilter.org

...as described on shorewall.net when configuring the kernel. ulogd (0.97-1) and shorewall (1.4.5-1) were installed via apt, and shorewall is set up with the 3-interface example. All the /etc/shorewall/* files have "ULOG" where they used to have "info". /etc/ulogd.conf has: nlgroup 1 logfile /var/log/ulogd.log loglevel 5 plugin /usr/lib/ulogd/ulogd_BASE.so syslogfile /var/log/shorewall syslogsync 1 plugin /usr/lib/ulogd/ulogd_LOGEMU.so dumpfile /var/log/ulogd.pktlog And lsmod shows: Module Size Used by Not tainted ipt_ULOG 3456 8 ipt_T...