search for: notrackers

https://bugzilla.netfilter.org/show_bug.cgi?id=1422 Bug ID: 1422 Summary: iptables-nft fails to check / delete rules in raw table Product: iptables Version: 1.6.x Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: major Priority: P5 Component: iptables

https://bugzilla.netfilter.org/show_bug.cgi?id=1065 Bug ID: 1065 Summary: NOTRACK is not supported in nft Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1213 Bug ID: 1213 Summary: Nft stateless NAT (NOTRACK) Product: nftables Version: unspecified Hardware: All OS: Ubuntu Status: NEW Severity: critical Priority: P5 Component: nft Assignee: pablo at netfilter.org Reporter:

https://bugzilla.netfilter.org/show_bug.cgi?id=1410 Bug ID: 1410 Summary: STATELESS, rules with notrack into a map Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at

Hi, I would like to see this addressed. I found more information on the issue at https://kb.isc.org/article/AA-01183/0/Linux-connection-tracking-and-DNS.html Is there a firewalld solution to this issue? On 04/11/2017 11:05 AM, Chris Adams wrote: > One additional DNS server note: you should disable firewalld for any DNS > server, caching or authoritative. If you need firewalling, use

https://bugzilla.netfilter.org/show_bug.cgi?id=830 Summary: ??iptables????????? Product: iptables Version: unspecified Platform: All OS/Version: RedHat Linux Status: NEW Severity: major Priority: P5 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy: higkoohk

The Shorewall team is pleased to announce the availability of Shorewall 4.5.7. ---------------------------------------------------------------------------- I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- 1) This release includes the defect repair from Shorewall 4.5.6.2. 2) The command

On 04/11/2017 04:16 PM, Alice Wonder wrote: > Hi, I would like to see this addressed. > Is there a firewalld solution to this issue? Yes: # Disable connection tracking for UDP DNS traffic # https://kb.isc.org/article/AA-01183/0/Linux-connection-tracking-and-DNS.html firewall-cmd --permanent --direct --add-rule ipv4 filter INPUT 0 -m conntrack --ctstate UNTRACKED -j ACCEPT firewall-cmd

Beta 2 is now available for testing. Problems Corrected since Beta 1: 1) References to the obsolete USE_ACTIONS option have been removed from the manpages. 2) NFLOG has been documented for some time as a valid ACTION in the rules files but support for that action was never implemented until this release. 3) The Checksum Target capability detection in the rules compiler was

Beta 2 is now available for testing. Problems Corrected since Beta 1: 1) References to the obsolete USE_ACTIONS option have been removed from the manpages. 2) NFLOG has been documented for some time as a valid ACTION in the rules files but support for that action was never implemented until this release. 3) The Checksum Target capability detection in the rules compiler was

I was trying to do what the article at http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.performance.html#conntrack_filling_tables <http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.performance.html#conntrack_filling_tables%3C/blockquote%3E%3C/div%3E> suggested My iptables rules are ------------------------------------------------------------------------ #that's what the

Hi there, i have now a working domU which is bridged into the dom0. I have set as gateway the bridge device. So far this works i can access the domU from the dom0 (for example using ssh or http). The access from domU into dom0 works, too. But i can not get a working NAT setup to route the traffic from domU into the internet. I tried a few variants, switching of tx checks on the ethernet device,

Hi, Wrote a couple articles on OpenSSH and on running your Git server in a CentOS 7 environment https://notrackers.com/the-command-line/openssh-primer/ and https://notrackers.com/the-command-line/setting-up-your-own-git-server/ And the domain name is honest, there no trackers on that blog. None. (that blog is actually for a WordPress project not ready for general use but it seemed like a good place for the...

think i posted in the wrong ml the first time, sorry, reposting here hi, i recently updated to xen 3.2 and now networking has stopped working. i have a configuration with 2 nics: eth1 (internet) and eth0 (lan) when i start xen i get peth0,peth1 with no ip, and bridge eth0,eth1 with the right addresses the server running xen is also the lan gw the routing table seems ok 192.168.0.0 *

Hello List! I got a small (50mbits or so) application layer ddos attack against a few name servers (thousands of IPs sending lots of bogus A record requests - weird) - one of the name servers was behind a shorewall firewall. That firewall was running a 2.6.18-194.11.1.el5 kernel and shorewall-4.4.11.1-1. I noticed that the shorewall host had ksoftirqd using 100% of the CPU during the

https://bugzilla.netfilter.org/show_bug.cgi?id=882 Summary: The conntrack-tools archive contains some leftovers from a patch run Product: conntrack-tools Version: unspecified Platform: All OS/Version: All Status: NEW Severity: trivial Priority: P5 Component: conntrack-daemon

I have a bunch of servers, where I''ve deployed shorewall-lite. For us is very useful to have a centralized repository of the firewall rules deployed in our servers. One of this servers is pretty busy, handling lots of connections. In that server I''m getting from time to time this message: ip_conntrack: table full If I where working in a custom made iptables firewall I will

Hi! The Netfilter project proudly presents: libnftnl 1.0.7 libnftnl is a userspace library providing a low-level netlink programming interface (API) to the in-kernel nf_tables subsystem. The library libnftnl has been previously known as libnftables. This library is currently used by the nft command line tool. This release includes the following list of updates: * New nftnl_rule_cmp()

Hi all. I can''t seem to get the h323 connection tracking configured correctly for Shorewall. I am using the Debian Shorewall 4.5.16.1 package. I am running a Debian 3.9 kernel like so: # uname -a Linux gw 3.9-1-amd64 #1 SMP Debian 3.9.8-1 x86_64 GNU/Linux My version of iptables is: # iptables -V iptables v1.4.20 If I add the following rule in the /etc/shorewall/tcrules file to

Hello, I''m observing a weird bug with ip_nat_ftp in a somewhat more complicated constellation. It''s possible that XEN is also involved in this, but I''m not sure. What I''m trying to do is have XEN guest domains on a host, connected via a bridge into a private network. The the privileged domain attaches to this private network and acts as a NAT router to connect