search for: rejectsmb

I am getting the following message when Shorewall stops can anybody shed any light on this message and where I should be looking? Thanks root@bobshost:~# shorewall stop Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Stopping Shorewall...Processing /etc/shorewall/stop ... IP Forwarding Enabled

...first rest + ''['' x = xINCLUDE '']'' + echo '' '' + read first rest + ''['' xDropSMB = xINCLUDE '']'' + echo ''DropSMB #Silently Drops Microsoft SMB Traffic'' + read first rest + ''['' xRejectSMB = xINCLUDE '']'' + echo ''RejectSMB #Silently Reject Microsoft SMB Traffic'' + read first rest + ''['' xDropUPnP = xINCLUDE '']'' + echo ''DropUPnP #Silently Drop UPnP Probes'' + read first rest + ''[''...

Hi! I don;t know what i am doing wrong because i have still Low ID on aMule. I have action.AllowaMule and accept tcp 4662:4771 and udp 4672. Thanks, Mitja

...ng perfectly. I have upgraded every release of shorewall since 2.0.9 with no problems at all. Now I''m trying to upgrade from 2.0.13 to 2.0.14, when I perform a service shorewall restart I get this error: --------------------------------------- .... Processing /usr/share/shorewall/action.RejectSMB... Rule "REJECT - - udp 135" added. Rule "REJECT - - udp 137:139" added. Rule "REJECT - - udp 445" added. Rule "REJECT - - tcp 135" added. Rule "REJECT - - tcp 139" added. Rule "REJECT - - tcp 445" added. Processing /etc/...

Dear All, I have read all the documentation I can find but I still have not understood how, in what context and where to use the action commands enumerated in /usr/share/shorewall/actions.std. Illustrating with SMB traffic for instance, how can one use AllowSMB, DropSMB and RejectSMB to control SMB traffic instead of the classic ACCEPT z1 z2 udp 135,445 ACCEPT z1 z2 udp 137:139 ACCEPT z1 z2 udp 1024: 137 ACCEPT z1 z2 tcp 135,139,445 I have copied action.AllowSMB f...

Dear List! I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection to the Internet (ppp0 - eth1 to the modem) and a bridge to the local lan. The bridged config i''ve made with bridge.html from the shorewall site. The Bridge is between local net and a openvpn tap device. This works. I ccan make tunnels, and a can make a lot of things through the firewall. I can get a list

.../shorewall/initdone ... Adding rules for DHCP Enabling RFC1918 Filtering Setting up Kernel Route Filtering... IP Forwarding Enabled Processing /etc/shorewall/tunnels... Pre-processing Actions... Pre-processing /usr/share/shorewall/action.DropSMB... Pre-processing /usr/share/shorewall/action.RejectSMB... Pre-processing /usr/share/shorewall/action.DropUPnP... Pre-processing /usr/share/shorewall/action.RejectAuth... Pre-processing /usr/share/shorewall/action.DropPing... Pre-processing /usr/share/shorewall/action.DropDNSrep... Pre-processing /usr/share/shorewall/action.AllowPing...

...in Zones... Net Zone: eth0:0.0.0.0/0 Validating policy file... Policy for fw to net is ACCEPT using chain fw2net Policy for net to fw is DROP using chain net2all Pre-validating Actions... Pre-processing /usr/share/shorewall/action.DropSMB... Pre-processing /usr/share/shorewall/action.RejectSMB... Pre-processing /usr/share/shorewall/action.DropUPnP... Pre-processing /usr/share/shorewall/action.RejectAuth... Pre-processing /usr/share/shorewall/action.DropPing... Pre-processing /usr/share/shorewall/action.DropDNSrep... Pre-processing /usr/share/shorewall/action.AllowPing......

Hello, You will find in attachment the layout of my current physical configuration. For now, the Cable ISP is not used. Since it is a dynamic ISP, my mailserver is rejected and my domain name registers on blacklists like ORDB and al. I want it to be used as a default gateway except for my mail server that would be seen as coming from my "honest" ADSL ISP. Here is

.../0 Adding Anti-smurf Rules Enabling RFC1918 Filtering Enabling Bogon Filtering Setting up Kernel Route Filtering... IP Forwarding Disabled! Processing /etc/shorewall/tunnels... Pre-processing Actions... Pre-processing /usr/share/shorewall/action.DropSMB... Pre-processing /usr/share/shorewall/action.RejectSMB... Pre-processing /usr/share/shorewall/action.DropUPnP... Pre-processing /usr/share/shorewall/action.RejectAuth... Pre-processing /usr/share/shorewall/action.DropPing... Pre-processing /usr/share/shorewall/action.DropDNSrep... Pre-processing /usr/share/shorewall/action.AllowPing... Pre-processing /...

Hello, I am using Shorewall version 2.0.1 with kernel 2.4.20. Nightly, LogWatch emails a portion of the logs for my review. I notice that there are tons of dropped packets from port 445, somedays as many as 7,000. See sample below: >From 24.226.192.22 - 2 packets To 24.227.147.124 - 2 packets Service: microsoft-ds (tcp/445) (Shorewall:net2all:DROP:,eth0,none) - 2 packets My question is,

...file... Determining Hosts in Zones... Warning: Zone hdsl is empty Warning: Zone roma is empty Warning: Zone loc is empty Processing /etc/shorewall/init ... Pre-processing Actions... Pre-processing /usr/share/shorewall/action.DropSMB... Pre-processing /usr/share/shorewall/action.RejectSMB... Pre-processing /usr/share/shorewall/action.DropUPnP... Pre-processing /usr/share/shorewall/action.RejectAuth... Pre-processing /usr/share/shorewall/action.DropPing... Pre-processing /usr/share/shorewall/action.DropDNSrep... Pre-processing /usr/share/shorewall/action.AllowPing...

...lease and currently contains just the actions I need to replace the ''common'' chain (plus AllowPing) which I personally like). # # Shorewall 2.0 /etc/shorewall/actions.std # # DropBcast #Silently Drops Broadcast Traffic DropSMB #Silently Drops Microsoft SMB Traffic RejectSMB #Silently Reject Microsoft SMB Traffic DropUPnP #Silently Drop UPnP Probes DropNonSyn #Silently Drop Non-syn TCP packets RejectAuth #Silently Reject Auth DropPing #Silently Drop Ping AllowPing #Accept Ping Drop:DROP #Common rules for DROP policy Reject:REJ...

...pt in out source destination 0 0 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 RejectSMB all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropNotSyn all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropDNSrep all -- * * 0.0.0.0/0 0.0.0.0/0 Chain...

...0.0/0 udp dpt:1900 Chain Reject (0 references) pkts bytes target prot opt in out source destination 0 0 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 RejectSMB all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropNonSyn all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropDNSrep all -- * * 0.0.0.0/0 0.0.0.0/0 Chain Reje...

...prot opt in out source destination 0 0 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 RejectSMB all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropNotSyn all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropDNSrep all -- * * 0.0.0.0/0 0.0.0.0/0 Chain Reje...

...0.0/0 udp dpt:1900 Chain Reject (0 references) pkts bytes target prot opt in out source destination 0 0 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 RejectSMB all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropNonSyn all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropDNSrep all -- * * 0.0.0.0/0 0.0.0.0/0 Chain Reje...

Hi everybody I have a Problem with Masquerading from my local net (loc) to my VPN (loc2). I can reach every Service from loc2 in loc, but I can''t get reach any service from loc in loc2. Has somebody an Idea where my mistake is ? Without shorewall, it was working. Thanks for helping Lars Technical Information : Shorewall 2.0.13 Suse 9.0 *177.177.77.X The first 3 Counts are changed

...destination 0 0 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 RejectSMB all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropNotSyn all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 DropDNSrep all -- * * 0.0.0.0/...

...udp dpt:1900 Chain Reject (4 references) pkts bytes target prot opt in out source destination 20 1180 RejectAuth all -- * * 0.0.0.0/0 0.0.0.0/0 20 1180 dropBcast all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 AllowICMPs icmp -- * * 0.0.0.0/0 0.0.0.0/0 20 1180 dropInvalid all -- * * 0.0.0.0/0 0.0.0.0/0 20 1180 RejectSMB all -- * * 0.0.0.0/0 0.0.0.0/0 20 1180 DropUPnP all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 dropNotSyn tcp -- * * 0.0.0.0/0 0.0.0.0/0 20 1180 DropDNSrep all -- * * 0.0.0.0/0 0.0.0.0/0 Chain RejectAuth (2 references) pkts bytes target prot opt in out source destination 0 0 reject tcp -- * * 0.0.0.0/0 0.0.0....