Displaying 20 results from an estimated 41 matches for "shorewall2".
Did you mean:
shorewall
2004 Jan 12
0
Shorewall2 -- now running on gateway.shorewall.net
I''ve gotten the basic code working on my firewall.
So that I can quickly get back online if I screw up, I''m currently calling it
shorewall2. That way if it screws up I can just "shorewall restart".
/sbin/shorewall2 -- command interpreter
/etc/shorewall2/ -- configuration files
/usr/share/shorewall2/ -- shared files
Both Shorewall and Shorewall2 use the same state directory.
/etc/shorewall/actions.std defines th...
2004 Jan 31
5
Shorewall 2.0.0 Alpha 1
http://shorewall.net/pub/shorewall/Alpha/shorewall-2.0.0
ftp://shorewall.net/pub/shorewall/Alpha/shorewall-2.0.0
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2005 Jun 04
3
[Fwd: [shorewall-coding] Shorewall2 functions, 1.39, 1.40]
Skipped content of type multipart/mixed-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 186 bytes
Desc: OpenPGP digital signature
Url : http://lists.shorewall.net/pipermail/shorewall-devel/attachments/20050604/bee263f3/signature.bin
2004 Nov 28
5
include directive doesn''t expand parameters?
Hello all,
I tried to include a file from within the accounting config-file.
The filename was specified using a parameter in params as:
ACCFILE=/var/lib/shorewall/accounting.generated
and then included in accounting as:
INCLUDE $ACCFILE
However when (re)starting shorewall, it gave some error about being
unable to find ''/etc/shorewall/$ACCFILE'' (with the $ACCFILE parameter
2004 Mar 10
1
Shorewall2 - Action commands
Dear All,
I have read all the documentation I can find but I still have not understood how, in what context and where to use the action commands enumerated in /usr/share/shorewall/actions.std.
Illustrating with SMB traffic for instance, how can one use AllowSMB, DropSMB and RejectSMB to control SMB traffic instead of the classic
ACCEPT z1 z2 udp 135,445
ACCEPT z1
2004 May 07
5
mark ack with shorewall 2.x
Hi!
how can I mark ack packets with shorewall 2.x?
(In 1.x I have done it with own rule in common file)
TiA
CU
2004 Apr 20
2
Rule-specific Log Prefixes
The current CVS Project Shorewall2/ contains my implementation of this
feature. Thanks go to Xavier for ideas about the design.
Xavier -- please give my code a try and see if it works ok for you.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ t...
2005 May 18
3
odd line in current CVS for firewall
>From a diff of my current shorewall firewall script with the new one
from the CVS today :
$ diff -w /usr/share/shorewall/firewall /usr/src/shorewall/s/firewall
[...]
673c910
< for network in $networks; do
---
> for networks in $networks; do
I don''t think that "for networks in $networks" works well.
--
-IAN! Ian! D. Allen Ottawa, Ontario,
2005 Feb 18
7
$FW in tcrules
Hi Folks,
I''m a new user to Shorewall, it came installed on the redWall firewall
that I am using and I''m really happy with both projects! Thanks for all
your work on it!
I have a question about tcrules and $FW. I''m doing source policy
routing and need to be able to add an output rule to the mangle chain
with a source that is specific network, not 0.0.0.0/0. It
2005 Apr 21
4
PAT problem
Hello everybody,
I want to solve the following problem with Shorewall:
I have a computer with one NIC (eth0) with an internal IP address
(10.1.x.x), which is supposed to accept connections from various
clients (10.2.x.x) and redirect them to another IP address (10.3.x.x)
with a different destination port.
For example:
The software on the client computer is told to connect to the
Shorewall
2005 Apr 16
6
wishlist: ''none'' as source address in rules
Hi,
I plug my laptop in different networks and use the following hack to
configure automatically shorewall for trusted/untrusted networks:
In /etc/shorewall/params:
# none is a dummy zone associated to the loopback interface
NONE="none:0.0.0.0"
# Network scheme, automatically detected by intuitively
NETWORK_SCHEME="$(cat /etc/network/scheme 2>/dev/null)"
case
2004 Sep 07
6
Syntax for address range
I would like to add a rule allowing only the address 192.168.150.20 and the
range of addresses from 192.169.150.100 to 192.168.150.150 in zone dmz0 to
connect to two terminal servers in the local zone.
Is there a syntax that can specify a range of addresses in the rules file? Do
I have to enter each one separately?
--
Stephen Carville
Unix and Network Adminstrator
DPSI
6033 W.Century Blvd.
2004 Sep 13
17
Problem with openvpn tunnel
Hello,
I have the following situation :
Server with 2 nics
1 nics connected to the internet, 1 connected to the LAN
I have OpenVPN running on the system and the following setting in the
tunnels file :
===================================
openvpn:2000 net 62.58.0.226
openvpn:2001 net 62.58.0.226
openvpn:2002 net 62.58.0.226
===================================
All tunnels ran for weeks
2005 Mar 15
2
New feature for Shorewall 2.2.3
The following is taken from the Release notes for 2.2.3 (which will be
released in a month or so).
2) There has been ongoing confusion about how the
/etc/shorewall/routestopped file works. People understand how it
works with the ''shorewall stop'' command but when they read that
''shorewall restart'' is logically equivalent to ''shorewall
2005 Apr 07
2
how to configure
hi all
iam newbee, i ve install shorewall 1.3.11 on mandrake 8.2
, i ve eth0 with local ip 192.168.40.40/21 and eth1
203.128.65.22/255.255.255.248 the problem is
when my client try connect to internet the page cannot be
displayed and while client try ping to internet address
reply from 192.168.40.40 destination net unreachable
why it can happend ? anyone can give me a hand
2004 Aug 10
11
who gives access? was: why ADD_DNAT_ALIASES missing?
hi,
there was some email problems and i repeat my question too fast, but
this is the second part of my questions.
- only the rules and policy files give access right? ie. rules in the
FORWARD chain of the filter table in iptables ?
- is a line in masq file automaticaly add an accept rule too? eg. in
msaq file
eth0 <internal ip>
allow connection from <internal ip> (local zona) to the
2005 Jan 25
3
IPP2P broken?
Hi,
I tried shorewall 2.2.0-rc4 and 2.2.0-rc5 on 3 different machines (just to be sure it''s not pebkac). The IPP2P support is broken, line like:
DROP loc net ipp2p
generates:
iptables -A loc2net -j DROP
that''s _wrong_ :)
i have tried playing with debug to no avail, and I''m not that good at bashing...
just to be complete, the suggested status.txt from one of the
2005 May 25
5
Patch to fix dynamic add/delete to zone functinality
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I''m running systems with openswan and modified _updown script supporting
shorewall dynamic hosts. Because on problems with cvs head version of
openswan I found a error from shorewall dynamic hosts support. When host
is already in zone shorewall aborts adding process with error. This is
not good thing(tm).
I found out that deleting host from
2004 Oct 17
8
Shorewall and IPP2P
Hi!
I''m wondering whether anyone has successfully set up a bandwidth control
system using ipp2p and shorewall. I have been able to drop connecions
altogether, but I don''t seem to be able to get CONNMARK working with ipp2p.
Any pointers would be greatly appreciated :)
______________________________
Mario R. Pizzolanti
2012 May 18
11
Shorewall 4.5.4 Beta 3
4.5.4 Beta 3 is now available for testing. I apologize for the
back-to-back Betas but I guess it''s better to find these problems during
the Beta period rather than later.
Problems corrected:
1) This release includes all defect repairs from Shorewall 4.5.3.1.
2) When EXPORTMODULES=No in shorewall.conf, the following errors were
issued:
/usr/share/shorewall/modules: line 19: