Displaying 20 results from an estimated 52 matches for "shorewall6".
Did you mean:
shorewall
2013 Jun 28
0
IPv6 two or more providers, duplicating routing table does not work
Hello,
shorewall6 seem to have problems duplicating the main routing table. shorewall6 tries to add the fe80::/64 route of every ipv6 configured interface to routing table 1.
The first route applies but the other ones not.
If i try to add the routes manually to routing table 1 i have to add the first fe80::/64 rout...
2013 Feb 01
3
[PATCH 0/2] A few Arch Linux specific changes
I''m attaching a few changes that are specific to Arch Linux and are motivated
by our recent switch to systemd.
System V init scripts are no longer used/supported on Arch Linux and,
therefore, the Arch Linux init scripts can be removed from Shorewall.
The two patches that follow are based against master; if it''s possible to
apply them to the upcoming Shorewall 4.5.13 as well,
2012 Jul 05
11
testing shorewall6 on a virtual machine
I want to test shorewall6 in a scenario with several virtual machines. Each virtual machine has the interface eth0.
With IPv4, I would assign an IP-alias to eth0:1 and so would have eth0 and eth0:1 as interfaces for shorewall6.
How is this done with IPv6?
Viele Grüße
Andreas Rittershofer
--
----------------------...
2009 Dec 06
6
shorewall6-lite's shorecap sourcing /usr/share/shorewall-lite/lib.base?
Hey all,
Just a sanity check, but should the shorecap script in shorewall6-lite
be sourcing /usr/share/shorewall6-lite/lib.base rather
than /usr/share/shorewall-lite/lib.base like it does currently?
In fact shouldn''t there be a general s/shorewall-lite/shorewall6-lite/
in shorecap in shorewall6-lite? Maybe there is more of that lurking
about as well.
Also, the...
2010 Feb 24
3
Using NFLOG in shorewall6
Dear all,
I have configured both shorewall and shorewall6 on my firewall. Shorewall is
using ULOG as logging target and since that did not seem to work I tried using
NFLOG in shorewall6. However, nothing is logged in the /var/log files.
Three questions:
- What am I doing wrong? I just use LOG=NFLOG in the params file.
- Can I use NFLOG for shorewall to...
2013 Nov 19
7
IPv6 connections won't be rejected nor logged
Hi,
I have servers where shorewall6 won''t reject nor log:
# cat /etc/shorewall6/zones
fw firewall
net ipv6
# cat /etc/shorewall6/interfaces
net eth1 tcpflags
(I also tried without "tcpflags", but no changes)
# cat /etc/shorewall6/policy
$FW all ACCEPT
all all REJECT info
# cat /etc/shorewall6/rules
SECTION NE...
2010 Oct 16
1
Interaction of Shorewall and Shorewall6 with a Teredo relay?
I looked online for documentation about this, but couldn''t find it.
Is anybody else running a Teredo relay, on a firewall that has both
Shorewall and Shorewall6 installed?
I''m running IPv6 at home (thanks to a Hurricane Electric tunnel).
I''m having trouble with external Teredo clients being able to ping my
home IPv6 addresses. All of these clients can reliably ping
"ipv6.google.com" 100% of the time, so I know it''s n...
2012 Feb 20
5
Upgrade from Shorewall 4.4.27.3 to 4.5.0.1
I''d like to ask for clarification on the upgrade procedure using tarballs. In the past, with version 4.4, I have downloaded shorewall-4.4.x.y.tar.bz2 and shorewall6-4.4.x.y.tar.bz2, extracted each, and executed ''install.sh -s'' in each directory.
Now there is a new package shorewall-core-4.5.x.y.tar.bz2. As I understand it, with version 4.5, this core package needs to be installed prior to shorewall-4.5.x.y and shorewall6-4.5.x.y. I find that...
2011 Jul 05
24
Shorewall 4.4.21 RC 3
RC 3 is now available for testing.
Problems corrected:
1) The Shorewall and Shorewall6 ''load'' and ''reload'' commands
previously used the setting of RSH_COMMAND and RCP_COMMAND from
/etc/shorewall/shorewall.conf (/etc/shorewall6/shorewall6.conf).
These commands now use the .conf file in the current working
directory.
2) The new par...
2011 Jul 05
24
Shorewall 4.4.21 RC 3
RC 3 is now available for testing.
Problems corrected:
1) The Shorewall and Shorewall6 ''load'' and ''reload'' commands
previously used the setting of RSH_COMMAND and RCP_COMMAND from
/etc/shorewall/shorewall.conf (/etc/shorewall6/shorewall6.conf).
These commands now use the .conf file in the current working
directory.
2) The new par...
2011 Dec 04
6
Shorewall 4.4.27 Beta 1
...s).
I have kept the same package structure for now, but I have begun work on Shorewall 4.5 where I will change the structure to eliminate more duplication on systems where the products are installed.
Beginning with this release, the following files are identical.
- /sbin/shorewall and /sbin/shorewall6
- /sbin/shorewall-lite and /sbin/shorewall6/lite
Since Shorewall6 requires Shorewall, /sbin/shorewall6 is now a symbolic link to /sbin/shorewall.
/sbin/shorewall-lite and /sbin/shorewall6-lite are both installed so that Shorewall6 Lite is not dependent on Shorewall Lite.
Shorewall and Shorew...
2011 Dec 04
6
Shorewall 4.4.27 Beta 1
...s).
I have kept the same package structure for now, but I have begun work on Shorewall 4.5 where I will change the structure to eliminate more duplication on systems where the products are installed.
Beginning with this release, the following files are identical.
- /sbin/shorewall and /sbin/shorewall6
- /sbin/shorewall-lite and /sbin/shorewall6/lite
Since Shorewall6 requires Shorewall, /sbin/shorewall6 is now a symbolic link to /sbin/shorewall.
/sbin/shorewall-lite and /sbin/shorewall6-lite are both installed so that Shorewall6 Lite is not dependent on Shorewall Lite.
Shorewall and Shorew...
2012 Jan 22
4
Proxyndp issue
Tom
In Shorewall6 4.4.27 the following proxyndp entry:
2001:4d48:ad51:24::f3 eth2 eth0 no no
does not add the required route.
The code produced in /var/lib/shorewall6/.restart is:
qt $IP -6 route del 2001:4d48:ad51:24::f3/128 dev eth2 run_ip route add
2001:4d48:ad51:24::f3/128 dev eth2
Splitting the lin...
2012 Jan 02
2
Shorewall 4.5.0 Beta 1
...ation issues.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) The start and restart commands in Shorewall Lite and Shorewall6
Lite now correctly handle the ''trace'' and ''debug''
keywords. Previously, those keywords were ignored.
----------------------------------------------------------------------------
I I. K N O W N P R O B L E M S R E M A I N I N G
-----------...
2012 Jan 02
2
Shorewall 4.5.0 Beta 1
...ation issues.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) The start and restart commands in Shorewall Lite and Shorewall6
Lite now correctly handle the ''trace'' and ''debug''
keywords. Previously, those keywords were ignored.
----------------------------------------------------------------------------
I I. K N O W N P R O B L E M S R E M A I N I N G
-----------...
2009 Mar 10
1
IPv6 under Centos?
I wonder if anyone is running IPv6 under Centos-5.2?
Particularly with shorewall?
I see that shorewall6 is specifically designed for updating shorewall
to IPv6, as described in <http://www.shorewall.net/IPv6Support.html>.
Unfortunately, this explicity requires kernel 2.6.25 or later,
and iptables 1.4.0 or later,
both of which are later than any versions I've seen on a Centos repository.
I...
2012 Dec 04
2
shorewall6: IP fragementation getting blocked?
Hey,
I have a setup that has one machine communicating to a server using UDP
over IPv6. For specifics, it is using collectd with a boosted
MaxPacketSize in the network config.
What this means is there is some IP fragmentation happening, and that
is getting REJECTed. My policy is to REJECT, and I have an ALLOW for the
particular communication I want. What I''m getting in my logs is
2011 Aug 02
5
selinux issues
Please see https://bugzilla.redhat.com/show_bug.cgi?id=727648 for more info.
Shorewall executes some bash code like the following:
while read address interface external haveroute; do
qt $IP -4 neigh del proxy $address dev $external
[ -z "${haveroute}${g_noroutes}" ] && qt $IP -4 route del
$address/32 dev $interface
2011 Sep 02
10
Shorewall 4.4.23 RC 2
RC 2 is now available for testing (Early RC1 testing on a RedHat-based
system with dynamic provider gateways uncovered a couple of debilitating
defects in the enable/disable logic).
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in
2011 Sep 02
10
Shorewall 4.4.23 RC 2
RC 2 is now available for testing (Early RC1 testing on a RedHat-based
system with dynamic provider gateways uncovered a couple of debilitating
defects in the enable/disable logic).
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in