Displaying 16 results from an estimated 16 matches for "shorewall_and_routing".
2005 Jun 29
5
Dual-ISP Masq
I know this is a FAQ and that it''s been discussed much before, I''m just
looking for a few key things.
I need to setup our gateway so that traffic FROM a range of IPs is sent
out, masqueraded, via a new cable connection.
I''m running 2.6.9.
Am I going to require any of the CONNMARK patches or other patches from
http://www.ssi.bg/~ja/#routes? I''m really not sure
2005 Jun 29
3
DHCP assigned gateway in /etc/shorewall/providers?
...e gateway in
/etc/shorewall/providers? I have in my scenario:
eth0 dsl (static IP)
eth1 cable (dhcp assigned IP)
eth2 lan1
Is it possible to specify the gateway as a variable based on the current
DHCP lease (like $eth0_gw)? I''m following the documentation at
http://www.shorewall.net/Shorewall_and_Routing.html.
-Scott
2005 Jun 27
2
RTNETLINK answers: File exists
...Available
IP range Match: Available
Recent Match: Available
Owner Match: Available
Ipset Match: Not available
ROUTE Target: Not available
Extended MARK Target: Not available
CONNMARK Target: Available
Connmark Match: Available
I have been following
http://www.shorewall.net/Shorewall_and_Routing.html#id2452708
my providers looks like this:
#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY
OPTIONS
INT1 1 1 main eth1 172.16.0.1
track,balance
IP1 2 2 main eth2 172.16.0.2
track,balanc...
2005 Mar 02
12
Problem with outgoing Masquerade
I''m having another little problem with my new firewall. I want outgoing port
25 from my mail server to appear on the address 65.223.121.227 so I created
the file masq:
eth2 192.168.124.18 65.223.121.227 tcp 25
eth1 eth5
eth1 eth3
eth1 eth4
eth1 == net0 == 209.189.103.196/27
eth2 == net1 == 65.223.121.237/28
eth3 == dmz0
eth4 == dmz1
eth5 == loc ==
2005 Apr 27
5
Shorewall and P2P traffic
Hi all,
I have just upgraded to a new satellite internet provider. I have two network cards - one with a public IP connected to my satellite router, and the second network card with private IP into my switch for the LAN. Shorewall firewall
My old satellite system is not being used.
Would it be possible/feasable to install a third network card into my Fedora Core 2 server, and then direct all
2005 Apr 07
4
Shorewall in a Routed network
Hi,
In a routed network environment, without the router , we want to use the shorewall as the firewall/router. The ISP has assigned the following set of IP addresses.
WAN IP for subnet 1 (DATA)
220.227.202.X/30 ( to be assigned to eth0 of the shorewall)
WAN IP for subnet 2 (Voice)
220.227.202.Y/30 ( to be assigned to eth1 of the shorewall)
Addresses assigned for Subnet 1 by
2005 May 19
1
Shorewall 2.3.2
...multiple-ISP
support. There is one external change to the version that has been in
CVS for the last couple of days -- the ''default'' provider option has
been named ''balance'' to better describe what the option does (load
balancing).
Please see http://shorewall.net/Shorewall_and_Routing.html for more
information on the features in this release.
New Features in version 2.3.2
1) Shorewall 2.3.2 includes support for multiple internet interfaces to
different ISPs.
The file /etc/shorewall/providers may be used to define the
different providers. It can actually be used to de...
2005 Mar 18
1
Routing using DSL and T1
Hi,
I just got a DSL line and want to make shorewall to route some traffic
over the DSL and some over T1. Can I do it using shorewall?
Thanks,
Wahid Sharif
Systems Administrator
Placemark Investments
Phone: 972-404-8100 x2032
2006 Mar 09
3
Shaping questions
Hello Shorewall users,
I have some questions I am hoping someone can answer. I have searched
around the archives but so far I have been unable to find answers. I
am trying to configure traffic shaping on my router/firewall box
running Shorewall 3.0.5/kernel 2.4.31 and have run into some
problems/questions.
My basic set up is: 1500/256kbit ADSL (PPPoE/ppp0) -> Shorewall box
2005 Apr 06
1
shorewall, multiple internet connections and emule
Hi to everybody, I write because I have just configure a shorewall
to be used as firewall, proxy(with squid) and gateway to 2 internet
connections, and it looks to work properly but now I''d like to add a new
feature: I would to redirect some specific traffic (emule''s one) only to
one of those links.
This is my diagram:
2005 Jun 06
23
Multi-ISP in 2.4.0
Hello Shorewall list,
I''m a happy Shorewall user since a few years now and everything works fine
for me except one thing that I try to implement since a week, the multi-isp.
I''ve downloaded the 2.4.0 Stable release yesterday and tried the RC2 since a
week.
My config is a Debian running a kernel 2.4.27 home made with the
CONNMARK.diff patch applied
I''m using 2 ISP,
2006 Apr 02
1
Two ISP
Hello all.
First of all, please be a bit indulgent to my poor English :-).
Second, this message is "kinda" BIG, so if you don''t like BIG
messages, simply don''t read it :-).
I''ve read http://shorewall.net/2.0/Shorewall_and_Routing.html
and http://shorewall.net/MultiISP.html, however I still a bit confused how
to organize what I need :-).
I''ve a simple "layout" like a lot of people here have:
eth0
LAN (192.168.1.0/24) ------ Shorewall --- eth1 --- DSL --- SVR...
2005 Mar 06
1
3 Interface problem
Having a problem with the 3 interface setup. I can get DMZ hosts, and
FW to see internet, but anything on LOC interface is unable to get
out. My first post to the list didn''t have the information needed,
sorry for that, but thank you for pointing me to more resources. I''ve
looked at the problem myself some more, but am still stuck.
Shorewall Version: 2.2.1
ip addr show
1:
2005 Mar 01
3
Problem with multiple ISP''s
I have a setup with two Internet providers. One circuit (net0 == eth1) is
used primarily for employees and tunnels to other sites. The other (net1 ==
eth2) is for the production machines that customers access. Everythung works
in teh sense that packets get to where they are sent (mostly) but I recently
I had a sniffer on the system and noticed a problem I cannot solve. traffic
coming in
2005 Jun 24
6
Is it that difficult?
Hello,
You will find in attachment the layout of my
current physical configuration.
For now, the Cable ISP is not used. Since it
is a dynamic ISP, my mailserver is rejected and
my domain name registers on blacklists like ORDB
and al.
I want it to be used as a default gateway except
for my mail server that would be seen as coming
from my "honest" ADSL ISP.
Here is
2005 May 31
11
More Tests for 2.4.0-RC2 - strange behaviour
...130.252.99.254 track,balance''
+ read first rest
+ ''['' x# = xINCLUDE '']''
+ echo ''# ''
+ read first rest
+ ''['' x# = xINCLUDE '']''
+ echo ''# For additional information, see http://shorewall.net/Shorewall_and_Routing.html''
+ read first rest
+ ''['' x############################################################################## = xINCLUDE '']''
+ echo ''############################################################################## ''
+ read first rest
+ ...