Displaying 20 results from an estimated 25 matches for "suffield".
Did you mean:
asuffield
2006 Nov 14
20
Shorewall performance
I have a couple of firewalls that are rather complicated - one has 21
interfaces, and the other has about 50 (there''s some heavy use of
802.1q, they only have half a dozen network cards). They work okay,
but - compiling the rules takes a long time even on the faster
servers, and restarting shorewall-lite takes between 5 and 10 minutes
(during which time, only the routestopped stuff will
2007 Nov 21
9
Trouble with DNAT After Upgrade
I''ve upgraded a 3-interface system from 2.0.8 to 3.2.6 on Debian, and I''m not
able to make DNAT work anymore. If someone could offer a suggestion of where
to look to fix this, it would be very much appreciated.
Problem Summary:
If I set DETECT_DNAT_IPADDRS=Yes, then I can''t access anything on my DMZ via
DNAT.
If I set DETECT_DNAT_IPADDRS=No, then **EVERYTHING**
2007 Nov 21
9
Trouble with DNAT After Upgrade
I''ve upgraded a 3-interface system from 2.0.8 to 3.2.6 on Debian, and I''m not
able to make DNAT work anymore. If someone could offer a suggestion of where
to look to fix this, it would be very much appreciated.
Problem Summary:
If I set DETECT_DNAT_IPADDRS=Yes, then I can''t access anything on my DMZ via
DNAT.
If I set DETECT_DNAT_IPADDRS=No, then **EVERYTHING**
2008 Jan 10
5
Want to log all ISP traffic to ULOG
I want to use fprobe-ulog (http://fprobe.sourceforge.net/) to generate
NetFlow information about traffic going through my router. The question
is how to get the logging rules added to the appropriate chains (I''m
assuming eth2_in and eth2_out in my case)? I''m using the perl version
of shorewall 4.0.6.
--
Orion Poplawski
Technical Manager 303-415-9701
2007 Dec 18
11
Shields-Up Scan of Shorewall Firewall
Guys,
After i got the port forwarding and everything else
working as per my previous post, i ran a shields-up
scan from grc.com on the firewall, i.e. a scan of the
external interface.
I m a little suprised at the results. On the firewall
i have postfix running ( smtp port 26 ), openssh ( ssh
port 22) and port forwarding of port 85 (on the
firewall ) to an internal host.
The Shields-Up scan
2008 Mar 26
8
Hub/Spoke OpenVPN can't communicate from Client A to Client B - FORWARD:REJECT:IN=tun0 OUT=tun0
Hi, I am running OpenVPN where i have one central hub VPN server, and multiple spoke VPN clients. I can ping from each client to the server and each client to computers on the subnet which the server resides (192.168.2.0/24) so it works ok there. I cannot however, ping from one client to another client. I guess the packet path would go:
clienta -> vpn -> shorewall/router -> vpn ->
2007 May 25
49
Problem with ssh limit and scp stalling
Hi,
I have a very simple server setup, using shorewall as my firewall. I
have a line like this at the top of my rules file to allow ssh
connections, but limited to 3 connection per minute with a burst rate
of 3:
SSH/ACCEPT net $FW - - -
- 3/min:3 -
Now when I have that in place, and from a remote machine run scp
server:/some/file ., I find
2007 Jul 08
6
mldonkey/edonkey - servers not connected
Hi,
I''m running mldonkey on same box as shorewall.
I follow this http://mldonkey.sourceforge.net/ShorewallConfiguration to open
ports for edonkey protocol
I add in /etc/shorewall/rules:
# eDonkey 2000
ACCEPT net $FW tcp 4662
ACCEPT net $FW udp 4666
but I could not connect to any edonkey server.
I check logs and notice that udp traffic on port 4666 is still dropped.
Jul 8 22:35:57
2006 Sep 05
3
Testing vs Production manifests
...(duplicating the object and renaming
it would probably fix this, though).
Does anyone have any comments on my solutions, or better ways to solve this
problem?
- Matt
--
when SuSE are doing better than you at publishing the tools they use, it''s a
hint that maybe you suck.
-- Andrew Suffield, debian-devel
2007 Feb 09
26
transient "martian source ..." errors
Hi All,
As you probably all know :-) I''m trying to do the multi-isp thing. I''ve
resolved my last issue with the route_rules as suggested by Tom and
Jerry suggested.
Lately I have been seeing "transient" (I say transient because the
problem will persist for a while and then magically clear itself up some
number of minutes later) situations where my gateway will log:
2007 Sep 12
21
MultiISP: failover and dynamic IP
Dear list,
Shorewall is running here with 2 ISP''s:
ISP1: corporate ADSL-line with fixed set of IP''s
ISP2: fast consumer-grade cable-connection with higher bandwidth
All our main traffic (web, e-mail) is routed trough ISP1. Only for
special purposes (frequent large ftp-transfers) ISP2 is used, configured
trough tcrules.
ISP2 is not so reliable as ISP1 (duh) and they sometimes
2004 Oct 12
6
Classful Queuing
...problem or missing something?
I''ll happily provide any clarification or additional information needed.
--
Jamin W. Collins
It has always been Debian''s philosophy in the past to stick to what
makes sense, regardless of what crack the rest of the universe is
smoking. -- Andrew Suffield
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
2008 Jan 31
10
QoS Sample config ?
Hi
I am search a sample config for my linux box:
Shorewall 3.2.3
Eth0 => Internet Access 4Mbits on ethernet
Eth1 => Lan
Eth2 => Lan 2
Eth3 => Lan 3
i want limit the internet access:
Eth1 = 2 Mbits
Eth2 = 0,5 Mbits
Eth3 = 1,5 Mbits
but if eth1 don''t use 2 Mbits other lan can use it
anyone have a simple sample config for help me ?
Thanks bye
2007 Dec 14
6
kernel panic with shorewall
I have an old Pentium II which I use as a gateway and firewall
for a home network. The external interface is a modem on ppp and the
internal interface is ethernet. I have had this setup running
successfully for many years starting with the early 2.x series
Shorewall.
My ISP recently changed my dial-up ''phone number and presumably also
the system at the other end of my modem (they
2007 Oct 30
18
How do I configure shorewall to work with VoIP SIP?
Hello,
Let me first start by saying Shorewall is awesome, and I use it
everywhere from single box firewall, to home network firewall, even to
our corporate firewall.
I am experiencing a problem getting my home firewall to work with my
BroadVoice VoIP connection. I use the Sipura SPA-2100 ATA (Analog
Telephone Adapter) that came with my BroadVoice account. This happened
when I tried to replace
2007 May 04
2
Editing the references
Hi all,
I''ve just noticed that two wiki users edited the wiki reference
documents. One of these edits (to the function reference) was a good
edit but would have been overwritten if I did not find it. The other
edit (s/darwinports/macports/g) made the documentation incorrect,
since the provider actually is called darwinports (even if that
itself is a bug).
I haven''t
2006 Nov 30
14
My macro is flawed?
Hi all,
I have a VPN setup but it only works once in a while. It seems my firewall
(shorewall 3.0.8) is blocking protocol 47.
Here is what I have:
eth0: internet
eth2: dmz - my pptp server
My entry In the rules file:
pptp/ACCEPT fw dmz:192.168.253.2
My pptp macro
###############################################################################
#ACTION SOURCE
2006 Dec 30
9
puppetd.pid and SMF woes
So when puppetd crashes/whatever, and a pid file is left behind, SMF
in Solaris will try restarting puppet, but fail. And then it sits
there restarting it forever.
I''m not sure if I can adjust the flap detection in SMF.. it isn''t
disabling the service for "restarting too quickly" because it takes so
long to start. Probably because I''m NFS-mounting ruby. The
2007 Aug 20
6
have to restart shorewall after a dynamic IP change
Hi,
I''ve to restart shorewall when my dynamic IP was changed from my ISP.
Of course i can with a shell script do it automatically, but the
question is still there.. why ?
mess-mate
--
"I understand this is your first dead client," Sabian was saying. The
absurdity of the statement made me want to laugh but they don''t call me
Deadpan
2008 Feb 29
5
shorewall-perl not handling "logmartians" correctly
I''ve set up a simple 2-interface Linux router using shorewall-perl 4.0.8
(and upgraded to 4.0.9). Everything works flawlessly. One small
exception I have noticed (since I''m a new shorewall user I
assume this is probably an error on my part).
1. Problem:
With no "logmartians" entries in /etc/shorewall/interfaces,
shorewall-perl sets