Hi, In a routed network setup , is it possible to use ProxyARP given the condition that the shorewall external interface and the DMZ interface are in a completely different network . That means the gateway of the External interface and the hosts in ProxyARPed DMZ zones are in different network. eth0 ---in 220.227.X.Y/30 -- shorewall external interface eth1 ---in 220.227.A.B/27 -- shorewall dmz interface with proxyARP -Siva This email contains Indscape Softech Pvt Ltd.''s confidential information. No confidentiality is waived or lost by any mistransmission. Indscape Softech Pvt Ltd.,reserves the right to monitor all e-mail communications through its network.
Tom, I understand and regret for the mistake. I have reframed the question as given below. -Siva Hi, In a routed network setup , is it possible to use ProxyARP given the condition that the shorewall external interface and the DMZ interface are in a completely different network . That means the gateway of the External interface and the hosts in ProxyARPed DMZ zones are in different network. eth0 ---in 220.227.202.40/30 -- shorewall external interface eth1 ---in 220.227.176.0/27 -- shorewall dmz interface with proxyARP -Siva -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net]On Behalf Of Tom Eastep Sent: Monday, April 11, 2005 12:19 AM To: Mailing List for Shorewall Users Subject: Re: [Shorewall-users] FW: ProxyARP in a Routed environment Sivamurugu K. Pillai wrote:> > Is not this query worth answering? >I''m sorry -- this is a list for technical help, not puzzles. If you want to give me the REAL IP addresses that you are dealing with, I will try to help you. I abosolutely refuse to answer your question if I have to consider the entire range of possible values of X,Y,A and Y. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key _______________________________________________ Shorewall-users mailing list Post: Shorewall-users@lists.shorewall.net Subscribe/Unsubscribe: https://lists.shorewall.net/mailman/listinfo/shorewall-users Support: http://www.shorewall.net/support.htm FAQ: http://www.shorewall.net/FAQ.htm This email contains Indscape Softech Pvt Ltd.''s confidential information. No confidentiality is waived or lost by any mistransmission. Indscape Softech Pvt Ltd.,reserves the right to monitor all e-mail communications through its network.
Sivamurugu K. Pillai wrote:> In a routed network setup , is it possible to use ProxyARP given the condition that the shorewall > external interface and the DMZ interface are in a completely different network . That means the > gateway of the External interface and the hosts in ProxyARPed DMZzones are in different network.> > eth0 ---in 220.227.202.40/30 -- shorewall external interface > > eth1 ---in 220.227.176.0/27 -- shorewall dmz interface with proxyARP >I don''t see how Proxy ARP would be useful here since the networks are disjoint. Hosts on the external side won''t be issuing ARP who-has requests for addresses in the DMZ and hosts in the DMZ won''t be issuing ARP who-has requests for addresses in the external network. In this configuration, you will have to assign an address from the /27 to eth1 and make that address the default gateway for the DMZ hosts. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
How I enable Skype to my network. ? I have Shorewall v2.2.2 and Squid 2.5 Att. Rafael -- Rafael Schleuss rafaels@dynamix.com.br ---------------------------------------- Dynamix Software Ltda. Rua República Argentina, 704, sala 202 Ponta Aguda, 89050-100 Blumenau SC Brasil Tel.: +55 47 3037.7006 http://www.dynamix.com.br
Rafael Schleuss wrote:> How I enable Skype to my network. ? > > I have Shorewall v2.2.2 and Squid 2.5 >You shouldn''t have to do anything special to enable Skype. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
My network is closed , and i have only a proxy access to internet. Exists a special rule to enable skype in firewall ? A port number ? Tom Eastep escreveu:>Rafael Schleuss wrote: > > >>How I enable Skype to my network. ? >> >>I have Shorewall v2.2.2 and Squid 2.5 >> >> >> > >You shouldn''t have to do anything special to enable Skype. > >-Tom > >-- Rafael Schleuss rafaels@dynamix.com.br ---------------------------------------- Dynamix Software Ltda. Rua República Argentina, 704, sala 202 Ponta Aguda, 89050-100 Blumenau SC Brasil Tel.: +55 47 3037.7006 http://www.dynamix.com.br
Rafael Schleuss wrote:> My network is closed , > and i have only a proxy access to internet. > Exists a special rule to enable skype in firewall ? > A port number ? >I don''t know. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Tom Eastep wrote:> Rafael Schleuss wrote: >>My network is closed , >>and i have only a proxy access to internet. >>Exists a special rule to enable skype in firewall ? >>A port number ? >> > > I don''t know. >According the the Skype web site, Skype is supposed to work through http/https proxies but may need to be configured to do so (especially when running on Linux). This really isn''t a Shorewall question... -tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
Hi , i switched to windows to check which ports are used, The ports are : udp 15977 tcp 15977 tcp 2546 tcp 443 Hope it helps. Franck Monday, April 11, 2005, 2:33:32 PM, you wrote: TE> Tom Eastep wrote:>> Rafael Schleuss wrote: >>>My network is closed , >>>and i have only a proxy access to internet. >>>Exists a special rule to enable skype in firewall ? >>>A port number ? >>> >> >> I don''t know. >>TE> According the the Skype web site, Skype is supposed to work through TE> http/https proxies but may need to be configured to do so (especially TE> when running on Linux). TE> This really isn''t a Shorewall question... TE> -tom
Am Montag, 11. April 2005 20:29 schrieb Rafael Schleuss:> My network is closed , > and i have only a proxy access to internet. > Exists a special rule to enable skype in firewall ? > A port number ? > > Tom Eastep escreveu: > >Rafael Schleuss wrote: > >>How I enable Skype to my network. ? > >> > >>I have Shorewall v2.2.2 and Squid 2.5 > > > >You shouldn''t have to do anything special to enable Skype. > > > >-TomMaybe you have to change anything for squid, but no changes are necessary for shorewall to use skype. kp
http://www.skype.com/help/guides/firewall.html "If the above is not possible, Skype versions 0.97 or later can use a HTTPS/SSL proxy. In order to do that, you have to configure the proxy address in Internet Explorer options. Then Skype will be able to use it as well." On Mon, 2005-04-11 at 15:29 -0300, Rafael Schleuss wrote:> My network is closed , > and i have only a proxy access to internet. > Exists a special rule to enable skype in firewall ? > A port number ? > > > Tom Eastep escreveu: > > >Rafael Schleuss wrote: > > > > > >>How I enable Skype to my network. ? > >> > >>I have Shorewall v2.2.2 and Squid 2.5 > >> > >> > >> > > > >You shouldn''t have to do anything special to enable Skype. > > > >-Tom > > > > > >