Hey Tom, Sorry it''s taken me so long to follow this up, but I''m pleased to confirm that the syn flag change you made in the latest version solved the problem I was having trying to get shorewall to run in series with snort-inline. If anyone is interested, here''s the instructions, fairly step-by-step. http://www.catherders.com/tiki-view_blog_post.php?blogId=1&postId=71 Thanks for a darned fine firewall! Mike- -- If you''re not confused, you''re not trying hard enough. -- Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments, ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Michael W Cocke wrote:> Hey Tom, Sorry it''s taken me so long to follow this up, but I''m > pleased to confirm that the syn flag change you made in the latest > version solved the problem I was having trying to get shorewall to run > in series with snort-inline. > > If anyone is interested, here''s the instructions, fairly step-by-step. > http://www.catherders.com/tiki-view_blog_post.php?blogId=1&postId=71 > > Thanks for a darned fine firewall!You''re welcome, Mike -- and thanks for the update and the documentation. I''ll link your docs from the Shorewall site. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Tom Eastep wrote:> Michael W Cocke wrote: >> Hey Tom, Sorry it''s taken me so long to follow this up, but I''m >> pleased to confirm that the syn flag change you made in the latest >> version solved the problem I was having trying to get shorewall to run >> in series with snort-inline. >> >> If anyone is interested, here''s the instructions, fairly step-by-step. >> http://www.catherders.com/tiki-view_blog_post.php?blogId=1&postId=71Are there any Shorewall-specific instructions? I don''t see any at that URL. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
On Mon, 04 Sep 2006 17:23:01 -0700, you wrote:>Tom Eastep wrote: >> Michael W Cocke wrote: >>> Hey Tom, Sorry it''s taken me so long to follow this up, but I''m >>> pleased to confirm that the syn flag change you made in the latest >>> version solved the problem I was having trying to get shorewall to run >>> in series with snort-inline. >>> >>> If anyone is interested, here''s the instructions, fairly step-by-step. >>> http://www.catherders.com/tiki-view_blog_post.php?blogId=1&postId=71 > >Are there any Shorewall-specific instructions? I don''t see any at that URL.A triumph of your design - there aren''t any shorewall specific instructions aside from using the queue destination. No gotchas that I''ve identified either. I think shorewall may be the first program I''ve ever seen that managed that! Mike- -- If you''re not confused, you''re not trying hard enough. -- Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments, ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
If anyone is interested, here''s the instructions, fairly step-by-step. http://www.catherders.com/tiki-view_blog_post.php?blogId=1&postId=71 ========================================================== Are there any Shorewall-specific instructions? I don''t see any at that URL. ========================================================== I found FAQ 52 that points to nothing...the blog has already been removed ? ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Bill.Light@kp.org wrote:> > If anyone is interested, here''s the instructions, fairly step-by-step. > _http://www.catherders.com/tiki-view_blog_post.php?blogId=1&postId=71_ > > ==========================================================> > Are there any Shorewall-specific instructions? I don''t see any at that URL. > > ==========================================================> > I found FAQ 52 that points to nothing...the blog has already been removed ?FAQ 4d is about Snort-inline -- FAQ 52 is about blacklisting and log messages. The link in FAQ 4d works for me. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> If anyone is interested, here''s the instructions, fairly step-by-step. > _http://www.catherders.com/tiki-view_blog_post.php?blogId=1&postId=71_ > > ==========================================================> > Are there any Shorewall-specific instructions? I don''t see any at thatURL.> > ==========================================================> > I found FAQ 52 that points to nothing...the blog has already beenremoved ? FAQ 4d is about Snort-inline -- FAQ 52 is about blacklisting and log messages. The link in FAQ 4d works for me. -Tom ========================================================== Interesting - on a Windoze box with Mozilla 1.7.12 (my default browser) I do not see the right hand frame and only get a grey screen. I can see the blog pasting the link into Internet Exploder version 6.0.2800.1106 Thanks ! ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
> > Interesting - on a Windoze box with Mozilla 1.7.12 > <http://www.mozilla.org/releases/mozilla1.7.12> (my default browser) I > do not see the right hand frame and only get a grey screen. I can see > the blog pasting the link into Internet Exploder version 6.0.2800.1106 >Rapidly drifting off-topic.... With Mozilla 1.7.12 on a Linux box (Ubuntu Dapper), the page doesn''t render real well (the left frame is very narrow) but I can see the right hand frame. It looks fine under Firefox 1.5.0.5 (my default). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
On Tue, 5 Sep 2006 11:10:58 -0700, you wrote:>If anyone is interested, here''s the instructions, fairly step-by-step. >http://www.catherders.com/tiki-view_blog_post.php?blogId=1&postId=71 > >==========================================================> >Are there any Shorewall-specific instructions? I don''t see any at that >URL. > >==========================================================> >I found FAQ 52 that points to nothing...the blog has already been removed >?Nothing very shorewall specific - As long as you use the latest version of shorewall, setting the destination to QUEUE is it. The pain is on the snort end. Mike- -- If you''re not confused, you''re not trying hard enough. -- Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments, ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642