similar to: Just a quick Q

Hi guys, I''m not sure where to post for help on this one, shorewall or lvs, I''ll start with shorewall (only cause Tom is a gun at this stuff, and is polite enough to tell me to bugger off to the LVS list if I''m posting in the wrong one ;) I have a single box that is my router/firewall/LVS. Internet -- eth0 - router/firewall - eth1 --- internal lan | eth2

I'm having trouble with R CMD INSTALL Rmpi_0.5-5.tar.gz --configure-args=~/lam lam is is installed locally. lamboot -d (or lamboot-d and also recon) works. make -k check from the lamtest suite passes all tests. Is this is problem with the -fPIC compiler as in the message? Should it be modified in the Makefile? Any help or comments are appreciated, thanks. * Installing to library

Hi, Just seeking some clarification on the current state of play with masqing ipsec connections. I have a client who establishs many different outbound ipsec connections. So thats - many local clients, through linux firewall, to many different ipsec ''servers''. they currently assign a public ip for outbound nat to each user to connect out to the ipsec connection, so we have a one

This is a minor release of Shorewall which rolls up a number of bug fixes. New features include: 1. A NEWNOTSYN option has been added to shorewall.conf. This option determines whether Shorewall accepts TCP packets which are not part of an established connection and that are not ''SYN'' packets (SYN flag on and ACK flag off). 2. The need for the

Hi all. I''m using Jamal''s ifb virtual interface from new kernel. Redirecting incoming traffic from external interface like that: # tc [blahbla] match u32 0 0 flowid 1:0 action mirred egress redirect dev ifb0 to ifb to shape it. The problem is that I''m using MASQUERADE by netfilter also. That redirected traffic coming from internet gets to ifb _before_ DNAT is done.

Hello all, I’m currently trying to figure out how to forward ports to guests that are on a NAT Network. I have followed the directions on https://wiki.libvirt.org/page/Networking under the “Forwarding Incoming Connections” Section and get connection refused when attempting to connect. System: Ubuntu Server 18.04.1 Virsh / LibVirtd Version: 4.0.0 Here’s the contents of /etc/libvirt/hooks/qemu  

I tried to the new GATEWAY option in /etc/shorewal/interfaces file but it didnt work. My network setting consists of 2 ISPs line and i would like to have eth0 to connect to for example, 192.168.15.254 while eth1 connected to 192.168.33.254. I restarted shorewall and nothing is wrong. However, the traffic still goes to the default gateway as shown in "route -n" command. For example, i

Folk, My network is described and illustrated here. http://carnot.yi.org/NetworksPage.html To allow Cantor and Dalton, in the vpn zone connected to Joule through tun0, to SMTP to my ISP, I tried this in /etc/shorewall/masq. #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC MARK eth0 tun0 Shorewall complains. 07:21:58 Setting up Masquerading/SNAT... 07:21:58 To 0.0.0.0/0

I''ve kept this one on the back burner for a while, waiting for it to mature before attempting to use it, and now having seen OpenBSD ship with IPSec I''m getting a bit impatient =). What is the status of IPSec for Linux (and more specifically RedHat)? By this I mean I just did some www browsing/etc and found about a half dozen different implimentations, ranging from NRL, to a

Hi, I am wondering if it is possible to do the following with shorewall. I operate a network with some additional IP''s that are SNAT''d to various server machines on my network. One of my machines is a Terminal server. I need to be able to RDP to various servers for clients, that are IP locked for RDP on my PtP address, not the SNAT address of my Terminal server. Can I

-----BEGIN PGP SIGNED MESSAGE----- Hi everyone - Someone I''m working with has a requirement to map ethernet card addresses to unique IP addresses, and then have a Linux IP masquerade server know of this mapping list and not allow any data to pass from any ethernet card that a) it doesn''t know about, or b) isn''t assigned the right IP. Ideally it would also log this

Hello! I've setup tinc almost succesfully, but there is one problem remaining with a routing issue. Short Description of the situation : Workstation A (192.168.1.3) | | Tinc Host "50K" (192.168.1.1) | | <Unknown Firewall> + + + <Masq Firewall (Linux)> and Tinc Host "oeoe" (192.168.2.1) | | Workstation B

Hi I have using a Bering (LRP) box with shorewall, and I must enable IP masquedare only a few hosts on my network. I want to enable only masquerade from 192.168.0.2 to 192.168.0.25. What I must do ? I known that I have to configure the /etc/shorewall/masq file, but I don''t known how. Thanks in advance.

I have a debian woody machine acting as a firewall for a small network. I am trying to do a simple DNAT to port 80 on the protected webserver and masquerade all traffic from the protect subnet outbound. After having read the FAQ and various posts regarding problems with DNAT I''m afraid I''m no closer to a solution. Based on the output from "shorewall show nat" I

Dear All, Firstly, thank you very much - shorewall is great. I''m not a member of this list, and please forgive me if I am suggesting something stupid, but the following occurs to me, and I thought it might be useful. Why no make it possible to specify zones as well as interfaces in the /etc/shorewall/masq file ? Eg: instead of: eth0 eth1 one might write: net loc (or masq in

I''ve just discovered that I do not have access to the remote gateways for a set of IPsec tunnels to remote networks. This prevents me from changing the routing table on those gateways. I need "roadwarrior" systems connecting to me local network using OpenVPN (tun) to be able to access those systems. Since the remote gateways don''t know about 10.100.1.0/24, where my

Hello, on my old system I''m using ipchains. Can anyone help me with converting rule /sbin/ipchains -A forward -j MASQ -s source_addr -d destination_addr 443 -p tcp to shorewall. I know that I can write eth0 source_addr to /etc/shorewall/masq file but I can''t found where I can specify the destination address. The reason for this is to allow one user (computer) access only to

On 7/2/2018 3:16 PM, Sanjay Patel wrote: > I also agree that the per-element rotate for vectors is what we want for > this intrinsic. > > So I have this so far: > > declare i32 @llvm.catshift.i32(i32 %a, i32 %b, i32 %shift_amount) > declare <2 x i32> @llvm.catshift.v2i32(<2 x i32> %a, <2 x i32> %b, <2 x i32> %shift_amount) > > For

Hello all, I have a problem with external access to a postfix mailserver running on my firewall as a mail-gateway. My setup with shorewall 2.2.0 rc4 is as follows: eth0 is zone isf - this is an intranet to other companies eth1 is zone loc - local network eth2 is zone net - internet, fix ip adress eth0 and eth1 are bridged shorewall version 2.2.0-RC4 ip addr show 1: lo: <LOOPBACK,UP> mtu

Hi all! I try to make port based routing, because a have two connections to the internet. My router is a "one disk floppy router for linux". It is a big router project www.fli4l.de. I try also to make a opt, it is like a plugin for this router. This project uses Kernel 2.2.19 compiled with libc5 (because it is small and you can use one floppy disk). At the moment, iproute2 is not