similar to: What does ir mean in Showall FW?

Has anyone encountered a situation where packets dropped by the newnotsyn chain can result in sporadic browsing problems, slowness, and even timeouts? I noticed that of the 3300 hits for newnotsyn in our current log (6 hours worth), over 2700 of them were to/from our proxy servers. And browsing through them, most *appear* to be otherwise valid packets from remote web servers that would have

Hello, I''ve been doing some tests on a firewall system running Shorewall 1.4, and have been getting some unexpected behavior when enabling the "newnotsyn" option. In the test setup, I have: ---------------------------------------- /etc/shorewall/interfaces net eth0 detect routefilter,tcpflags,blacklist loc eth1 10.0.0.255 dhcp,tcpflags,newnotsyn

Hi, I have shorewall version 1.4.10g on Redhat 9 Local clients are on eth1 in subnet 192.168.3.0/24. eth0 is for the outside (over xdsl with includes a ppp0 interface). Nessus (nessusd) is installed *on the firewall* and managed trough nessus (the client or frontend) running on one of the internal machines. When I was running a scan against 194.152.181.36 I observed several entries like

I have what strikes me as an odd problem with shorewall. Let me describe my setup. My desktop (alfred) is connected to the network through an ADSL modem. I am running rp-pppoe, and this works perfectly. I have a small home network, with two LANs; an Ethernet LAN (including a machine running Windows XP), and a WiFi LAN, including the laptop (william) I am using now. All the computers except for

Hello All, I am trying to implement OpenVPN on Fedora core Linux 3 with the latest pathces installed. This server is used only as firewall/internet gateway/proxy/VPN server, with kernel 2.6.1-1.27.FC3 and kernel 2.6.1-1.27.FC3 SMP It has two NIC''s eth0 (10.0.0.150) connected to ADSL, eth1 (192.168.3.12) connected to the local network. I use shorewall 2.4 on this machine. I like to test

Hi, I''m running shorewall-2.0.8-1mdk with iptables-1.2.9-7.1.101mdk on kernel-2.4.22-30mdk, Mandrake 10.1 (kernel-2.6.8.1.10mdk-1-1mdk is installed, but I haven''t rebooted yet). I get a significant number of newnotsyn packet denials from existing, valid connections. Most of these seem to be on port 80 and port 25, and directionality doesn''t seem to matter (I run

I have /bin/ash from rh8 installation and I have following error when I tried to change using ash instead of sh with shorewall-1.4.7: + eval options=$tap0_options + options= + list_search newnotsyn + local e=newnotsyn + [ 1 -gt 1 ] + return 1 + run_user_exit newnotsyn + find_file newnotsyn + [ -n -a -f /newnotsyn ] + echo /etc/shorewall/newnotsyn + local user_exit=/etc/shorewall/newnotsyn + [

Hi, Thanks for your reply . I am attaching the files needed by you herewith. The NAT device is called Pronto gateway which has two interfaces , namely eth0 and eth1. ''eth0'' has an ip address of 203.124.152.66 and eth1 has an ip address of 192.168.1.3 . All the client PCs are in 192.168.1.0 network [behind the NAT, the Pronto gateway] and use 192.168.1.3 as the default

Hello all: I''ve got a confusing issue. I had a working shorewall configuration (based on the two interface model) using DNAT for redirection to my HTTP server. The HTTP server is on my inside network (I know - bad juju, but one thing at a time). I changed my configuration this morning to use views in my BIND (named) configuration. Everyone outside the firewall is able to get in

Hi Guys, I need some help. I''ve been using shorewall for a while now and it''s been running beautifully, but I''m now experiencing some problems. It seems that connections are getting dropped much like the behavior described by the NEWNOTSYN=no option in the shorewall.conf file, but I have NEWNOTSYN=Yes in my file. The messages I see in my logs are things like:

I wonder if someone can tell me what these ''unknown'' remarks mean in my status file. They are only in the last portion of the file and are listed below. If they mean nothing, I will rest easy. But if not it means I need to fix something. Your thoughts would be appreciated. ---------------- udp 17 92 src=24.224.173.220 dst=24.222.0.75 sport=1027 dport=53 src=24.222.0.75

Sorry for the noise, but this is the message I meant to send to the list rather than replying to David directly. Unfortunately, I just sent his message to me before. From: mclagett at hotmail.com To: greened at obbligato.org Subject: RE: [LLVMdev] LLVM IR is a compiler IR Date: Thu, 6 Oct 2011 19:44:11 +0000 Thanks for your prompt reply. My answers are below at the end of your message.

Hello, I have this problem: when my mail server on the DMZ starts a connection to the internet it''s ip (213.58.230.26) is "masqueraded" with the firewall ip (213.58.230.50). I wouldn''t mind but there is a one customer who rejects the connection because it makes reverse dns and finds no dns entry for the firewall ip. How can i correct this? Thanks, MSantos shorewall

Hi, [Summary] There seems to be a bug when using the "+" wildcard notation in the interfaces file, in that rules are not generated in the fwd chain to permit traffic going out an interface with a "+" in it. [Details] The interface entries: loc tun0 detect routeback,newnotsyn loc tun1 detect routeback,newnotsyn loc tun2

From: Villmow, Micah Sent: Tuesday, September 11, 2012 12:51 PM To: llvm-commits at cs.uiuc.edu Subject: Proposal: New IR instruction for casting between address spaces Problem: Bit casting between pointers of different address spaces only works if all address space pointers are the same size. With changes from email chain [1][2], support for different pointer sizes breaks the bitcast instruction

Problems Corrected: 1) A problem seen on RH7.3 systems where Shorewall encountered start errors when started using the "service" mechanism has been worked around. 2) A problem introduced in earlier snapshots has been corrected. This problem caused incorrect netfilter rules to be created when the destination zone in a rule was qualified by an address in CIDR format.

Problems Corrected: 1) A problem seen on RH7.3 systems where Shorewall encountered start errors when started using the "service" mechanism has been worked around. 2) A problem introduced in earlier snapshots has been corrected. This problem caused incorrect netfilter rules to be created when the destination zone in a rule was qualified by an address in CIDR format.

I have an ADSL router, a linux box with two NICS connected to the router and another PC connected to the router. I installed shorewall using the two interface method. I can ping and see the webserver on the linux box from the local network, but not from the internet. Sys info as follows: [root@wilma root]# shorewall version 1.4.6b [root@wilma root]# ip addr show 1: lo: <LOOPBACK,UP> mtu

NAME ID a b c d 1 Control_1 probe~B01R01C01 381 213 345 653 2 Control_2 probe~B01R01C02 574 629 563 783 3 Control_1 probe~B01R09C01 673 511 521 967 4 Control_3 probe~B01R09C02 53 809 999 50 5 MM0289~RFU:11810.15 probe~B29R13C06 681 34 115 587 6 MM0289~RFU:9238.41 probe~B29R13C05 784 443 20 784 7 MM16597~RFU:36765.38 probe~B44R15C20 719 251 790 445 8 MM16597~RFU:41258.94 probe~B44R15C19 677

Hi, I have a big "name problem" with my internal mail server (10.0.0.152). It is "seen" on the internet through DNAT (213.58.230.27). Also there is a MX record pointing to the machine. Everything works fine from the outside. However i can''t set the mail clients on the lan pointing to the mx record, because this one points to 213.58.230.27 and the firewall