similar to: 1 WIN_DOMAIN/2 subdomains

Rowland, OK. Should I delete these lines? diff yours mine 63d62 yours# -A ufw-after-logging-output -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] " 85,87d83 yours# -A ufw-before-logging-forward -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW AUDIT] " yours# -A ufw-before-logging-input -m conntrack

Yes, Try this ( copy past-able. ) ufw disable ufw reset ufw limit 22/tcp ufw allow in proto tcp from any port 389,1024:65535 to any port 1024:65535 ufw allow 139,445/tcp ufw allow 137,138/udp ufw --force enable Sorry for the late reply, but im bit busy with some servers here. Greetz, Louis > -----Oorspronkelijk bericht----- > Van: samba [mailto:samba-bounces at lists.samba.org]

On Wed, 6 Feb 2019 16:05:40 -0500 Martin McGlensey via samba <samba at lists.samba.org> wrote: > Rowland, > > Did some editing in smb.conf that I had to reverse. Now I'm back to > being able to connect with the firewall disabled. When I enable the > firewall I get as far as windows network -> workgroup but no > connection. I have only the rules you recommended in

Hello All, I have a strange problem regarding samba 3.0.37 I have samba server installed in the local network behind NAT, the router iptables are configured as follows: #samba $IPT -t nat -A PREROUTING -i $INET_IFACE -p udp -d $INET_IP -m multiport --dports 137,138 -j DNAT --to-destination $FILESERV $IPT -t nat -A PREROUTING -i $INET_IFACE -p tcp -d $INET_IP -m multiport

Rowland, Did some editing in smb.conf that I had to reverse. Now I'm back to being able to connect with the firewall disabled. When I enable the firewall I get as far as windows network -> workgroup but no connection. I have only the rules you recommended in your last email. Louis, The information you requested is below: martin at radio:~$ dpkg -l|egrep "iptables|ufw" ii 

Hi, I have a proxy/firewall, I want to dnat requests for 193.205.140.106 on port 443 towards 10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389 towards 10.2.15.25, these rules must apply from internet, loc and fw (some client use a proxy on fw to reach these servers) I have tried with the following rules: DNAT net dmz:10.2.15.23 tcp 443 -

Louis, Made the changes. Still unable to mount office. Firewall also blocks Thunderbird mail and maybe internet. Will check that more fully later.Any thoughts ob Tony's response? Outputs: martin at radio:/etc$ sudo apt-get install ufw Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no

(if this post gets line-feed-mangled please read http://www.dl.reneschmidt.de/shorewallxenpost.txt - that''s an unmangled version, thank you) Hello, first I would like to thank the Mr. Eastep and contributors for this great piece of software and superb documentation. I have a SOHO server (Debian testing) that I''m using for several purposes so I''ve set up a Xen

Been running this for quite a while and noticed that have intermittent problems getting out. Find that if I ping the same site from 2 computers it may work on one and fail on the other. Also was surprised that some time they are going out different interfaces at the same time. Seems to work all the time from the firewall. Running 2.6.10 kernel with the multipath routing patches on a debian

Last week I had a couple of outages one machine, the problem was that Asterisk suddly stopped responding to UDP SIP requests. tcpdump show requests arriving on the machine, sip debug log in asterisk doesn't show anything for the UDP peers, TCP functions just fine. In all 3 cases the log is something like below, a +/- 10m gap in any SIP/UDP related traffic in the logs, followed by a bunch of

Hi, Trying to figure out why I cannot get access to dell.com Their site is up because I can browse using a different firewall. Trying to find out where the logs are located and what log files it would write to if it were to deny browsing to a website. I can see the [UNREPLIED] when using the shorewall status. Was hoping to know what logfile it is writing it to. Thanks in advance, Elmer

Hello, I''m using Linux kernel 2.6.x and tc (from iproute2 package). I''m trying to use HTB or HFSC scheduler in order to limite the rate of outgoing packets and also in order to minimiez delay for RTP stream. But I didn''t suceed in having this 2 QoS services working. I use Iptables in order to classify packets. Here is my HFSC conf. In fact the pings that i send from

Hello Gordon and others On Tue, Jun 21, 2016 at 4:13 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote: > On 06/21/2016 02:30 AM, Alexander Farber wrote: > >> -A PREROUTING -p tcp -m tcp -d 144.76.184.154/32 --dport 80 -j REDIRECT >> --to-ports 8080 >> > > > I think you have the ports backward, here. > here the problem description again: I have

Hi Folks: I am either using the multiport of the -m or --match option of iptables in correctly or there is a bug with it. Is anyone else using it with no problem? This is the way I am trying to use it: my_ports=21,25,80 iptables -t nat -A PREROUTING -i $wan_addr -p tcp -m multiport --dports $my_ports -j DNAT --to $my_internal_address I have used this in the past successfully but that was a

I must have something configured wrong somewhere. I''ve enabled proxy-arp on my shorewall 2.0.7 firewall. Works fine for what its supposed to do, I can see all the machines through it great. However, whenever its enabled, the network on the DMZ goes screwy. I''ve narrowed it down to this: when proxy arp is enabled for that interface, like such: echo 1 >

Hi All, I want to put a ASTERISK BOX bend a Firewall. So I have given below rules. iptables -A FORWARD -p udp -d 192.168.101.30 -m multiport --dports 3478,4569,5060 -m state --state NEW -j ACCEPT iptables -A FORWARD -p udp -d 192.168.101.30 --dport 10000:20000 -m state --state NEW -j ACCEPT iptables -t nat -A PREROUTING -p udp -i eth0 -d 1.2.3.4 -m multiport --dports 3478,4569,5060 -j DNAT

https://bugzilla.netfilter.org/show_bug.cgi?id=821 Summary: Rosa Product: iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P5 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy: andoandre at gmail.com

Due to a critical dracut bug, and a strong dev focus on F16, we're dropping all F15 recipes. Signed-off-by: Mike Burns <mburns at redhat.com> --- recipe/ovirt15-install.ks | 1 - recipe/ovirt15-minimizer.ks | 1 - recipe/ovirt15-pkgs.ks | 2 - recipe/ovirt15-post.ks | 145 ------------------------------------------ recipe/ovirt16-install.ks | 2 +-

I have problem getting answer on http request from all my local subnets but not from local subnet. Ping and requests on ports 21 22 23 25 110 works fine. I logged port 80 in rules files and I got accept entry same for local subnet and other subnets. Local subnet is 192.168.6 Dec 29 09:52:40 zinfsrv2 kernel: Shorewall:loc2fw:ACCEPT:IN=eth0 OUT= MAC=00:09:6b:07:ca:cc:00:10:b5:fa:bd:71:08:00

My hfsc rule .. tc qdisc add dev eth2 handle 1: root hfsc iptables -t mangle -N ms-all iptables -t mangle -N ms-all-chains iptables -t mangle -N ms-prerouting iptables -t mangle -A PREROUTING -j ms-prerouting iptables -t mangle -A ms-prerouting -j CONNMARK --restore-mark iptables -t mangle -A ms-prerouting -p udp --dport 4444 -j MARK --set-mark 1 iptables -t mangle -A ms-prerouting -p udp -m