similar to: [Bug 70] New: udp connection(snmp) not being tracked.

Hello! I have access server with 4 uplinks (nice, huh?). I ran RedHat 7.3. Yesterday I did an upgrade to RedHat 9. After upgrade Linux says the third link is bad: # ip route show 2.2.2.0/30 dev eth2 scope link src 2.2.2.2 4.4.4.0/30 dev eth4 scope link src 4.4.4.4 3.3.3.0/29 dev eth3 scope link src 3.3.3.3 1.1.1.0/28 dev eth1 scope link src 1.1.1.1 10.1.1.0/24 dev eth0 scope link

Hi all, I''m new to shorewall and have been struggling with several problems for several days now. Most of them are solved, but one still persists. The firewall is running on my server under Debian Sarge (Kernel 2.6) I''ve got three network interfaces: ppp0 (DSL Internet) eth1 (lan) ath0 (wlan) eth1 and ath0 are bridged together to br0. The problem is, that Samba (also running

I must have something configured wrong somewhere. I''ve enabled proxy-arp on my shorewall 2.0.7 firewall. Works fine for what its supposed to do, I can see all the machines through it great. However, whenever its enabled, the network on the DMZ goes screwy. I''ve narrowed it down to this: when proxy arp is enabled for that interface, like such: echo 1 >

---------- Original Message ---------------------------------- From: "Jim Van Eeckhoutte" <jim@vaneeckhoutte.com> Reply-To: <jim@vaneeckhoutte.com> Date: Mon, 8 Jul 2002 15:27:14 -0700 this is shorewall status output: tcp 6 431899 ESTABLISHED src=192.168.20.5 dst=64.4.12.45 sport=2185 dport=1863 src=64.4.12.45 dst=63.25.123.58 sport=1863 dport=2185 [ASSURED] use=1

http://bugzilla.netfilter.org/show_bug.cgi?id=613 Summary: iptables not accepting RELATED,ESTABLISHED udp packets Product: iptables Version: unspecified Platform: All OS/Version: other Status: NEW Severity: normal Priority: P1 Component: iptables AssignedTo: laforge at netfilter.org

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=471 Summary: UDP stream DNAT problem Product: netfilter/iptables Version: linux-2.6.x Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: NAT AssignedTo: laforge@netfilter.org ReportedBy:

Hi Tom Here is the output of shorewall status Thanks Lars [H[2JShorewall-2.0.13 Status at - Thu Dec 30 21:43:44 CET 2004 Counters reset Thu Dec 30 15:38:17 CET 2004 Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 38383 11M ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 DROP !icmp --

Unreplied message when i try to connect to an internal system I''ve set up a shorewall 3.0.5 system on Fedora core 4 When i want to connect from an external computer to one in my network it does not reply. I connect from 212.19.195.160 to 212.178.64.74 trough port 8080 The rule i made is: DNAT  net   loc:192.168.0.20:80  tcp  8080 - 212.178.64.74 (and 192.168.0.20 can be reached

(Sorry, my previous post was sent in HTML format) I am having a hell of a time with shorewall... I have a Dlink DCM202 Cable modem with the Ethernet connected directly to eth0 on the linux box. Then I have a second nic on the linux box connected to a hub for the internal network. I am trying to allow traffic from the internet connect to my FTP and WEB servers on my Winbloze box on the lan.

I wonder if someone can tell me what these ''unknown'' remarks mean in my status file. They are only in the last portion of the file and are listed below. If they mean nothing, I will rest easy. But if not it means I need to fix something. Your thoughts would be appreciated. ---------------- udp 17 92 src=24.224.173.220 dst=24.222.0.75 sport=1027 dport=53 src=24.222.0.75

https://bugzilla.netfilter.org/show_bug.cgi?id=1203 Bug ID: 1203 Summary: 'DisableExternalCache On' seems to be broken Product: conntrack-tools Version: unspecified Hardware: All OS: Ubuntu Status: NEW Severity: normal Priority: P5 Component: conntrack-daemon Assignee:

Typically (or at least somewhat occasionally) after a reboot of my shorewall[-lite] machine I find that I end up with conntrack table entries for unNATted connections such as: # conntrack -L -p udp --dport 5060 -d 99.232.11.14 udp 17 59 src=10.75.22.8 dst=99.232.11.14 sport=5060 dport=5060 packets=5472 bytes=3031488 [UNREPLIED] src=99.232.11.14 dst=10.75.22.8 sport=5060 dport=5060 packets=0

https://bugzilla.netfilter.org/show_bug.cgi?id=1158 Bug ID: 1158 Summary: using old session data when piping multiple commands Product: ipset Version: unspecified Hardware: x86_64 OS: Ubuntu Status: NEW Severity: minor Priority: P5 Component: default Assignee: netfilter-buglog

With ssh tunnel (-L option), is it possible to set _remote_ bind address? Say, I have a remote SSH server with two IP addresses, 1.1.1.1 and 2.2.2.2. I would like to make sure that any outgoing connections to 3.3.3.3 will be made from 2.2.2.2: ssh client ---> 1.1.1.1 ssh server 2.2.2.2 >--- 3.3.3.3 Pseudo "--remote-bind" command here to illustrate what I mean: ssh -N -L

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=70 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID Summary|udp connection(snmp) not |udp

I have what strikes me as an odd problem with shorewall. Let me describe my setup. My desktop (alfred) is connected to the network through an ADSL modem. I am running rp-pppoe, and this works perfectly. I have a small home network, with two LANs; an Ethernet LAN (including a machine running Windows XP), and a WiFi LAN, including the laptop (william) I am using now. All the computers except for

Currently I have shorewal 2.2 installed om my debian 2.6.8 kernel. The firewall machine can access the internet via a ethernet modem fine. The firewall can ping the local network. The local network can ping the firewall server, see the samba files. Howeven teh local network cannot access the internet through the firewall Any suggestions? Rob van Overbruggen Settings and stats: Server: Eth1 :

I am trying to get a tunnel from a cisco 1760 with IOS 12.2.15.t13 to a freebsd 4.9 install with racoon. I have package version freebsd-20040408a and internal version 20001216 in my log file. I posted the full racoon and cisco log below my configs. Racoon keeps saying: 2004-07-26 16:24:03: DEBUG: isakmp.c:2295:isakmp_printpacket(): begin. 2004-07-26 16:24:03: DEBUG:

Hi, again i am stuck in my presentation, and i have never learn R before in my life but need this to be done, so please help me out for a favour: http://www.nabble.com/file/p20333155/kew.dat kew.dat run this in R and these comes up: Month Year Rain 1 Jan 1900 74.400000 2 Feb 1900 80.500000 3 Mar 1900 23.600000 4 Apr 1900 23.600000 5 May 1900 25.100000 6

I''m trying to enable tftp traffic initiated from our dmz network to our internal network. I have: TFTP(ACCEPT) dmz loc:10.10.10.1 in /etc/shorewall/rules, and: oadmodule nf_conntrack_tftp in /etc/shorewall/modules. The module is loaded and I do see some entries come and go, e.g.: udp 17 10 src=4.28.99.164 dst=10.10.10.1 sport=2071 dport=69 [UNREPLIED]