similar to: tinc fails because of firewall script

Dear Tinc Experts, I have been struggling for some time now, with Tinc pre3, and firewall rulesets and routing. I did once manage to get Tinc to work okay in a test-bed environment. I then tried to set it up for a 'real-life' setup and cannot get it to work properly. My real-life setup looks like this: Network A: 192.168.1.0 / 255.255.255.0 192.168.1.7 tap1 device gateway >

Hello, I'm trying to set up port forwarding in IPTABLES and so far it's working great from the internet, but when I attempt from my internal LAN using the External IP address, it fails. EXTIF="eth0" INTIF="eth1" EXTIP="xxx.xxx.xxx.xxx" INTNET="192.168.1.0/24" INTIP="192.168.1.1" PORTFWIP="192.168.1.13" >From the internet,

Hi there. I have followed some documents found here and there, but do not have already success implementing a script using iptables and iproute. What I need is to send all traffic trough an ADSL line, but mail trough an expensive and slow DS0. The mail server lies on the PC acting also as firewall. I include the script. When using that I get some error messages (I found that the flush command

Hello there, I have a question/suggestion. I have a bootable CDRom and it comes up with an isolinux menu that lets me pick from several different floppy images to boot Dos and several different Linux Rescue Disks using memdisk. So far so good. What I would like to be able to do is boot a bootable image that is not a floppy image. For example, DemoLinux is a 650MB iso file and when burned to

We had a new server put in on our local network and I am unable to mount it's file shares - mount -t smbfs works on the old server but it doesn't work on the new one because of the SMB signing problem. However, I cannot get mount -t cifs to work on either of them. Anyone have any ideas what the problem could be? Thx vperry successful commands: 1) smbstatus calserver01 2)

Hi all, i got the following configuration: * NET1: DSL Line with /28 network, let''s call it 10.1.0.0/28 * NET2: DSL Line with /28 network, let''s call it 10.2.0.0/28 * INTNET: Internal Network with productive servers and workstations, 192.168.1.0/24 Obvisiously the 10er networks are official networks but censored to protect my customer. The routerbox assigns on eth0 all

Voor de duidelijkheid... ---------- Forwarded message ---------- Date: Sun, 11 Jun 2000 16:14:37 -0500 From: gbarnett <gbarnett@satx.rr.com> To: guus@sliepen.warande.net Subject: TINC 1.0pre2: unable to access one private network Guus... I couldn't seem to get this to the mail list... could you post it and/or answer it for me? Thx. I have been having problems configuring TINC

Hi everybody, sorry for posting again, however I''ve moved the problem now ;-) After digging a bit deeper, I''ve successfully set up the routing as such, it works for incoming as well as outgoing packets that take the default route. Changing some of the routes using IP works as well. When I mark some outgoing packets in order to send them via another route (the fast leased line

Hi Tinc Mailing-Group, After all the suffering I have finally sorted out the firewall rules, which has made Tinc work properly. Hurray!!! Looking through the mail archives on the Tinc web-site I spotted the following ipchains ruleset, which I then applied to the 'forward' chain in my rc.firewall. The vpn now works properly.... /sbin/ipchains -A forward -s 192.168.1.0/24 -d

Hello, I have a webcam that I wish to view from the internet. It is a wireless linksys model with an ip address of 192.168.1.15. I have it set on port 8081, 192.168.1.15:8081. I am using the IP Masquerade HowTo script. Here's the rule I added to my firewall script: EXTIF="ppp0" INTIF="eth1" EXTIP="`$IFCONFIG $EXTIF | grep inet | cut -d : -f 2 | cut -d \ -f

I have a little home network with one Windows 98 PC and a pc running linux. My idea is that as soon as DSL is finally made available to my area (which I keep getting told will be real soon now) I want to route it through the linux box and up to the Windows PC, using IP masquerading, etc. At present I have samba enabled on the unix box which opens up several worthwhile conveniences to me:

Hello, I am trying to get LDAP running. So far, the server is running but I cannot connect to port 389 or the server using webmin or phpldapadmin. It could be my ISP has blocked this port but I'm not sure. I have tried to telnet to port 389 but it is refused. All other services run fine. I user the iptables ruleset found in the IP-Masquerade HowTo. Below is the ruleset I follow for

The subject says it all really, I''m pretty sure the system and bios are NUMA aware but I''m not sure if it''s enabled? Is it supported in 3.2.1 stable? Thanks, Rob \ \/ /___ _ __ |___ / |___ \ / | \ // _ \ ''_ \ |_ \ __) | | | / \ __/ | | | ___) | / __/ _| | /_/\_\___|_| |_| |____(_)_____(_)_| (XEN) Xen version 3.2.1

Can you please help me with the problem i am having below. Thank you Salim -----Original Message----- From: Salim Soormally [mailto:salimwng@bow.intnet.mu] Sent: Friday, July 19, 2002 3:18 PM To: 'mbp@samba.org' Subject: rsync - Version ( rsync-2.1.0-SCO3.2v4.2BIN.tar.gz ) Hi, My name is Salim Soormally. I have downloaded rsync from your web site ( rsync-2.1.0-SCO3.2v4.2BIN.tar.gz ).

Package: xen-hypervisor-4.0-amd64 Version: 4.0.1-1 Severity: important The amd64 Dom0 crashes in early boot-stage. For debugging purpose I logged Kernel-Dump with minicom over Serial Console: System is: Dell Poweredge R710 2x Intel XEON X5650 96GB RAM Perc H200 SAS Controller 3x SAS-Drive I see a possible conjunction with Bug #600241 but acpi=off doesn't solve this problem. Regards,

Hi Tinc Mailing-Group, Having set up the kernel correctly, and got tinc running successfully, I am now trying to get two VPNs running at once. Hence I need to have two ethertap devices ( /dev/tap0 and /dev/tap1 ). The first tap0 device was created thus: mknod -m 600 /dev/tap0 c 36 16 chown 0.0 /dev/tap0 The second tap1 device was created too: mknod -m 600 /dev/tap1 c 36 17 chown 0.0 /dev/tap1

On Sun, Oct 29, 2017 at 11:51:55PM +0100, Fengguang Wu wrote: >Hi Linus, > >Up to now we see the below boot error/warnings when testing v4.14-rc6. > >They hit the RC release mainly due to various imperfections in 0day's >auto bisection. So I manually list them here and CC the likely easy to >debug ones to the corresponding maintainers in the followup emails. >

On Sun, Oct 29, 2017 at 11:51:55PM +0100, Fengguang Wu wrote: >Hi Linus, > >Up to now we see the below boot error/warnings when testing v4.14-rc6. > >They hit the RC release mainly due to various imperfections in 0day's >auto bisection. So I manually list them here and CC the likely easy to >debug ones to the corresponding maintainers in the followup emails. >

To all those that wanted to know how I was filtering particular ICMP packets here is a few snippets from my firewall script which is based on one by Ian Hall-Beyer. I hope this helps you get started. Also note the output of the command: ipchains -h icmp Shawn Mitchell mentioned blocking all ICMP echos and especially broadcast echos. Perhaps he''d care to elaborate with a similar

Albert Gonzalez wrote: > I apologize any inconvenience this mail may cause to you. > If so, please, subbmit me to where I can find some advice. The proper place to ask such questions would be tinc@nl.linux.org (Cc'd). > The problem is: > > I've built a vpn using tinc, and, to my best knowledge, > I can see a ping from the other side on tap0 using tcpdump. > ( on