similar to: firewallchain issues w/ 1.0.0 release

Trying the firewall module and we''re getting a strange error. /var/lib/puppet/lib/puppet/provider/firewallchain/iptables_chain.rb:34: warning: already initialized constant Mapping /var/lib/puppet/lib/puppet/provider/firewallchain/iptables_chain.rb:37: warning: already initialized constant InternalChains /var/lib/puppet/lib/puppet/provider/firewallchain/iptables_chain.rb:38: warning:

We''re testing out the Puppetlabs-Firewall module. And it seems I''m either missing something fundamental or Logging/Accpet works/doesn''t work in an irregular way. I would be most grateful for some input. *COMMON:* firewall { ''002 accept related established rules INPUT'': proto => ''all'', state =>

http://bugzilla.netfilter.org/show_bug.cgi?id=586 Summary: Problems changing the source address of a packet Product: libnetfilter_queue Version: unspecified Platform: All OS/Version: All Status: NEW Severity: blocker Priority: P1 Component: libnetfilter_queue AssignedTo: laforge at netfilter.org

I''m using puppetlabs/firewall with Puppet 2.7.2, and for the most part it''s working great. I have this in my sites.pp, which I took from this list sometime ago, to save firewall rules to disk when they''re changed: # Always persist firewall rules if ($kernel == ''Linux'') { exec { ''persist-firewall'':

https://bugzilla.netfilter.org/show_bug.cgi?id=1226 Bug ID: 1226 Summary: Segmentation fault when printing a rule checking byte zero of NFT_PAYLOAD_LL_HEADER Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: normal Priority: P5

Hello, I can''t figure out how I can use the module puppetlabs-firewall only for some targeted nodes. If I put : resources { "firewall": purge => true } in top scope (i.e. site.pp), then all the firewall rules on all my nodes are purged. Even for nodes for which I don''t apply any module containing specific firewall { ... } resources. If I put it in a module

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=489 Summary: IP address with leading zerrow and trailing nine fails Product: iptables Version: 1.3.3 Platform: x86_64 OS/Version: Ubuntu Status: NEW Severity: minor Priority: P2 Component: unknown AssignedTo: laforge@netfilter.org

Trying to use the policy drop rule with the bridged firewall, when I removed the first line the transparent proxy works great? It seems a bit strange as from reading several articles on it I thought the following occurs. 1st line - if it doest match it gets dropped on the local filter input. 2nd line - redirects the traffic off the link layer into the network layer ready for line 3. 3rd line -

Hi, Sorry to bother you all. I have a typical problem sharing DSL upstream bandwidth with users. I have 3 types of traffic high-priority, medium-priority and low priority. My upstream rate is 960kbits. Traffic (any priority) can vary in bandwidth from 0 to 960kbits. I have a test setup where I can pump 600kbit of high priority sustained and I have 400kbit of low priority traffic sustained. I

Hello! I have the following setup: 1) a connection to my ISP with a public IP (1.2.3.4) with the gateway 1.2.3.1 2) an allocated IP class with 64 addresses (5.6.7.192/26) 3) two LANs connected through two NICs: a) 192.168.0.0/24 on eth1 (192.168.0.1) b) 10.0.0.0/24 on eth2 (10.0.0.1) The IPs from the allocated class are all assigned to eth0. The networks are SNATed to the external IP and

Good morning, I''m writing to ask for collaboration in finding an improvement to a particular process. Today: To get traffic for our IDS sensors and a billing system, we collect everything at our core switches (2) by connecting a SPAN port from each switch to a server (so, 2 interfaces collecting traffic). That server changes the destination MAC address on all traffic to that of

Hi, [sorry for the crosspost, I don''t know whether this is a routing or ebtables problem] I want to redirect all HTTP traffic passing through my bridge to a squid proxy on another machine. However, setting up brouting as suggested in the ebtables examples doesn''t work and the packets get dropped on the floor completely. /\/\/\/\/\/\/\/\ +----------------------+

Hi, I believe ndas devices (http://www.ximeta.com/web/technology/) use raw Ethernet frames, as they require no tcp/ip configuration, the client finds and authenticates with a code that is different for each device sold, like a network mac address. My pc is on a different segment to the ndas devices that we have, the two segments are linked by a linux box that is doing routing and proxy arp, can

Hullo, folks. As the wiki is *still* down, I'm sending this to the list again. The EZAV EMP-400 is a small flash-based portable player with an OLED screen. I think it's still in development, because I can't find information on its pricing anywhere. The memory capacity isn't visible anywhere either, but the previous device from EZAV had 256 megs of memory.

Hello, I am interested in recording my LP's from my stereo to my computer and then burning to cd. If I understand right theres no way to save as oog and then burn ? Thanks NewbieMark

Still learning Xen, and would like to know if it''s possible to run Squid in D0 when running in bridging mode. I have iptables and ebtables going, and am able to log packets with those, but can''t seem to get any traffic out of the bridge into Squid in D0 (or through iptables in D0, for that matter). Information I''ve gathered so far is that I need

Hello list, I've posted here about this before, but I realise that it may have been assumed that the bridged vlans simply put a switch port in a blocking state and left my question ignored. So to recap. I have two tg3 interfaces named 'in' and 'out' and a bridge named 'br0' My vlan trunk is on the 'in' side of the network, and set as in.2, in.3 ... The

Hi Rahul, If you're certain that your problem isn't as Stephen suggested, you might want to have a look at this: --- (From http://ebtables.sourceforge.net/brnf-faq.html <http://ebtables.sourceforge.net/brnf-faq.html> ) How do I let vlan-tagged traffic go through a vlan bridge port and the other traffic through a non-vlan bridge port? Suppose eth0 and eth0.15 are ports of br0.

Hello. I''m trying to use vlan in domU, but have something strange: I created bridge on eth0. This interface was configured as trunk with vlan 300, 301. I use this bridge in my domU, and I can see tagged packets when run tcpdump in domU. Also I created interface on domU to work with vlan 300. On this interface I see untagged packets in vlan300. And everything looks fine. But when