Displaying 20 results from an estimated 10000 matches similar to: "...requires that your kernel and iptables have ROUTE target support"
2003 Feb 28
6
2 internet ip numbers on eth0
Hi,
I am migrating from one ISP to another, and would like to run both
simultaneously for a while.
So:
(both netmask 255.255.255.248)
[ISP1] 24.106.62.180 [ISP2] 209.181.237.230
| |
| |
\ /
-----[ HUB ]-----
|
|
-------- eth0 ---------
| Linux FW/Server |
---------eth1 ---------
|
|
[ HUB ]
|
10.0.0.x/255.255.255.0
The default IP on
2005 Mar 01
11
Simple question about zones (haven''t found in FAQ)
Hello everybody:
Here is my "network layout":
ISP1 ISP2
| |
| |
+-----eth0---------eth1------+
| |
| FC 3 box |
| |
+-----eth2---------eth3------+
|
2013 Dec 03
5
Multiple ISP + traffic shapping = poor download speed
Hello,
Thanks for the great Shorewall which has replaced my hard to maintain home-made scripts.
First, what works.
Our local network is 10.48.X.X with multiple vlan, each on a dedicated interface. We use Shorewall 4.4.11 from Debian Squeeze.
We have a 2 ISP:
- isp1 : an optical fiber provider with 10 Mbps.
- isp2 : a DSL provider with 15Mbits/1Mbits.
We use isp2 as the default outgoing
2013 Oct 03
7
TCCLASSES vs Providers
Hi, I want to configure QoS in my shorewall conf but I have a doubt.
Now I am using tcrules with prerouting and with the file providers, like
this.
2:P 192.168.0.11 0.0.0.0/0 tcp 25
So, with this way I route my smtp traffic with my provider number 2.
Well, now I want to configure QoS with tcclasses and tcdevices, but if I do
that I need to use the MARK in the tcclasses
So, how
2008 Oct 21
7
DNAT or NAT - QUESTION
Hi, I have a simple question. I have my firewall with 2 external Ip and 1
lan.
For example
ISP1
FW LAN----Mail Server
ISP2
Ok, when i DANT the smpt port to my mail server, I can see that the
conection in my mail server comes from the external IP of my ISP.
I need to change this so the conection to my mail server cames from the LAN
IP from my firewall
Is this possible?
2004 Nov 19
14
FAQ 32
What changes would I need to make if there is a 4th interface that is going
to a DMZ
Thanks
Gene
2005 Jun 24
7
tcp redirect questions
Hi there. Currently, our network design has two ISP
lines and 3 subnets for LAN. Below are some details :-
eth0 - isp1
eth1 - isp2
eth2 - subnet1
eth3 - subnet2
eth4 - subnet3
What i wanted to do is to assign incoming port 80 to
our local squid server running on the firewall itself
and assigned it to eth0(ISP1). I think it shouldnt be
a problem as /etc/shorewall/rules provides a sample of
the
2007 Sep 12
21
MultiISP: failover and dynamic IP
Dear list,
Shorewall is running here with 2 ISP''s:
ISP1: corporate ADSL-line with fixed set of IP''s
ISP2: fast consumer-grade cable-connection with higher bandwidth
All our main traffic (web, e-mail) is routed trough ISP1. Only for
special purposes (frequent large ftp-transfers) ISP2 is used, configured
trough tcrules.
ISP2 is not so reliable as ISP1 (duh) and they sometimes
2006 Apr 04
4
Multi ISP, multi address, masq file
I''m planning a multi isp setup and cafully read the
documentation. One thing that bothers me is the masq
file. The example uses a single ip address on each
public interface. I have multiple addresses on both
public interfaces (16 on one and 64 on the other).
I''m a bit confused about what to put in the masq file
in this situation. Any insights would be appreciated.
Ronald
--
2004 Sep 19
2
Time-based rules
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi!, I''d like to know how to set up shorewall to deny a user-defined
action in a time-based basis, for example, I have a group of users
using MSN, AOL, www and https, in a defined action called
action.BasicAccess now, I want this access to be enabled only on
lunch time from Monday through Friday and weekends from noon to
6pm... I know
2005 Feb 28
5
Samba and different IPs
Hello,
is it possible to configure Shorewall for different network
environments? I am using it on a single Linux computer. When I am at
home, I am using an internal IP address (192.168.0.X), and when I am
using my cable modem, I get an internet IP assigned. I now want to be
able to use Samba/Windows Filesharing when at home and to disable it
when I am using my computer directly on the net.
2007 Apr 11
3
2 isp in one server
Hi,
is it possible to have 2 different ISP in one server? i have 2 NIC cards im
going to config ISP1 in NIC1 and ISP2 in NIC2? what should be the
configuration for this setup?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20070412/4c62019f/attachment-0004.html>
2005 Jul 07
4
DNAT with 2 ISP''s
Hi,
I have 2 internet nic''s with differents ISPs.
eth0 = isp1
eth3 = isp2
My internal network is eth1
# /etc/interfaces
net eth0 detect routefilter,norfc1918,blacklist
net eth3 detect routefilter,norfc1918,blacklist
loc eth1 detect
# /etc/policy
loc net ACCEPT
net net DROP
2005 Mar 17
3
smb, vmware trouble?
Dear all
We are using a definition of rules which has perfectly worked with SuSE8.2 and
vmware and a local samba on some clients.
The systems got an update to 9.2.
Now we got a very strange problem which probably could belong to an firewall
definition problem.
After booting of the system the samba connection to vmware works perfect but a
few hours later it isn''t possible to copy a
2003 Jan 29
5
A suggestion
Tom,
I was upgrading a remote firewall, when upon restart, shorewall found a
rule with a wrong zone and decided to not continue and stop itself.
The problem now, is I cannot access that firewall over ssh anymore. One
suggestion would be to instead of "shorewall stop" to have a basic
emergency rule with only ACCEPT:info all all tcp ssh rule instead with
DROP all policy. Shorewall could
2013 Aug 19
4
squid on a dual ISP cenario
Hi to all
For is just az concept question :
There are a need to change something in Squid3 config when it are running
in the same box as shorewall with 2 ISP ?
I''ve been thinking in do this at home, as a proof of concept for future
implememtations ...
I allways use Roberto''s Debian package to implement Shorewall .
Fábio Rabelo
2008 Oct 24
6
routing packet from/to source/destination
Hi all and specially Mr. Tom....
(Please, do not be acid with me please! I am only a newbie, trying learn
more about shorewall)
I get involved with a Firewall Project in a customer here in my city...
In this customer, he has two Internet Providers.
So, he ask me how make certain connection following one routing path (like
RT_1) and others connections type, following the other routing path
2005 Feb 23
13
Snort and Shorewall
Hello
I am looking for a way to have snort to dynamically update my shorewall config.
I have seen software out there but I would like to see if anyone had tried this
first.
Aslo I would like to know if there is a way clear the Netfilter tables when I do
a shorewall restart. The reason being is that when I make a change to my
firewall setting I want all connections to have to re-establish
2010 Mar 03
5
Applications running on the Firewall (MultiISP)
Hello,
it seems I am hit by http://shorewall.net/MultiISP.html#Local :
"Experience has shown that in some cases, problems occur with applications running on the firewall itself. This is especially true when you have specified routefilter on your external interfaces in /etc/shorewall/interfaces (see above). When this happens, it is suggested that you have the application use specific local IP
2002 Nov 11
11
Shorewall Documentation in PDF format
Hey gang,
I was wondering if all that documentation could or has been put into
PDF format. I usually like to download documentation and read it while
I''m sitting comfortably at home and I don''t want to tie up the phone
line all night.
Thanks,
Nino
p.s. If so, please feel free to attach the PDF formatted document to my
e-mail ;-)