Displaying 20 results from an estimated 2000 matches similar to: "Use shorewall for count traffic usage on a interface"
2006 Jan 09
12
Shorewall blocks LISa on port 7741
Hello, all.
I''ve been trying to get shorewall to get LISa working on my Gentoo box. It
works as long as I have shorewall turned off, but whenever I turn it on, it
seems to block all LISa activity. I have TCP port 7741 opened (as per
lisa-home.sourceforge.net), and nmap says it''s open. Ethereal indicates that
LISa is communicating via TCP port 7741, from 127.0.0.1 to
2006 Jan 06
1
Fw: hosts.allow, hosts.deny
>> Hello,
>>
>> I am using Debian Sarge, with Shorewall 2.2.3,
>>
>> for access control I am using hosts.allow :
>>
>> ALL: 144.131.xxx.xxx
>>
>> and hosts.deny:
>>
>> ALL: ALL
>>
>> I have a virtual machine that is being port forwarded to with Shorewall :
>>
>> DNAT net loc:10.0.0.100 tcp 3389
2005 Dec 14
2
DNAT config not working
I am having a problem that I really just don''t get....
I have this in my rules file:
DNAT net loc:192.168.1.2 tcp 21 21
Everything worked fine earlier today.. Now it is dropping packets destined
for Port 21
/var/log/messages:
Dec 14 00:36:39 pcp08479598pcs kernel: Shorewall:net2all:DROP:IN=eth0 OUT=
MAC=00:0b:6a:3f:e6:72:00:01:5c:22:92:42:08:00 SRC=24.210.36.92
DST=68.57.216.61
2006 Jan 02
2
RE: How to log and block specific application a ctivity
Have read the comments about Shorewall not being a personal
firewall, etc., and am not necessarily advocating such use,
but, trying to get into the poster''s head, and doing some
creative thinking, thought that possibly some form of EGID
rule might help out if there is a reasonable reason behind
the question. It is not hard for me to see how something
like this could be useful.
2006 Jan 13
5
Using torrent in tcrules
Hi all,
I''m trying to set up traffic shaping and I''m having some difficulty.
Here is what I want, and where I am.
1. HTTP and SMTP traffic needs to be priority 1.
2. All other traffic priority 2
3. Torrent traffic priority 3.
My distro is Fedora Core 4, and the torrent protocol does not appear
in /etc/protocols. The only protocol is TCP, which HTTP and SMTP is
built on top
2006 Jan 13
3
IPP2P & Marking Connections
I have two (interconnected) questions:
First of all, I''m trying to use IPP2P to classify my P2P traffic and give it
a lower network priority. I''ve already successfully built IPP2P into
iptables and the kernel. I read http://www.shorewall.net/IPP2P.html, but
it''s confusing me. Using the documentation for normal tcrules in 3.0
2006 Jan 02
4
Shorewall portscanner example rule.
When searching in google I could verify that many examples of used rules in
shorewall do not exist to block port scanners external. Example: nmap.
Somebody has some rule or example ?
thanks.
2005 Nov 21
8
[Off-topic] Two provider-setup breaks long-running TCP-connections
Sorry for asking this, as I believe it to be a kernel-related rather
than Shorewall-related problem. But some of you guys seem to have a
lot of experience with these kind of things.
I''m setting up a NAT''ing router with two ISP lines.
At first sight, everything works as expected, however when the local
machines try to keep a TCP-connection open for a long time, it
disconnects
2006 Jan 25
1
EXT3: failed to claim external journal device.
We are having problems remounting an ext3 filesystem using an external
journal device. The filesystem in question was working fine until the
server was rebooted.
This is what we see on dmesg when trying to mount:
EXT3: failed to claim external journal device.
The external journal lives on a LVM2 logical volume and it seems to be
accessible ( we can dumpe2fs and see filesystem information).
2005 Dec 13
1
Standalone TC module ?
Hello,
This might seem like a strange question but...
Is there someway to only allow the Traffic Shaping module of Shorewall to
run ? I am already running a bunch of my own firewall and routing scripts
and am really interested in the ease of Shorwalls Traffic Shaping module.
Does anyone know a way to make it fire up separately without any of the
firewall stuff ? (yes I know that sounds
2004 Aug 12
10
H323 problems
All,
I have a problem with H323 the call disconnects when answered.
The debug shows
-- Executing Dial("SIP/sj1-4ff7", "H323/0797617729") in new stack
-- Called 0797617729
-- H323/0797617729 is ringing
-- H323/0797617729 answered SIP/sj1-4ff7
== Spawn extension (default, 0797617729, 1) exited non-zero on
'SIP/sj1-4ff7'
-- Executing
2005 Dec 08
3
trouble with shorewall on Mandriva 2006 (2nd)
(Sorry, my previous post was sent in HTML format)
I am having a hell of a time with shorewall...
I have a Dlink DCM202 Cable modem with the Ethernet connected directly to
eth0 on the linux box. Then I have a second nic on the linux box connected
to a hub for
the internal network.
I am trying to allow traffic from the internet connect to my FTP and WEB
servers on my Winbloze box on the lan.
2004 Feb 11
48
Kernel panic while compiling kernel
I know you Xen developers are beginning to hate me ;) but...
While trying to compile 2.4.24 under DOM0, quickly after issuing ''make dep'' I
got:
Kernel panic: Failed mmu update: c015bf80, 4
I suspect this address probably isn''t to helpful but this is all I have. I am
currently booted in 2.4.21-SuSE and compiling the 2.4.24 regarding another
thread here.
Regarding
2005 Mar 02
24
unstable binaries
Hi *,
i am coming from UML, and now i evaluate Xen on my desktop:
Xen-2.0.4
linux-2.6.10
"CONFIG_MODULES is not set"
"CONFIG_AGP is not set"
"CONFIG_FB_RADEON=y"
FC3, [/usr]/lib/tls moved away
It works, but some desktop applications crash once in a
while within dom0:
metacity-2.8.6
firefox-1.0.1
wnck-applet (from gnome-panel-2.8.1)
But
2005 Feb 18
14
autotoolizing xen?
Hi there!
I was wondering what the general opinion on autotoolizing xen is? I am
volunteering to do so, if there is interest in updating the build system to
use autoconf, automake and/or libtool.
Is one configure script for all of xen enough or do you want to be able to
configure all/some tools separately? I know that Anthony is no fan of
libtool... are there more reservations about some
2005 Mar 03
14
Serious performance issues
Hi. I have a Shuttle box with an AMD Athlon XP 2200+ and 1GB of RAM.
I''m normally running it with Debian sarge/sid and kernel 2.6.10-1-k7,
as built by Debian. I want to use Xen on it. I built a xen0 kernel
which is as close to the Debian kernel as I can (no power management,
no HPET timers, broken ISA drivers disabled), disabled /lib/tls, and
booted with the new kernel.
Everything works.
2005 Feb 23
19
Calculating real cpu usage of Xen domains correctly!
Hi all,
With the new vm-tools we are trying to get top like capabilities going
correctly. Currently we have a program vm-list that has some of this
capability but is dependent on the cpu time given by libxc calls
(xc_get_dom_info & xc_domain_get_cpu_usage). These two functions give
you how much time (in nanoseconds, why is this not documented) the
domain has been actively used. Approaches:
2005 Feb 15
6
xen-testing and redhat-cluster devel
Hi,
I''m using xen on two-node redhat cluster (CVS devel version), using lvm
as storage backend.
redhat cluster is used to synchronize LVM metadata (using clvmd) and as
storage
for domain configs and dom-U kernels (with gfs).
Latest version of redhat cluster works with xen-2.0.4, but not with
xen-2.0-testing.
ccsd failed to start on 2.0-testing. Anyone knows what the problem is?
I
2005 Mar 22
18
[PATCH] tools top level makefile cleanup
I cleaned up the top level makefile in the tools directory. No major
changes. Except I have it so that ioemmu is compiled only with x86_32.
Signed-off-by: Jerone Young <jyoung5@us.ibm.com>
--- tools/Makefile.orig 2005-03-17 21:03:44.000000000 -0600
+++ tools/Makefile 2005-03-22 15:05:20.000000000 -0600
@@ -1,37 +1,33 @@
+XEN_ROOT = ../
+include $(XEN_ROOT)/tools/Rules.mk
-all:
-
2005 Feb 22
6
VFS: Unable to mount root fs on unknown-block(1,0)
google yields nothing except for indicating that it is a boot loader
problem.
my dom0 partition is on a 9 GB SCSI disk drive. I have a raid1 device
(md0) which I have created a series of partitions via lvm2. on boot,
xm create /etc/xen/xm-single -c
I get what looks like a normal boot until
TCP: Hash tables configured (established 4096 bind 8192)
NET: Registered protocol family 1
NET: