Displaying 20 results from an estimated 10000 matches similar to: "trouble with shorewall on Mandriva 2006 (2nd)"
2004 Sep 21
1
squid on DMZ using proxyarp
sorry, i''m confuse where to post my problem..
i was post to shorewall-users, but must read to
support.html
this''s my problem
-----------
i have squid running on DMZ zone
and my network using ProxyARP on eth1 and eth2
mylinuxbox slackware 9.2
my network can access to internet normal, but can''t
redirect to squid server from firewall.
sometimes my network can connect
2005 May 31
2
Local machine not through firewall
Currently I have shorewal 2.2 installed om my debian 2.6.8 kernel. The firewall machine can access the internet via a ethernet modem fine. The firewall can ping the local network. The local network can ping the firewall server, see the samba files. Howeven teh local network cannot access the internet through the firewall
Any suggestions?
Rob van Overbruggen
Settings and stats:
Server:
Eth1 :
2004 Dec 30
0
MultipleIPĀ“s in one Zone
Hi Tom
Here is the output of shorewall status
Thanks
Lars
[H[2JShorewall-2.0.13 Status at - Thu Dec 30 21:43:44 CET 2004
Counters reset Thu Dec 30 15:38:17 CET 2004
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
38383 11M ACCEPT all -- lo * 0.0.0.0/0
0.0.0.0/0
0 0 DROP !icmp --
2005 May 25
9
Newbie going through a probably stupid thing
Believe me:
Read the FAQ
Checked over and over
This might be toooooo stupid to be documented.
Please bear with me. Any help ?
Situation: single card standalone "firewall" (used like a "personal
firewall"). Have sshd running on the FW. Want the sshd daemon to be
accessible only from 2 LANs:
1) My other home LAN machine
2) IBM intranet machines (9.0.0.0)
Whatever I have
2004 Aug 27
3
Proxy Arp Ip Conflicts
I must have something configured wrong somewhere. I''ve enabled proxy-arp on my
shorewall 2.0.7 firewall. Works fine for what its supposed to do, I can see
all the machines through it great. However, whenever its enabled, the network
on the DMZ goes screwy. I''ve narrowed it down to this:
when proxy arp is enabled for that interface, like such:
echo 1 >
2005 Jan 08
8
Shorewall problem, perhaps with PPPoE
I have what strikes me as an odd problem with shorewall.
Let me describe my setup.
My desktop (alfred) is connected to the network
through an ADSL modem.
I am running rp-pppoe, and this works perfectly.
I have a small home network, with two LANs;
an Ethernet LAN (including a machine running Windows XP),
and a WiFi LAN, including the laptop (william) I am using now.
All the computers except for
2003 Feb 27
3
Unknown commments in shorewall status.
I wonder if someone can tell me what these ''unknown'' remarks mean in my
status file. They are only in the last portion of the file and are listed
below. If they mean nothing, I will rest easy. But if not it means
I need to fix something. Your thoughts would be appreciated.
----------------
udp 17 92 src=24.224.173.220 dst=24.222.0.75 sport=1027 dport=53
src=24.222.0.75
2003 Aug 26
1
ADSL router, two nics, web server not visible from internet
I have an ADSL router, a linux box with two NICS connected to the
router and another PC connected to the router.
I installed shorewall using the two interface method.
I can ping and see the webserver on the linux box from the local
network, but not from the internet.
Sys info as follows:
[root@wilma root]# shorewall version
1.4.6b
[root@wilma root]# ip addr show
1: lo: <LOOPBACK,UP> mtu
2003 Mar 28
9
Squid
I''m attempting to setup Squid as shown on:
http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ
The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat
7.2 on the server in the DMZ. I''m not seeing the requests come in to the
server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the
firewall, the local traffic I''m trying to
2004 Nov 29
2
SFTP
(anonymous post) I have a simple 2 interface firewall setup and all is
good, almost. I am hosting virtual websites and DNS behind shorewall no
problem. However I am trying to use SFTP via a different port number and
have no luck even though Putty works well. Is there anything weird to
sftp and shorewall? My lab uses a different firewall (firestarter) and
it works OK.
I am using;
DNAT net
2004 Dec 29
18
No response on port 80 with Shorewall
I have problem getting answer on http request from all my local subnets
but not from local subnet.
Ping and requests on ports 21 22 23 25 110 works fine.
I logged port 80 in rules files and I got
accept entry same for local subnet and other subnets.
Local subnet is 192.168.6
Dec 29 09:52:40 zinfsrv2 kernel: Shorewall:loc2fw:ACCEPT:IN=eth0 OUT=
MAC=00:09:6b:07:ca:cc:00:10:b5:fa:bd:71:08:00
2004 Sep 22
2
IPSEc versus Multipath routing
Firstly I don''t think this is a shorewall problem, but I suspect shorewall
might be able to solve it for me.
I''ve posted this so far at
http://mandrakeusers.org/index.php?showtopic=18942
I''ve stumble upon a problem that has me stumped
I have a multipath router using 2.6.8.1 with patches from here
http://www.ssi.bg/~ja/#routes
basic setup:
___ ISP1
2005 Jun 14
1
Problem with samba broadcast
Hi all,
I''m new to shorewall and have been struggling with several problems for
several days now. Most of them are solved, but one still persists.
The firewall is running on my server under Debian Sarge (Kernel 2.6)
I''ve got three network interfaces:
ppp0 (DSL Internet)
eth1 (lan)
ath0 (wlan)
eth1 and ath0 are bridged together to br0.
The problem is, that Samba (also running
2004 Aug 05
9
Not able to access website
Hi,
Trying to figure out why I cannot get access to dell.com
Their site is up because I can browse using a different firewall.
Trying to find out where the logs are located and what log files it
would write to if it were to deny browsing to a website. I can see the
[UNREPLIED] when using the shorewall status. Was hoping to know what
logfile it is writing it to.
Thanks in advance,
Elmer
2005 Jan 11
1
Squid and DMZ (ProxyARP)
Hello All,
I have a question about setting up the shorewall firewall for squid, I
followed the instructions on "Using Shorewall with Squid" --> "Squid Running
in the DMZ" section. For some reason I am unable to get the program to work.
I am able to have the squid work properly by using squidclient program, but
once I setup the firewall to use the redirect I am unable to
2003 Feb 25
0
Shorewall Setup.
Hello Tom and others on the list.
Tom - you might recall that the other day (night) I had problems with my
axip setup (protocol 93) and we made some changes to the policy, zones and
interfaces files. You added ''peers and tunl+''
Following that change nothing seemed to work. In fact you wanted to see
the shorewall status file, among other things.
Well - tonight, I carefully put
2005 Jan 11
2
dnat problem
Hi,
I have a proxy/firewall,
I want to dnat requests for 193.205.140.106 on port 443 towards
10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389
towards 10.2.15.25, these rules must apply from internet, loc and fw
(some client use a proxy on fw to reach these servers)
I have tried with the following rules:
DNAT net dmz:10.2.15.23 tcp 443 -
2003 Mar 25
7
DNAT not working after changing BIND to use views
Hello all:
I''ve got a confusing issue. I had a working shorewall configuration
(based on the two interface model) using DNAT for redirection to my HTTP
server. The HTTP server is on my inside network (I know - bad juju, but
one thing at a time). I changed my configuration this morning to use
views in my BIND (named) configuration. Everyone outside the firewall
is able to get in
2007 Dec 28
0
marking and routing (with multi-isp) not working
[ I hope this isn''t a dupe. Evolution crashed on my last send and I see
nothing in my logs that leads me to believe the mail made it out before
the crash ]
Well, it probably is working. I''m probably just misunderstanding
something.
Given routing rules that look like this:
0: from all lookup local
10000: from all fwmark 0x40 lookup CGCO
10001: from all fwmark 0x80
2005 Jun 27
5
Bridging problem with Shorewall and OpenVpn
Hello All,
I am trying to implement OpenVPN on Fedora core Linux 3 with the latest
pathces
installed. This server is used only as firewall/internet gateway/proxy/VPN
server, with kernel 2.6.1-1.27.FC3 and kernel 2.6.1-1.27.FC3 SMP
It has two NIC''s eth0 (10.0.0.150) connected to ADSL, eth1 (192.168.3.12)
connected to the local network.
I use shorewall 2.4 on this machine.
I like to test