Displaying 20 results from an estimated 2000 matches similar to: "RE: How to log and block specific application a ctivity"
2006 Jan 09
12
Shorewall blocks LISa on port 7741
Hello, all.
I''ve been trying to get shorewall to get LISa working on my Gentoo box. It
works as long as I have shorewall turned off, but whenever I turn it on, it
seems to block all LISa activity. I have TCP port 7741 opened (as per
lisa-home.sourceforge.net), and nmap says it''s open. Ethereal indicates that
LISa is communicating via TCP port 7741, from 127.0.0.1 to
2005 Nov 29
2
Use shorewall for count traffic usage on a interface
Hi
i have a small problems on one of my interface : i can''t get traffic out
and don''t know why.
Ither user say me that i can use Shorewall for create the counter and
after get the information for
mrtg. Anyone know what is the process into shorewall 2.0.X ?
i don''t want monitor by specified port, but all ports
Thanks for your help
2006 Jan 13
5
Using torrent in tcrules
Hi all,
I''m trying to set up traffic shaping and I''m having some difficulty.
Here is what I want, and where I am.
1. HTTP and SMTP traffic needs to be priority 1.
2. All other traffic priority 2
3. Torrent traffic priority 3.
My distro is Fedora Core 4, and the torrent protocol does not appear
in /etc/protocols. The only protocol is TCP, which HTTP and SMTP is
built on top
2006 Jan 06
1
Fw: hosts.allow, hosts.deny
>> Hello,
>>
>> I am using Debian Sarge, with Shorewall 2.2.3,
>>
>> for access control I am using hosts.allow :
>>
>> ALL: 144.131.xxx.xxx
>>
>> and hosts.deny:
>>
>> ALL: ALL
>>
>> I have a virtual machine that is being port forwarded to with Shorewall :
>>
>> DNAT net loc:10.0.0.100 tcp 3389
2005 Dec 14
2
DNAT config not working
I am having a problem that I really just don''t get....
I have this in my rules file:
DNAT net loc:192.168.1.2 tcp 21 21
Everything worked fine earlier today.. Now it is dropping packets destined
for Port 21
/var/log/messages:
Dec 14 00:36:39 pcp08479598pcs kernel: Shorewall:net2all:DROP:IN=eth0 OUT=
MAC=00:0b:6a:3f:e6:72:00:01:5c:22:92:42:08:00 SRC=24.210.36.92
DST=68.57.216.61
2006 Jan 13
3
IPP2P & Marking Connections
I have two (interconnected) questions:
First of all, I''m trying to use IPP2P to classify my P2P traffic and give it
a lower network priority. I''ve already successfully built IPP2P into
iptables and the kernel. I read http://www.shorewall.net/IPP2P.html, but
it''s confusing me. Using the documentation for normal tcrules in 3.0
2006 Jan 02
4
Shorewall portscanner example rule.
When searching in google I could verify that many examples of used rules in
shorewall do not exist to block port scanners external. Example: nmap.
Somebody has some rule or example ?
thanks.
2005 Nov 21
8
[Off-topic] Two provider-setup breaks long-running TCP-connections
Sorry for asking this, as I believe it to be a kernel-related rather
than Shorewall-related problem. But some of you guys seem to have a
lot of experience with these kind of things.
I''m setting up a NAT''ing router with two ISP lines.
At first sight, everything works as expected, however when the local
machines try to keep a TCP-connection open for a long time, it
disconnects
2006 Jan 25
1
EXT3: failed to claim external journal device.
We are having problems remounting an ext3 filesystem using an external
journal device. The filesystem in question was working fine until the
server was rebooted.
This is what we see on dmesg when trying to mount:
EXT3: failed to claim external journal device.
The external journal lives on a LVM2 logical volume and it seems to be
accessible ( we can dumpe2fs and see filesystem information).
2004 Aug 12
10
H323 problems
All,
I have a problem with H323 the call disconnects when answered.
The debug shows
-- Executing Dial("SIP/sj1-4ff7", "H323/0797617729") in new stack
-- Called 0797617729
-- H323/0797617729 is ringing
-- H323/0797617729 answered SIP/sj1-4ff7
== Spawn extension (default, 0797617729, 1) exited non-zero on
'SIP/sj1-4ff7'
-- Executing
2005 Dec 13
1
Standalone TC module ?
Hello,
This might seem like a strange question but...
Is there someway to only allow the Traffic Shaping module of Shorewall to
run ? I am already running a bunch of my own firewall and routing scripts
and am really interested in the ease of Shorwalls Traffic Shaping module.
Does anyone know a way to make it fire up separately without any of the
firewall stuff ? (yes I know that sounds
2005 Dec 08
3
trouble with shorewall on Mandriva 2006 (2nd)
(Sorry, my previous post was sent in HTML format)
I am having a hell of a time with shorewall...
I have a Dlink DCM202 Cable modem with the Ethernet connected directly to
eth0 on the linux box. Then I have a second nic on the linux box connected
to a hub for
the internal network.
I am trying to allow traffic from the internet connect to my FTP and WEB
servers on my Winbloze box on the lan.
2015 Jun 30
1
wiki.centos.org/TipsAndTricks/VncHeadlessInstall
(Apologies for the potential duplicate post. My initial post had a
smashed subject line. This post only adds the subject and this note.)
I would like permission to edit this page. The changes I have in mind are:
1) It is not necessary to burn a CD/DVD to do a "headless" install in
cases where the installed system has a monitor, but for some reason
cannot support a graphical
2018 Sep 12
4
smbclient for SCO OpenServer 5.0.7
Looking back in the samba mailing list archives, I see not soancient requests
for samba on ancient SCO OpenServer systems.
Recently faced with a situation where a Windows Server upgrade to 2012 R2 and
broke an smbclient upload from a SCO OpenServer 5.0.7 system. Directory
listings and file deletions did not fail, but all upload attempts produced
empty files on the Windows server (this due,
2005 Apr 30
5
SPT vs. DPT Sanity Check (Samba rules)
Before wasting a lot of time going at this in the wrong list, I would like
to confirm whether my thinking is on or off base with respect to source
and destination ports.
Samba is being blocked by fw2loc even though I have accept rules
set up. I believe I can explain why, but I could be wrong.
I think that for some reason, samba is sourcing stuff on the commonly
used port 137, but trying to send
2007 Oct 26
10
Port problem.
Hello,
We have a video conference server using tcp and udp 3001 prot in internal,
external user said that can''t connect to video server and held on 3001 fail,
the following is file configuration,
nat: 1.2.3.4 eth1:3 192.168.0.18
rule: video/ACCEPT net loc:192.168.0.18
marco.video:
PARAM - - tcp 3000
PARAM - -
2013 Jan 08
4
Splunk Module Development Recommendations
Good morning,
We''ve been testing PE and beginning developing modules for our
infrastructure. One of the modules I''m looking to create is an installation
for Splunk, with the primary focus at this time, on the Forwarder. I
already have the splunkforwarder-5.0.1-143156-linux-2.6-amd64.deb package
being fetched from the Master and also performing the installation via
dpkg. I
2011 Jul 05
24
Shorewall 4.4.21 RC 3
RC 3 is now available for testing.
Problems corrected:
1) The Shorewall and Shorewall6 ''load'' and ''reload'' commands
previously used the setting of RSH_COMMAND and RCP_COMMAND from
/etc/shorewall/shorewall.conf (/etc/shorewall6/shorewall6.conf).
These commands now use the .conf file in the current working
directory.
2) The new parameterized
2011 Jul 05
24
Shorewall 4.4.21 RC 3
RC 3 is now available for testing.
Problems corrected:
1) The Shorewall and Shorewall6 ''load'' and ''reload'' commands
previously used the setting of RSH_COMMAND and RCP_COMMAND from
/etc/shorewall/shorewall.conf (/etc/shorewall6/shorewall6.conf).
These commands now use the .conf file in the current working
directory.
2) The new parameterized
2007 Aug 15
8
Shorewall and printing problems in the LAN ( loc ) zone
Guys,
Just a quick check. From what i have read in the
shorewall site, intrazone traffic is allowed
completely by shorewall i.e. there is no filtering or
packet size limiting ,etc,etc.
I ask this becos after getting shorewall up and
running well, someone has complained that they cannot
print pdf files larger than 100k at one go but that
they have to print one page at a time.
Some details;