similar to: Fwd: Re: Shorewall/Xen setup (correct from-address this time)

Hi all well im using two interfaces.. e.g: eth0:202.188.9.2 is WAN and eth1;192.168.1.1 is LAN.. when im in LAN let say from 192.168.1.9 i cant open WAN IP address e.g: 202.188.9.2 .. why? how to set this?... i only can open 192.168.1.1 .. if possible i want to have both accessable.. thanks rgds amir

Hi folks Im currently doin firewall project.. the scenario is like this.. my application server open port number 3079 the server ip is 202.188.0.132. and now the port can be accessed from everywhere. Now i want to block all the everywhere accessed. But my problem is, the application will be accessed by few locations that doing transaction with the application server. and the said locations are

We had a running ipsec shorewall system to all of our remote offices. We added a dmz to the firewall and implemented proxy arp for that dmz. We have checked everything two or three times and cannot figure out why the vpns will no longer come up. We are using shorewall version 2.2.3 from the debian stable sarge distribution. We noticed the errata that for 2.0.0 there was a problem with proxy

I want to build a robust firewall for a resort installation. The resort''s telephony is entirely VOIP, asterisk based. We have the following internet feeds: 1) 512/512 kb fixed bandwidth leased line with static IP from Telco- primary connection, expensive, to use for VOIP, VPN traffic, mail server, SSH access for remote work. Reliable. 2) 256/512 kb ADSL from Telco, not fixed IP -

Hello Everyone! I am using shorewall-3.0.5 on suse linux. Recently we have implemented dansguardian running on 8080 and squid on port 3128. Previously (before dans guardian) masquerading was working fine but after the implementation of dansguardian masquerading is not working. My rules file has entry Previous entry was ACCEPT loc:192.192.192.3 net REDIRECT loc 8080 tcp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, Shorewall-3.0.3 RH9 (+legacy updates) eth0: loc: 192.168.1.0/24 eth0:0: loc: 192.168.20.0/24 eth1:: 69.70.32.8/29 I''m worked all day on an issue I found today and I just can''t find a way to fix my problem. So, basically, for now, my network looks like this: Internet ^ | (69.70.32.8/29) Firewall 192.168.1.1

Greetings all, I have just install Shorewall on a Debian system and I''m using it as a firewall on an internal network. The specifics of the system are as follows: firewall:/var/log# shorewall version 3.0.4 firewall:/var/log# uname -a Linux firewall 2.6.12-1-386 #1 Tue Sep 27 12:41:08 JST 2005 i586 GNU/Linux Shorewall start successfully and $FW can connect to the Internet for upgrading

Hi! I have reprise try to resolve this problem, suspended from 17 dec 2005 I have try to apply the suggest of Jerry (see above). The problem still exist. See attach shorewall config, dump and tcpdump when I check to exit whit SSH from firewall... In the masq file is reported the last my attempt in order to resolve my problem, however I have test also the example reported in MultiISP.html, but

Hi All, I''m using Shorewall 3.0.4 and I''m wondering if it is possible to do traffic shapping on only one interface from a bridge. The firewall has got 3 NIC, eth0, eth1, eth2. eth0 and eth2 are bridged, but if I''m right, when you specify a traffic rate for a link, you do it for the interface. In my case, eth0 and eth2 do not appear in the interface file, but it is

Hi all, I''m trying to set up a transparent proxy with dansguardian, and running into some strange issues with the squid setup without dansguardian. I have used shorewall for quite some time, and I''m stumped as to why I can''t get this to work. Here is a brief synopsis of my network. loc --> gateway/firewall--> net I have the following policies: #firewall to

Hi all, I''ve a little server, an old PIII 677 with Fedora Core 4, default kernel, and Shorewall 3.0.1. This pc is working fine, but I need to use a 2nd ISP connection; everything is working from configuration point of view, but the server, after a while (usually few hours), just hangs. Removing the 2-ISP configuration part, the problem is solved, so I''m quite sure that hangs are

I''ve just put in production a Linux firewall with 4 ethernet interfaces and 3 openvpn tun virtual interfaces. With Shorewall everything work like a charm (only a little hassle with some details, due to bad configuration, not bugs!) Great tool! Tom and other Shorewall developers, you all are great! Bye (and sorry for my bad english) -- Paolo Basenghi - Centro elaborazione dati

Hi all, (not sure that this is the right places where send this. sorry) I think that http://www.shorewall.net/Shorewall_Squid_Usage.html must be updated. The current SQUID version (2.6) don''t support anymore the ''httpd_accel'' directives. So anyone that would follow this guide for configure a transparent proxy will receive an error 400. Please modify the guide as

Shorewall can run without openvpn, but you need it if you want to establish private networks through public structures. -----Ursprüngliche Nachricht----- Von: info@kws-netzwerke.de [mailto:info@kws-netzwerke.de] Gesendet: Freitag, 30. Juni 2006 12:52 An: 'Shorewall Users' Betreff: AW: [Shorewall-users] OpenVPN question Shorewall is able to work with openvpn but it isn´t a bundle of a

Can anyone recommend a captive portal solution that is compatible Shorewall? I know they are not completely secure but I have use for it. Thanks! Matt Burleigh Senior Systems Engineer 703-236-0800 ext 790 ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with

Hi everybody. We are running Shorewall and Squid on Suse on the same box. Each is working fine independently, but we can''t get them to cooperate. The access log in squid shows no requests when Shorewall is on. Here are all the changes we made in the configuration files. Everything else is the same. We have read through the mailing list and the guide, but still haven''t figured it

Hi All, As you probably all know :-) I''m trying to do the multi-isp thing. I''ve resolved my last issue with the route_rules as suggested by Tom and Jerry suggested. Lately I have been seeing "transient" (I say transient because the problem will persist for a while and then magically clear itself up some number of minutes later) situations where my gateway will log:

I have two feeds, one with a static IP and one with a dynamic IP. How can I configure a Multi-ISP setup with the dynamic IP, or can I? I don''t think the gateway will change, just the interface IP. -- Chris Mason NetConcepts (264) 497-5670 Fax: (264) 497-8463 Int: (305) 704-7249 Fax: (815)301-9759 UK 44.207.183.0271 Cell: 264-235-5670 Yahoo IM: netconcepts_anguilla@yahoo.com --

Is it possible to filter HTTP signatures/headers with SHOREWALL ? or is there addon for it ? take care *º¤., ¸¸,.¤º*¨¨¨*¤ Stingray *º¤., ¸¸,.¤º*¨¨*¤ __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------- This SF.Net email

When I install the two-interfaces files in /etc/shorewall on my FC-5 system (with shorewall-3.2.3) and run "services shorewall restart" I get ------------------------------------------------------ cp -a interfaces masq policy routestopped rules zones /etc/shorewall/ ... [root@alfred shorewall]# service shorewall restart ... Determining Zones... ERROR: Zone fw is defined more than once