similar to: Multi-ISP - rules for one interface

I have two feeds, one with a static IP and one with a dynamic IP. How can I configure a Multi-ISP setup with the dynamic IP, or can I? I don''t think the gateway will change, just the interface IP. -- Chris Mason NetConcepts (264) 497-5670 Fax: (264) 497-8463 Int: (305) 704-7249 Fax: (815)301-9759 UK 44.207.183.0271 Cell: 264-235-5670 Yahoo IM: netconcepts_anguilla@yahoo.com --

Is it possible to filter HTTP signatures/headers with SHOREWALL ? or is there addon for it ? take care *º¤., ¸¸,.¤º*¨¨¨*¤ Stingray *º¤., ¸¸,.¤º*¨¨*¤ __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------- This SF.Net email

I would lilke to shape upload ftp bandwidth in a dual ISP setup [shorewall show connections] tcp 6 431215 ESTABLISHED src=192.168.2.89 dst=83.xxx.xxx.23 sport=1487 dport=21 src=83.xxx.xxx.23 dst=10.0.11.2 sport=21 dport=1487 [ASSURED] use=2 mark=1 [tcdevices] #INTERFACE IN-BANDWITH OUT-BANDWIDTH $EIF 970kbit 245kbit $LIF 970kbit 245kbit

Hello all, I''m somewhat new to networking, and I''m having trouble masquerading connections that are coming over a bridge. The bridge only has a single port for now, but I''m going to add more ports later. I''m basing my configuration on the two-interface quick start guide. I''m using Shorewall 3.0.4 on Ubuntu Dapper. My network looks like this: * The

I''m planning a multi isp setup and cafully read the documentation. One thing that bothers me is the masq file. The example uses a single ip address on each public interface. I have multiple addresses on both public interfaces (16 on one and 64 on the other). I''m a bit confused about what to put in the masq file in this situation. Any insights would be appreciated. Ronald --

Why ping google ??? you should either ping your assigned external ip address ( make your config dhcp for your external ip address even if it is static ) ( If your dsl link is up you sould have an address if not you should not ) If for some reson you cannot do that, ping your isp''s default gw or someone closer. With google you never know what is going on. I do something similar with -m

Hello People I''m new here, so forgive-me for any "newbie talk". My client is running Debian Sarge (Stable), with Shorewall and Webmin. I want to make things easier for them and tried to use the webmin-shorewall module. The thing is - the installed shorewall is 3.0.5 (package from testing) but the webmin module only understands (and builds) the old shorewall 2.x file

Hi everybody. We are running Shorewall and Squid on Suse on the same box. Each is working fine independently, but we can''t get them to cooperate. The access log in squid shows no requests when Shorewall is on. Here are all the changes we made in the configuration files. Everything else is the same. We have read through the mailing list and the guide, but still haven''t figured it

Edit file vi /etc/init.d/klogd In line KLOGD="" Change to KLOGD="-c 5" And restart klogd /etc/init.d/klogd restart _____________________________________________________ Keny Hayakawa Schmeling Diretor Comercial/Administravivo Tel: 5566-1465 Fax: 5566-6541 http://www.optinfo.com.br kenyhs@optinfo.com.br

and Here is my rule that did this DNAT net:eth0 dmz:62.103.xx.101 - - - 62.103.xx.105,103.xx.106,... What I was trying to achieve: Since I am only using 3/16, I wanted to fake the rest of them as being alive hosts. Only to accept pings and some allowed protocols accessed from the net. What is wrong with my rule? Will REDIRECT work ??? Harry Regards.

Hi! I have reprise try to resolve this problem, suspended from 17 dec 2005 I have try to apply the suggest of Jerry (see above). The problem still exist. See attach shorewall config, dump and tcpdump when I check to exit whit SSH from firewall... In the masq file is reported the last my attempt in order to resolve my problem, however I have test also the example reported in MultiISP.html, but

Version 3.0.5 with the two-devices setup (eth0 - net, eth1 - loc). Kernel 2.4.29 tcdevices, tcrules, and tcclasses are clones of the wondershaper example (http://www.shorewall.net/traffic_shaping.htm) with eth0 replacing ppp. With TC_ENABLED=Internal in shorewall.conf: ---- Validating /etc/shorewall/tcdevices... Validating /etc/shorewall/tcclasses... ERROR: device A seems not to be

Hello, after upgrading Shorewall (see subject) and Gentoo-Linux (from Kernel 2.6.12 to 2.6.15, both with Gentoo patches, e.g. not Vanilla) the firewall on our load balancer rejects HTTP packets for the VIP with >Mar 5 23:22:51 balance Shorewall:all2all:REJECT:IN= OUT=eth0 >SRC=XX.XXX.XXX.XXX >DST=XXX.XXX.XXX. XXX LEN=48 TOS=0x00 PREC=0x00 TTL=114 >ID=26421 DF PROTO=TCP SPT=2025

Hello all. First of all, please be a bit indulgent to my poor English :-). Second, this message is "kinda" BIG, so if you don''t like BIG messages, simply don''t read it :-). I''ve read http://shorewall.net/2.0/Shorewall_and_Routing.html and http://shorewall.net/MultiISP.html, however I still a bit confused how to organize what I need :-). I''ve a

Hello Shorewall users, I have some questions I am hoping someone can answer. I have searched around the archives but so far I have been unable to find answers. I am trying to configure traffic shaping on my router/firewall box running Shorewall 3.0.5/kernel 2.4.31 and have run into some problems/questions. My basic set up is: 1500/256kbit ADSL (PPPoE/ppp0) -> Shorewall box

The shorewall work with l7-filter? _____________________________________________________ Keny Hayakawa Schmeling Diretor Comercial/Administravivo Tel: 5566-1465 Fax: 5566-6541 http://www.optinfo.com.br kenyhs@optinfo.com.br _/_/_/ _/_/_/ _/_/_/ _/ _/ _/ _/_/_/ _/_/_/ _/ _/ _/ _/ _/ _/ _/_/ _/ _/ _/ _/ _/ _/

change asterisk.conf: mkdir /var/run/asterisk chown it to your asterisk user. change astrundir => /var/run to astrundir => /var/run/asterisk My guess would be that you are running asterisk as a non-root user and that this user can not write to /var/run . if so, the ctl and PID files are not created. -- -- Steven http://www.glimasoutheast.org "Tom Castleman"

Hello Shorewall list, I''m a happy Shorewall user since a few years now and everything works fine for me except one thing that I try to implement since a week, the multi-isp. I''ve downloaded the 2.4.0 Stable release yesterday and tried the RC2 since a week. My config is a Debian running a kernel 2.4.27 home made with the CONNMARK.diff patch applied I''m using 2 ISP,

If I use a call file (/var/spool/asterisk/outgoing) is it possible to have a video phone connect to a camera (linksys wvc200) and show the camera stream and hear the audio? How would I do that? Jerry

Hello all, I have been putting together a shorewall firewall together for a couple of days, but have hit a bit of a dead end. I am using Shorewall 3.0.5 Shorewall has detected the following iptables/netfilter capabilities: NAT: Available Packet Mangling: Available Multi-port Match: Available Extended Multi-port Match: Available Connection Tracking Match: Available Packet Type