similar to: maclist or rule question

Experts, Sorry if this is a FAQ but I''m not on this alias. Please reply directly to me. I''m working on a project setting up a web portal that will use 2 hosts for load balancing ftp''s. I wanted to use ZFS to showcase it to our customer. What I''ve been trying to setup is anonymous ftp to a host that is sharing a ZFS file system. Anonymous ftp is configured and

Hi I'm a new rsync user. I have two systems, A and B both with rsync installed. I've setup rsync in daemon mode on system B and want to rsync a directory /projects/sw/lib/ from system A to system B. My rsyncd.conf file on system B looks like this: [swlibrary] path = /projects/sw comment = Master Libraries If I execute on system A: rsync systemB:: I can see the

Hi list, I just experienced an odd behaviour in 1.4.22 vs 1.4.21.2. To cut a long story short, IAX2 is not tx-ing hangup... Scenario is composed of two asterisk systems A and B. A receives calls from IAX users X, Y, Z, etc, does some validation and forwards them to B, also over IAX. When B hangs up, it transmits IAX hangup which A receives who, in turn, does not transmit the IAX hangup to its

Before I post to networking-discuss I wanted to ask if anyone had tried this on this: I''m trying to run a dhcp-server on a dom0 over a vnic so that the domU''s can get IP addresses. I created a vnic r1 over e1000g0 and gave it a static IP 172.0.94.111/24 so I can run the dhcp server over this vnic. root@lm2-dom0:~# dhtadm -P Name Type Value

Setting up MAC Verification on eth0... Error: Interface eth0 must be up before Shorewall can start my : /etc/shorewall/shorewall.conf: MACLIST_DISPOSITION=REJECT MACLIST_LOG_LEVEL=info interfaces: #ZONE INTERFACE BROADCAST OPTIONS net ppp0 217.96.90.242 noping loc eth0 255.255.255.0 routestopped,maclistmaclist: maclist: #INTERFACE MAC IP

First off, I want to say that everyone on this list is great. So heres what I want to do..I have a maclist setup with all my users (roughly 400). There are constantly people leaving (deleting their accounts which removes their MAC address) and registering for internet access ( I have a php webserver that registers them, adds them to the maclist, and allows them on the net). Is there a way to

> Yes -- just leave the setting of MACLIST_DISPOSITION=REJECT and any request > from interfaces with the ''maclist'' option will be rejected if there isn''t a > match found in the maclist file. I have wrote some IP''s and MAC''s from my network, for example : #INTERFACE MAC IP ADDRESSES (Optional)

It is working very good :) Thank You. I only need to write Interface etho in maclist file. My MAC addresses don''t neet the ~ in front of. Thanks ! Maciek -- ---- Oferta jakiej jeszcze nie by³o! Serwer www 60 MB za 99 z³ rocznie Szczegó³y: www.oferta.alpha.pl ----

Setting up MAC Verification on eth0... Error: Interface eth0 must be up before Shorewall can start my : /etc/shorewall/shorewall.conf: MACLIST_DISPOSITION=REJECT MACLIST_LOG_LEVEL=infointerfaces:#ZONE INTERFACE BROADCAST OPTIONSnet ppp0 217.96.90.242 nopingloc eth0 255.255.255.0 routestopped,maclistmaclist:#INTERFACE MAC IP ADDRESSES (Optional)eth0

how to make this work, its seem to me that netfilter is changed more or less someplaces that shorewall do not support, using 4.4.27 shorewall and shorewall6 suggestion welcomed ------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99!

Hi, I am trying to redirect my subnet thru squid and it seems to be working. However I decided tu exclude two hosts from the redirect (ie acces the net directly) and can''t manage to achieve that. I am using the following rule: REDIRECT loc:!192.168.13.48,!192.168.13.200 3128 tcp 80 - With this rule everything gets redirected thru squid. I also tried:

I recently setup shorewall on my freshly rebuilt router box. I setup transparent proxying using transproxy/dansguardian/privoxy/squid. My current rules for the redirect are: REDIRECT loc 81 tcp www - !192.168.100.0/24 ACCEPT fw net tcp www How do I set this so that all the request are redirected except for requests FROM a certain machine (192.168.100.11)? I

Hy, sorry for my poor english i think i''m having a very unusual problem and very dificult to track, but i''ll try to explain it as best as i can. here is my scenario: a firewall/bridge composed of 3 ethernet devices and 1 virtual one. my bridge (br0 ) is composed of eth0, eth1 and tap0 br0:eth0 is my connection to my router (200.244.92.1) br0:eth1 is my connection to my

I want to use fprobe-ulog (http://fprobe.sourceforge.net/) to generate NetFlow information about traffic going through my router. The question is how to get the logging rules added to the appropriate chains (I''m assuming eth2_in and eth2_out in my case)? I''m using the perl version of shorewall 4.0.6. -- Orion Poplawski Technical Manager 303-415-9701

On 08/06/2018 11:51 AM, Tony Schreiner wrote: > On Mon, Aug 6, 2018 at 11:33 AM Robert Moskowitz <rgm at htt-consult.com> > wrote: > >> >> On 08/06/2018 11:11 AM, Tony Schreiner wrote: >>> On Mon, Aug 6, 2018 at 10:55 AM Robert Moskowitz <rgm at htt-consult.com> >>> wrote: >>> >>>> Nicolas, >>>> >>>>

Hello, I have forwarded this to the shorewall-users list. You will find better support for this obscure problem there. Regards, Alex Martin http://www.rettc.com Cristian Valentin Barean wrote: > Hello ! > My name is Barean Cristian, and I have a network of 35 users, on a > Linux Mandrake 9.2 server. > As I was adding more users in my network, I found a problem with

Hi, I have a few problems with my shorewall configuration. First of all, the option maclist seems no to be recognized. I have this: ghostwheel /etc/shorewall # cat interfaces | grep -v ''^#'' - eth1 detect dhcp,tcpflags,routefilter loc eth0 detect tcpflags,maclist When I look at shorewall-init.log, I found out:

Hi, At the moment I am controlling my LAN client access to the Inet by their MAC address. Currently I am putting their MAC address in the rules file - now the number of the PC that I want to manage is getting more and more and it is not practicle to do this way anymore. My question is, how can I have their MAC address in other separate file? Regards http://www.debian.org/consultants/#Malaysia

hi there. There are approx. 400-500 users in our network and we plan to insert all their MAC addresses into maclist and bind them together with IP address. My question is whether shorewall is able to process that much of MAC addresses without slowing the the network speed performance? thanks for your time. __________________________________ Do you Yahoo!? Yahoo! Small Business - Try our new

I have a rule setup to transparently proxy all normal web traffic through Dan''s Guardian for filtering. However, there are a few sites that simply do not work right through a transparent proxy. The biggest of these is yahoo mail. Most sites are not a problem to add to the exemption list. Yahoo, however, apparently uses many servers for the webmail system. There is the main server