similar to: Re: Undelivered Mail Returned to Sender

Shorewall can run without openvpn, but you need it if you want to establish private networks through public structures. -----Ursprüngliche Nachricht----- Von: info@kws-netzwerke.de [mailto:info@kws-netzwerke.de] Gesendet: Freitag, 30. Juni 2006 12:52 An: 'Shorewall Users' Betreff: AW: [Shorewall-users] OpenVPN question Shorewall is able to work with openvpn but it isn´t a bundle of a

I''ve just put in production a Linux firewall with 4 ethernet interfaces and 3 openvpn tun virtual interfaces. With Shorewall everything work like a charm (only a little hassle with some details, due to bad configuration, not bugs!) Great tool! Tom and other Shorewall developers, you all are great! Bye (and sorry for my bad english) -- Paolo Basenghi - Centro elaborazione dati

Shorewall have OpenVPN itself or need install OpenVPN for Shorewall to run ? Thank _______________________________________ YM - 離線訊息 就算你沒有上網，你的朋友仍可以留下訊息給你，當你上網時就能立即看到，任何說話都冇走失。 http://messenger.yahoo.com.hk Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere

I have a server, server A, with three NICs: two to the Internet via separate ADSL modems, and one to the LAN. The two ''net'' interfaces are configured as described at http://www.shorewall.net/MultiISP.html. This has been working for a number of months. I am now testing an OpenVPN link between server A and another (currently single-ISP) server (server B). I can establish the VPN

When I install the two-interfaces files in /etc/shorewall on my FC-5 system (with shorewall-3.2.3) and run "services shorewall restart" I get ------------------------------------------------------ cp -a interfaces masq policy routestopped rules zones /etc/shorewall/ ... [root@alfred shorewall]# service shorewall restart ... Determining Zones... ERROR: Zone fw is defined more than once

Hi all, (not sure that this is the right places where send this. sorry) I think that http://www.shorewall.net/Shorewall_Squid_Usage.html must be updated. The current SQUID version (2.6) don''t support anymore the ''httpd_accel'' directives. So anyone that would follow this guide for configure a transparent proxy will receive an error 400. Please modify the guide as

Hello, I want set the accounting function for web traffic, when I use shorewall show web it can''t show anything. accounting file: GROUP web:COUNT - eth1 eth0 tcp 80 80 web:COUNT - eth0 eth1 tcp 80 80 Thank ! _______________________________________ YM - 離線訊息

I am running version 3.0.7 of Shorewall on a Debian Sarge system, but when I start Shorewall I get this: /usr/share/shorewall/firewall: line 204: 4: command not found I looked there and found this: # Run ip and if an error occurs, stop the firewall and quit # run_ip() { if ! ip $@ ; then if [ -z "$STOPPING" ]; then error_message "ERROR: Command \"ip

Can anyone recommend a captive portal solution that is compatible Shorewall? I know they are not completely secure but I have use for it. Thanks! Matt Burleigh Senior Systems Engineer 703-236-0800 ext 790 ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with

Hi All, As you probably all know :-) I''m trying to do the multi-isp thing. I''ve resolved my last issue with the route_rules as suggested by Tom and Jerry suggested. Lately I have been seeing "transient" (I say transient because the problem will persist for a while and then magically clear itself up some number of minutes later) situations where my gateway will log:

Hi everybody. I''m sorry to bother you because I''m probably doing something wrong, but I have already read the documentation and I have been using shorewall for quite a long time. I recently installed 3.2.3 from source (but there was the same problem with 3.0.7 from apt-get ... -t unstable) The thing is, that I can''t get masq working. Maybe this is because

>If you > >a) Have the correct REDIRECT rule (which you do); and >b) Are accepting $FW->Net HTTP traffic (which you are -- at least with your >policy); and >c) DNS works from your firewall (I assume it does since you are wide open >from $FW->Net); then >The problem is in your Squid configuration (this is true in %90 of the >reports on this list where Squid

Hi I would like to use shorewall for my bridge firewall. I just read the howto http://www.shorewall.net/bridge.html But in this howto there are only one net behind the bridge and have two nets behind my bridge. Can I use shorewall with two nets behind the bridge. Thanks in advance. roberto -- Ing. Roberto Pereyra ContenidosOnline Servidores BSD, Solaris y Linux Soporte técnico ISPs

Tom wrote : >My advice to you is still the same -- you are going to have to use tcpdump >or ethereal to see what is happening. You have the computer there in front >of you >-- we don''t. So only you are going to be able to solve this. We are not. >From the dump you sent, it looks like many SYN packets are being sent on >ppp0 >and never replied to. So you need to

# shorewall version 3.2.1 SNAT is enabled. Setting up DNAT to do port forwarding -- this example looked exactly like what I wanted: (FAQ 1c) From the internet, I want to connect to port 1022 on my firewall and have the firewall forward the connection to port 22 on local system 192.168.1.3. How do I do that? In /etc/shorewall/rules: #ACTION SOURCE DEST PROTO DEST PORT

I'm using shorewall 3.0.4 with ubuntu dapper. I've compiled the kernel with the option CONFIG_IP_ROUTE_MULTIPATH_CACHED=n. I had a trouble with, pptp connection, I'm trying to connect a using microsoft vpn a vpn server out of my lan, and don't work. My files <providers> ADSL1 1 1 main eth1.600 10.190.1.1 track,balance eth0 ADSL1 2 2 main eth1.601 10.190.2.1

Just a note that the 3.3 development release notes (ftp://shorewall.net/pub/shorewall/development/3.3/shorewall-3.3.0/relea senotes.txt) have a typo under the Migration Considerations. <current> /etc/shorewall/accounging. </current> <fixed> /etc/shorewall/accounting. </fixed. Regards, - Craig.

My Shorewall server /var/log/messages only have loc2fw, net2fw, I want display net2loc, how can do that? Thank _______________________________________ YM - 離線訊息 就算你沒有上網，你的朋友仍可以留下訊息給你，當你上網時就能立即看到，任何說話都冇走失。 http://messenger.yahoo.com.hk Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier

In policy $FW Net ACCEPT Dump.rar join THX -----Message d''origine----- De : shorewall-users-bounces@lists.sourceforge.net [mailto:shorewall-users-bounces@lists.sourceforge.net] De la part de Tom Eastep Envoyé : jeudi 12 octobre 2006 21:22 À : Shorewall Users Objet : Re: [Shorewall-users] Tc rules Help with multiISP + squid& squidguard... Joffrey FLEURICE wrote: > > >

Hi guys, i have a 2-interfaces nic cards Shorewall 3.0.x Firewall. I need to allow access to an internal saprouter server from internet. When i try a connection from the sapgui from a workstation on Internet i get a connection time-out on port 3299 by the saprouter My shorewall interfaces configuration is: ZONE INTERFACE BROADCAST OPTIONS loc eth3 detect