similar to: Re: Undelivered Mail Returned to Sender

Shorewall can run without openvpn, but you need it if you want to establish private networks through public structures. -----Ursprüngliche Nachricht----- Von: info@kws-netzwerke.de [mailto:info@kws-netzwerke.de] Gesendet: Freitag, 30. Juni 2006 12:52 An: 'Shorewall Users' Betreff: AW: [Shorewall-users] OpenVPN question Shorewall is able to work with openvpn but it isn´t a bundle of a

I''ve just put in production a Linux firewall with 4 ethernet interfaces and 3 openvpn tun virtual interfaces. With Shorewall everything work like a charm (only a little hassle with some details, due to bad configuration, not bugs!) Great tool! Tom and other Shorewall developers, you all are great! Bye (and sorry for my bad english) -- Paolo Basenghi - Centro elaborazione dati

Shorewall have OpenVPN itself or need install OpenVPN for Shorewall to run ? Thank _______________________________________ YM - 離線訊息 就算你沒有上網，你的朋友仍可以留下訊息給你，當你上網時就能立即看到，任何說話都冇走失。 http://messenger.yahoo.com.hk Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere

I have a server, server A, with three NICs: two to the Internet via separate ADSL modems, and one to the LAN. The two ''net'' interfaces are configured as described at http://www.shorewall.net/MultiISP.html. This has been working for a number of months. I am now testing an OpenVPN link between server A and another (currently single-ISP) server (server B). I can establish the VPN

When I install the two-interfaces files in /etc/shorewall on my FC-5 system (with shorewall-3.2.3) and run "services shorewall restart" I get ------------------------------------------------------ cp -a interfaces masq policy routestopped rules zones /etc/shorewall/ ... [root@alfred shorewall]# service shorewall restart ... Determining Zones... ERROR: Zone fw is defined more than once

Hi all, (not sure that this is the right places where send this. sorry) I think that http://www.shorewall.net/Shorewall_Squid_Usage.html must be updated. The current SQUID version (2.6) don''t support anymore the ''httpd_accel'' directives. So anyone that would follow this guide for configure a transparent proxy will receive an error 400. Please modify the guide as

Hello, I want set the accounting function for web traffic, when I use shorewall show web it can''t show anything. accounting file: GROUP web:COUNT - eth1 eth0 tcp 80 80 web:COUNT - eth0 eth1 tcp 80 80 Thank ! _______________________________________ YM - 離線訊息

Hi All, As you probably all know :-) I''m trying to do the multi-isp thing. I''ve resolved my last issue with the route_rules as suggested by Tom and Jerry suggested. Lately I have been seeing "transient" (I say transient because the problem will persist for a while and then magically clear itself up some number of minutes later) situations where my gateway will log:

I am running version 3.0.7 of Shorewall on a Debian Sarge system, but when I start Shorewall I get this: /usr/share/shorewall/firewall: line 204: 4: command not found I looked there and found this: # Run ip and if an error occurs, stop the firewall and quit # run_ip() { if ! ip $@ ; then if [ -z "$STOPPING" ]; then error_message "ERROR: Command \"ip

Can anyone recommend a captive portal solution that is compatible Shorewall? I know they are not completely secure but I have use for it. Thanks! Matt Burleigh Senior Systems Engineer 703-236-0800 ext 790 ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with

Hi everybody. I''m sorry to bother you because I''m probably doing something wrong, but I have already read the documentation and I have been using shorewall for quite a long time. I recently installed 3.2.3 from source (but there was the same problem with 3.0.7 from apt-get ... -t unstable) The thing is, that I can''t get masq working. Maybe this is because

>If you > >a) Have the correct REDIRECT rule (which you do); and >b) Are accepting $FW->Net HTTP traffic (which you are -- at least with your >policy); and >c) DNS works from your firewall (I assume it does since you are wide open >from $FW->Net); then >The problem is in your Squid configuration (this is true in %90 of the >reports on this list where Squid

Hi I would like to use shorewall for my bridge firewall. I just read the howto http://www.shorewall.net/bridge.html But in this howto there are only one net behind the bridge and have two nets behind my bridge. Can I use shorewall with two nets behind the bridge. Thanks in advance. roberto -- Ing. Roberto Pereyra ContenidosOnline Servidores BSD, Solaris y Linux Soporte técnico ISPs

Tom wrote : >My advice to you is still the same -- you are going to have to use tcpdump >or ethereal to see what is happening. You have the computer there in front >of you >-- we don''t. So only you are going to be able to solve this. We are not. >From the dump you sent, it looks like many SYN packets are being sent on >ppp0 >and never replied to. So you need to

# shorewall version 3.2.1 SNAT is enabled. Setting up DNAT to do port forwarding -- this example looked exactly like what I wanted: (FAQ 1c) From the internet, I want to connect to port 1022 on my firewall and have the firewall forward the connection to port 22 on local system 192.168.1.3. How do I do that? In /etc/shorewall/rules: #ACTION SOURCE DEST PROTO DEST PORT

I'm using shorewall 3.0.4 with ubuntu dapper. I've compiled the kernel with the option CONFIG_IP_ROUTE_MULTIPATH_CACHED=n. I had a trouble with, pptp connection, I'm trying to connect a using microsoft vpn a vpn server out of my lan, and don't work. My files <providers> ADSL1 1 1 main eth1.600 10.190.1.1 track,balance eth0 ADSL1 2 2 main eth1.601 10.190.2.1

Just a note that the 3.3 development release notes (ftp://shorewall.net/pub/shorewall/development/3.3/shorewall-3.3.0/relea senotes.txt) have a typo under the Migration Considerations. <current> /etc/shorewall/accounging. </current> <fixed> /etc/shorewall/accounting. </fixed. Regards, - Craig.

My Shorewall server /var/log/messages only have loc2fw, net2fw, I want display net2loc, how can do that? Thank _______________________________________ YM - 離線訊息 就算你沒有上網，你的朋友仍可以留下訊息給你，當你上網時就能立即看到，任何說話都冇走失。 http://messenger.yahoo.com.hk Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier

In policy $FW Net ACCEPT Dump.rar join THX -----Message d''origine----- De : shorewall-users-bounces@lists.sourceforge.net [mailto:shorewall-users-bounces@lists.sourceforge.net] De la part de Tom Eastep Envoyé : jeudi 12 octobre 2006 21:22 À : Shorewall Users Objet : Re: [Shorewall-users] Tc rules Help with multiISP + squid& squidguard... Joffrey FLEURICE wrote: > > >

Hi guys, i have a 2-interfaces nic cards Shorewall 3.0.x Firewall. I need to allow access to an internal saprouter server from internet. When i try a connection from the sapgui from a workstation on Internet i get a connection time-out on port 3299 by the saprouter My shorewall interfaces configuration is: ZONE INTERFACE BROADCAST OPTIONS loc eth3 detect