Displaying 20 results from an estimated 2000 matches similar to: "Re: Undelivered Mail Returned to Sender"
2006 Jun 30
5
WG: OpenVPN question
Shorewall can run without openvpn, but you need it if you want to establish private networks through public structures.
-----Ursprüngliche Nachricht-----
Von: info@kws-netzwerke.de [mailto:info@kws-netzwerke.de]
Gesendet: Freitag, 30. Juni 2006 12:52
An: 'Shorewall Users'
Betreff: AW: [Shorewall-users] OpenVPN question
Shorewall is able to work with openvpn but it isn´t a bundle of a
2006 Sep 14
5
Shorewall make my firewall fly!
I''ve just put in production a Linux firewall with 4 ethernet interfaces
and 3 openvpn tun virtual interfaces.
With Shorewall everything work like a charm (only a little hassle with
some details, due to bad configuration, not bugs!)
Great tool!
Tom and other Shorewall developers, you all are great!
Bye (and sorry for my bad english)
--
Paolo Basenghi - Centro elaborazione dati
2006 Jun 30
2
OpenVPN question
Shorewall have OpenVPN itself or need install OpenVPN for Shorewall to run ?
Thank
_______________________________________
YM - 離線訊息
就算你沒有上網,你的朋友仍可以留下訊息給你,當你上網時就能立即看到,任何說話都冇走失。
http://messenger.yahoo.com.hk
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere
2006 Aug 23
5
OpenVPN and multiple ISPs
I have a server, server A, with three NICs: two to the Internet via
separate ADSL modems, and one to the LAN. The two ''net'' interfaces are
configured as described at http://www.shorewall.net/MultiISP.html. This
has been working for a number of months.
I am now testing an OpenVPN link between server A and another (currently
single-ISP) server (server B). I can establish the VPN
2006 Sep 05
5
two-interfaces problem
When I install the two-interfaces files in /etc/shorewall on my FC-5 system
(with shorewall-3.2.3) and run "services shorewall restart" I get
------------------------------------------------------
cp -a interfaces masq policy routestopped rules zones /etc/shorewall/
...
[root@alfred shorewall]# service shorewall restart
...
Determining Zones...
ERROR: Zone fw is defined more than once
2007 Feb 03
3
Shorewall and Squid 2.6
Hi all,
(not sure that this is the right places where send this. sorry)
I think that http://www.shorewall.net/Shorewall_Squid_Usage.html must be
updated.
The current SQUID version (2.6) don''t support anymore the ''httpd_accel''
directives.
So anyone that would follow this guide for configure a transparent proxy
will receive an error 400.
Please modify the guide as
2006 Aug 19
2
Accounting
Hello,
I want set the accounting function for web traffic, when I use shorewall show web it can''t show anything.
accounting file:
GROUP
web:COUNT - eth1 eth0 tcp 80 80
web:COUNT - eth0 eth1 tcp 80 80
Thank !
_______________________________________
YM - 離線訊息
2006 Oct 23
3
command not found error
I am running version 3.0.7 of Shorewall on a Debian Sarge system, but when I
start Shorewall I get this:
/usr/share/shorewall/firewall: line 204: 4: command not found
I looked there and found this:
# Run ip and if an error occurs, stop the firewall and quit
#
run_ip() {
if ! ip $@ ; then
if [ -z "$STOPPING" ]; then
error_message "ERROR: Command \"ip
2006 Aug 08
2
Captive Portal compatible with Shorewall
Can anyone recommend a captive portal solution that is compatible
Shorewall? I know they are not completely secure but I have use for it.
Thanks!
Matt Burleigh
Senior Systems Engineer
703-236-0800 ext 790
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with
2007 Feb 09
26
transient "martian source ..." errors
Hi All,
As you probably all know :-) I''m trying to do the multi-isp thing. I''ve
resolved my last issue with the route_rules as suggested by Tom and
Jerry suggested.
Lately I have been seeing "transient" (I say transient because the
problem will persist for a while and then magically clear itself up some
number of minutes later) situations where my gateway will log:
2006 Aug 29
3
masq problem
Hi everybody.
I''m sorry to bother you because I''m probably doing something wrong, but
I have already read the documentation and I have been using shorewall
for quite a long time.
I recently installed 3.2.3 from source (but there was the same problem
with 3.0.7 from apt-get ... -t unstable)
The thing is, that I can''t get masq working. Maybe this is because
2006 Oct 13
3
Re: Tc rules Help with multiISP+ squid& squidguard...
>If you
>
>a) Have the correct REDIRECT rule (which you do); and
>b) Are accepting $FW->Net HTTP traffic (which you are -- at least with
your
>policy); and
>c) DNS works from your firewall (I assume it does since you are wide
open >from $FW->Net); then
>The problem is in your Squid configuration (this is true in %90 of the
>reports on this list where Squid
2006 Apr 22
6
bridge firewall with two nets
Hi
I would like to use shorewall for my bridge firewall.
I just read the howto http://www.shorewall.net/bridge.html
But in this howto there are only one net behind the bridge and have
two nets behind my bridge.
Can I use shorewall with two nets behind the bridge.
Thanks in advance.
roberto
--
Ing. Roberto Pereyra
ContenidosOnline
Servidores BSD, Solaris y Linux
Soporte técnico ISPs
2006 Oct 17
2
Re: Tc rules Help with multiISP+ squid& squidguard...
Tom wrote :
>My advice to you is still the same -- you are going to have to use
tcpdump >or ethereal to see what is happening. You have the computer
there in front >of you
>-- we don''t. So only you are going to be able to solve this. We are
not.
>From the dump you sent, it looks like many SYN packets are being sent
on >ppp0
>and never replied to. So you need to
2006 Aug 18
3
DNAT Security Hole?
# shorewall version
3.2.1
SNAT is enabled. Setting up DNAT to do port forwarding -- this example
looked exactly like what I wanted:
(FAQ 1c) From the internet, I want to connect to port 1022 on my firewall
and have the firewall forward the connection to port 22 on local system
192.168.1.3. How do I do that?
In /etc/shorewall/rules:
#ACTION SOURCE DEST PROTO DEST PORT
2006 Aug 21
1
Multiisp and pptp
I'm using shorewall 3.0.4 with ubuntu dapper. I've compiled the kernel
with the option CONFIG_IP_ROUTE_MULTIPATH_CACHED=n.
I had a trouble with, pptp connection, I'm trying to connect a using
microsoft vpn a vpn server out of my lan, and don't work.
My files
<providers>
ADSL1 1 1 main eth1.600 10.190.1.1 track,balance eth0
ADSL1 2 2 main eth1.601 10.190.2.1
2006 Aug 29
1
Typo in 3.3 release notes
Just a note that the 3.3 development release notes
(ftp://shorewall.net/pub/shorewall/development/3.3/shorewall-3.3.0/relea
senotes.txt) have a typo under the Migration Considerations.
<current>
/etc/shorewall/accounging.
</current>
<fixed>
/etc/shorewall/accounting.
</fixed.
Regards,
- Craig.
2006 Jun 30
1
Newbie Log question
My Shorewall server /var/log/messages only have loc2fw, net2fw, I want display net2loc, how can do that?
Thank
_______________________________________
YM - 離線訊息
就算你沒有上網,你的朋友仍可以留下訊息給你,當你上網時就能立即看到,任何說話都冇走失。
http://messenger.yahoo.com.hk
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
2006 Oct 13
1
Re: Tc rules Help with multiISP + squid& squidguard...
In policy
$FW Net ACCEPT
Dump.rar join
THX
-----Message d''origine-----
De : shorewall-users-bounces@lists.sourceforge.net [mailto:shorewall-users-bounces@lists.sourceforge.net] De la part de Tom Eastep
Envoyé : jeudi 12 octobre 2006 21:22
À : Shorewall Users
Objet : Re: [Shorewall-users] Tc rules Help with multiISP + squid& squidguard...
Joffrey FLEURICE wrote:
>
>
>
2006 Oct 26
1
Saprouter forwarding from shorewall firewall to an internal saprouter server
Hi guys,
i have a 2-interfaces nic cards Shorewall 3.0.x Firewall. I need to
allow access to an internal saprouter server from internet.
When i try a connection from the sapgui from a workstation on Internet i
get a connection time-out on port 3299 by the saprouter
My shorewall interfaces configuration is:
ZONE INTERFACE BROADCAST OPTIONS
loc eth3 detect