similar to: Problem with virtual interface

Shorewall can run without openvpn, but you need it if you want to establish private networks through public structures. -----Ursprüngliche Nachricht----- Von: info@kws-netzwerke.de [mailto:info@kws-netzwerke.de] Gesendet: Freitag, 30. Juni 2006 12:52 An: 'Shorewall Users' Betreff: AW: [Shorewall-users] OpenVPN question Shorewall is able to work with openvpn but it isn´t a bundle of a

Hi All, As you probably all know :-) I''m trying to do the multi-isp thing. I''ve resolved my last issue with the route_rules as suggested by Tom and Jerry suggested. Lately I have been seeing "transient" (I say transient because the problem will persist for a while and then magically clear itself up some number of minutes later) situations where my gateway will log:

I''ve just put in production a Linux firewall with 4 ethernet interfaces and 3 openvpn tun virtual interfaces. With Shorewall everything work like a charm (only a little hassle with some details, due to bad configuration, not bugs!) Great tool! Tom and other Shorewall developers, you all are great! Bye (and sorry for my bad english) -- Paolo Basenghi - Centro elaborazione dati

by the way, how come the list got another "mail delivery system" email whenever i sent a post?...weird... On 8/30/06, Mail Delivery System <MAILER-DAEMON@mx3-83.sinamail.sina.com.cn> wrote: > This is the Postfix program at host mx3-83.sinamail.sina.com.cn. > > I''m sorry to have to inform you that your message could not > be delivered to one or more recipients.

Shorewall have OpenVPN itself or need install OpenVPN for Shorewall to run ? Thank _______________________________________ YM - 離線訊息 就算你沒有上網，你的朋友仍可以留下訊息給你，當你上網時就能立即看到，任何說話都冇走失。 http://messenger.yahoo.com.hk Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere

When I install the two-interfaces files in /etc/shorewall on my FC-5 system (with shorewall-3.2.3) and run "services shorewall restart" I get ------------------------------------------------------ cp -a interfaces masq policy routestopped rules zones /etc/shorewall/ ... [root@alfred shorewall]# service shorewall restart ... Determining Zones... ERROR: Zone fw is defined more than once

I have a server, server A, with three NICs: two to the Internet via separate ADSL modems, and one to the LAN. The two ''net'' interfaces are configured as described at http://www.shorewall.net/MultiISP.html. This has been working for a number of months. I am now testing an OpenVPN link between server A and another (currently single-ISP) server (server B). I can establish the VPN

Hi all, (not sure that this is the right places where send this. sorry) I think that http://www.shorewall.net/Shorewall_Squid_Usage.html must be updated. The current SQUID version (2.6) don''t support anymore the ''httpd_accel'' directives. So anyone that would follow this guide for configure a transparent proxy will receive an error 400. Please modify the guide as

Hello, I want set the accounting function for web traffic, when I use shorewall show web it can''t show anything. accounting file: GROUP web:COUNT - eth1 eth0 tcp 80 80 web:COUNT - eth0 eth1 tcp 80 80 Thank ! _______________________________________ YM - 離線訊息

I am running version 3.0.7 of Shorewall on a Debian Sarge system, but when I start Shorewall I get this: /usr/share/shorewall/firewall: line 204: 4: command not found I looked there and found this: # Run ip and if an error occurs, stop the firewall and quit # run_ip() { if ! ip $@ ; then if [ -z "$STOPPING" ]; then error_message "ERROR: Command \"ip

Can anyone recommend a captive portal solution that is compatible Shorewall? I know they are not completely secure but I have use for it. Thanks! Matt Burleigh Senior Systems Engineer 703-236-0800 ext 790 ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with

Hi everybody. I''m sorry to bother you because I''m probably doing something wrong, but I have already read the documentation and I have been using shorewall for quite a long time. I recently installed 3.2.3 from source (but there was the same problem with 3.0.7 from apt-get ... -t unstable) The thing is, that I can''t get masq working. Maybe this is because

>If you > >a) Have the correct REDIRECT rule (which you do); and >b) Are accepting $FW->Net HTTP traffic (which you are -- at least with your >policy); and >c) DNS works from your firewall (I assume it does since you are wide open >from $FW->Net); then >The problem is in your Squid configuration (this is true in %90 of the >reports on this list where Squid

Hi I would like to use shorewall for my bridge firewall. I just read the howto http://www.shorewall.net/bridge.html But in this howto there are only one net behind the bridge and have two nets behind my bridge. Can I use shorewall with two nets behind the bridge. Thanks in advance. roberto -- Ing. Roberto Pereyra ContenidosOnline Servidores BSD, Solaris y Linux Soporte técnico ISPs

Tom wrote : >My advice to you is still the same -- you are going to have to use tcpdump >or ethereal to see what is happening. You have the computer there in front >of you >-- we don''t. So only you are going to be able to solve this. We are not. >From the dump you sent, it looks like many SYN packets are being sent on >ppp0 >and never replied to. So you need to

# shorewall version 3.2.1 SNAT is enabled. Setting up DNAT to do port forwarding -- this example looked exactly like what I wanted: (FAQ 1c) From the internet, I want to connect to port 1022 on my firewall and have the firewall forward the connection to port 22 on local system 192.168.1.3. How do I do that? In /etc/shorewall/rules: #ACTION SOURCE DEST PROTO DEST PORT

Hello List, This is my first post to the list, and as such I apologize for the length of it. I tried to put as much detail into this as possible. I recently installed Shorewall on a computer running Gentoo Linux. The computer has 3 network cards in it, but I''ve only configured 2. Going the cheap route, I''m connecting my client directly to my firewall using a crossover cable.

I'm using shorewall 3.0.4 with ubuntu dapper. I've compiled the kernel with the option CONFIG_IP_ROUTE_MULTIPATH_CACHED=n. I had a trouble with, pptp connection, I'm trying to connect a using microsoft vpn a vpn server out of my lan, and don't work. My files <providers> ADSL1 1 1 main eth1.600 10.190.1.1 track,balance eth0 ADSL1 2 2 main eth1.601 10.190.2.1

Just a note that the 3.3 development release notes (ftp://shorewall.net/pub/shorewall/development/3.3/shorewall-3.3.0/relea senotes.txt) have a typo under the Migration Considerations. <current> /etc/shorewall/accounging. </current> <fixed> /etc/shorewall/accounting. </fixed. Regards, - Craig.

My Shorewall server /var/log/messages only have loc2fw, net2fw, I want display net2loc, how can do that? Thank _______________________________________ YM - 離線訊息 就算你沒有上網，你的朋友仍可以留下訊息給你，當你上網時就能立即看到，任何說話都冇走失。 http://messenger.yahoo.com.hk Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier