similar to: Request for iproute2/shorewall engineer

net dmz:192.168.0.1 tcp 80 I forgot to mention that this should be put to rules file, sorry. _____ Von: Michael Weickel - iQom Business Services GmbH [mailto:mw@iqom.de] Gesendet: Dienstag, 2. Februar 2010 17:37 An: ''Shorewall Users'' Betreff: AW: [Shorewall-users] Suddenly DMZ can''t access to internet No. For

Forget about my part to nat file. I was wrong. Try my masq configuration. _____ Von: Michael Weickel - iQom Business Services GmbH [mailto:mw@iqom.de] Gesendet: Dienstag, 2. März 2010 00:17 An: ''Shorewall Users'' Betreff: AW: [Shorewall-users] NAT Issue Try 1.1.1.198 eth0 172.16.1.23 no no INTERFACE - interfacelist[:[digit]] Interfacees that

OK - I figured out what it is but maybe someone can give an explanation here. If I use he multiple zones configuration I have to do in addition Hosts v3005 vlan3005:0.0.0.0/0 And of course this seems to be very logic since this means all ip´s on the internet. But I am still confused a lot why this is the first time I have to do it after using Shorewall over years without to be forced to say

Hello We are using old version ( shorewall-3.0.7-1) with Centos 5.3 The shorewall has three zones (net / loc / dmz). Loc can access to internet with no problem and can access to DMZ. DMZ can''t access to internet. Net can''t access to DMZ with NAT. I tried to restart the machine / check Lan card / check cable , they were work find. Is it DMZ Lan card problem? but it can

Hello I've searched quite a bit, but have so far been unsuccessful in finding an answer to a question I have concerning the upload of files via rsync over SSH. When downloading, I have been able to make use of SSH's benefits, yet still keep the rsync server safe from a shell accessible with a private SSH key lacking a passphrase by restricting the public key used by the rsync client to

Hi, I have a client behind shorewall which has 2 IP: 192.168.8.35 is the real IP and 192.168.8.37 is the virtual IP. I have added DNAT rules into shorewall: DNAT net loc:192.168.8.35 tcp 11008 - 1.2.3.4 DNAT net loc:192.168.8.37 tcp 55000 - 1.2.3.5 1.2.3.4 and 1.2.3.5 is virtual IP

Hi, I have 8 ethernet cards installed. Is it possible to use eth0-eth6 as the net interface for shorewall and eth1 as the lan network? Thanks. sangprabv sangprabv@gmail.com ------------------------------------------------------------------------------

Hey guys, I have a question regarding shorewall and vrf functionality. I have shorewall 3.4.8 and kernel 2.6.24-gentoo-r8 I have tried to use iproute2 (ip route and ip rule) to establish multiple routing tables. The biggest problem seems to be, that I cannot add interfaces such as vlan interfaces to the routing table. My target is that linux takes attention of on which vlan interface

Hi list, is it true that Shorewall is not willing to forward traffic from a source-ip which is not reachable by a static route from Shorewall itself? To say it on another way. If Shorewall´s routing interface is neither connected nor able to reach that source ip does it forward or deny it? So the situation is the following. I send from an ip which is not part of interface nor hosts file. But

Hi all I have samba 1.9.18 and 2.0.2 shares which are also shared to the macintosh world with Helios ethershare running under Solaris 2.5.1 and 2.6. I can create files and directories with the German special characters "umlaute" and "sz" with either client. My problem is that the macintoshes can't access directories created from the PCs whose name contains special

Hi there We have Samba 2.0.3 running under solaris 2.5.1. Security is domain, NT domain users are mapped to unix users, we have a homes section in the smb.conf, and the home directories are mounted by the NT Clients on startup. I can crash explorer by carrying out the following sequence. In explorere, right click on the drive , select the security tab, click on permissions and hey presto ...

Hi I just installed Samba 2.0.4 under Solaris 2.5.1 Now when someone trys to save a MS Word file to his home directory on the SUN he gets a "not enough permissions" msg. Looking on the unix side I see a file ~WRD1741.tmp with permissions of 000 . I upped the log level to 3 and found this .. call_nt_transact_set_security_desc: file = forNT/~WRD1741.tmp, sent 0x7 [1999/05/19

Hi, I''m searching is there is a website to browse iproute2 source code as we can do with the kernel here http://lxr.linux.no/source/ It''s a very useful tool to follow function calls and macros across the multitude of files of the package. I''ve already searched google for a websie like this but i haven''t found anything so I ask here. One more time, thank

Hello All, I an having some trouble with src-based policy routing, and I was wondering if there is a way to debug iproute2. I am not sure whether there is some problem with the network setup or there is some issue with iproute2, hence I would like to debug it and see whats happening. I would appreciate any help. Thanks -- Pranav ------------------------------ http://pd.dnsalias.org

Hi all, i have a problem i have this topology 192.168.1.7 GW 192.168.2.252 link 1 ------------------------------------ link 2 | | eth1 PROXY eth0 192.168.1.245 192.168.2.245 The default gw of the PROXY is 192.168.1.7 and the link2 is a Secondary link that i need to go out to internet!!!! My internal IP of the network is

There are some notes written by Jamal that come with the iproute2 source that describe some very significant features that are not even hinted at in the lartc document. They aren''t real easy to run across if you don''t know they exist and even when I did first see them, I wasn''t sure if they represented the current state of things. I also ran across IMQ and it took me a

This is a much delayed update to the iproute2 command set. It can be downloaded from: http://developer.osdl.org/dev/iproute2/download/iproute2-2.6.18-061002.tar.gz Repository: git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git For more info on iproute2 see: http://linux-net.osdl.org/index.php/Iproute2 The version number includes the kernel version to denote what

Hello, I used iproute2 to do iif specific routing on wifi routers with 2 wifi 802.11b interfaces on non overlapping interfaces. I set rule as follows on router-2 (shown below) use table 100 if incomming interface is wlan0 use table 200 if incomming interface is wlan1 all routes in table 100 have wlan1 as oif all routes in table 200 have wlan0 as oif --wlan0--

Hi All I''m the newbie in iproute2. For some reason, I have to use static linked instead of dynamic. My kernel is 2.4.18-14 (Redhat 8.0). After patching htb3.6_tc.diff, still comes out "Unknown qdisc "htb"..." by "tc qdisc add dev eth0 root handle 1: htb default 20" command. Or any examples/web link discuss about iproute2 static linked? Please advise! BR

Sorry for disturbung you, but I am not aware about a specialized forum/ml for iproute2. I try to use iproute2''s dumb nat, I tried with kernels 2.4.27, .32 and 2.6.8. While DNAT is working fine, I am not able to do any SNAT: 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:04:e2:10:88:5f brd ff:ff:ff:ff:ff:ff inet 10.10.20.10/24 brd