Displaying 20 results from an estimated 400 matches similar to: "Request for iproute2/shorewall engineer"
2010 Feb 02
17
WG: Suddenly DMZ can't access to internet
net dmz:192.168.0.1 tcp 80
I forgot to mention that this should be put to rules file, sorry.
_____
Von: Michael Weickel - iQom Business Services GmbH [mailto:mw@iqom.de]
Gesendet: Dienstag, 2. Februar 2010 17:37
An: ''Shorewall Users''
Betreff: AW: [Shorewall-users] Suddenly DMZ can''t access to internet
No.
For
2010 Mar 01
1
WG: NAT Issue
Forget about my part to nat file. I was wrong. Try my masq configuration.
_____
Von: Michael Weickel - iQom Business Services GmbH [mailto:mw@iqom.de]
Gesendet: Dienstag, 2. März 2010 00:17
An: ''Shorewall Users''
Betreff: AW: [Shorewall-users] NAT Issue
Try
1.1.1.198 eth0 172.16.1.23 no no
INTERFACE - interfacelist[:[digit]]
Interfacees that
2009 Nov 21
5
WG: Policy make troubles once multiple zones are applied
OK - I figured out what it is but maybe someone can give an explanation
here.
If I use he multiple zones configuration I have to do in addition
Hosts
v3005 vlan3005:0.0.0.0/0
And of course this seems to be very logic since this means all ip´s on the
internet.
But I am still confused a lot why this is the first time I have to do it
after using Shorewall over years without to be forced to say
2010 Feb 02
8
Suddenly DMZ can't access to internet
Hello
We are using old version ( shorewall-3.0.7-1) with Centos 5.3
The shorewall has three zones (net / loc / dmz).
Loc can access to internet with no problem and can access to DMZ.
DMZ can''t access to internet.
Net can''t access to DMZ with NAT.
I tried to restart the machine / check Lan card / check cable , they were work find.
Is it DMZ Lan card problem? but it can
2003 Mar 13
3
SSH command when uploading files
Hello
I've searched quite a bit, but have so far been unsuccessful in finding an
answer to a question I have concerning the upload of files via rsync over
SSH.
When downloading, I have been able to make use of SSH's benefits, yet still
keep the rsync server safe from a shell accessible with a private SSH key
lacking a passphrase by restricting the public key used by the rsync client
to
2010 Feb 05
16
DNAT Problem
Hi,
I have a client behind shorewall which has 2 IP:
192.168.8.35 is the real IP and 192.168.8.37 is the virtual IP.
I have added DNAT rules into shorewall:
DNAT net loc:192.168.8.35 tcp 11008 - 1.2.3.4
DNAT net loc:192.168.8.37 tcp 55000 - 1.2.3.5
1.2.3.4 and 1.2.3.5 is virtual IP
2010 May 22
12
[ASK]How Many Interfaces Supported?
Hi,
I have 8 ethernet cards installed. Is it possible to use eth0-eth6 as the net interface for shorewall and eth1 as the lan network? Thanks.
sangprabv
sangprabv@gmail.com
------------------------------------------------------------------------------
2008 May 30
3
shorewall vrf support
Hey guys,
I have a question regarding shorewall and vrf functionality.
I have shorewall 3.4.8 and kernel 2.6.24-gentoo-r8
I have tried to use iproute2 (ip route and ip rule) to establish multiple
routing tables. The biggest problem seems to be, that I cannot add
interfaces such as vlan interfaces to the routing table.
My target is that linux takes attention of on which vlan interface
2010 Apr 16
3
Route availability check
Hi list,
is it true that Shorewall is not willing to forward traffic from a source-ip
which is not reachable by a static route from Shorewall itself? To say it on
another way. If Shorewall´s routing interface is neither connected nor able
to reach that source ip does it forward or deny it?
So the situation is the following. I send from an ip which is not part of
interface nor hosts file. But
1999 Feb 18
1
Umlaute and Sharing with both SAMBA and Helios Ethershare.
Hi all
I have samba 1.9.18 and 2.0.2 shares which are also shared to the
macintosh world with Helios ethershare running under Solaris 2.5.1 and
2.6. I can create files and directories with the German special
characters "umlaute" and "sz" with either client. My problem is that the
macintoshes can't access directories created from the PCs whose name
contains special
1999 Mar 22
0
bug/feature NT Explorer and Samba-2.0.3 ?
Hi there
We have Samba 2.0.3 running under solaris 2.5.1. Security is domain, NT
domain users are mapped to unix users, we have a homes section in the
smb.conf, and the home directories are mounted by the NT Clients on
startup. I can crash explorer by carrying out the following sequence.
In explorere, right click on the drive , select the security tab, click
on permissions and hey presto ...
1999 May 19
2
Bug samba 2.0.4 ?
Hi
I just installed Samba 2.0.4 under Solaris 2.5.1
Now when someone trys to save a MS Word file to his home directory on
the SUN he gets a "not enough permissions"
msg.
Looking on the unix side I see a file ~WRD1741.tmp with permissions of
000 .
I upped the log level to 3 and found this ..
call_nt_transact_set_security_desc: file = forNT/~WRD1741.tmp, sent 0x7
[1999/05/19
2007 Jul 17
1
a "browse the code" website for iproute2 source files ?
Hi,
I''m searching is there is a website to browse iproute2 source code as
we can do with the kernel here http://lxr.linux.no/source/
It''s a very useful tool to follow function calls and macros across
the multitude of files of the package.
I''ve already searched google for a websie like this but i haven''t
found anything so I ask here.
One more time, thank
2007 Aug 20
0
How to debug iproute2 ?
Hello All,
I an having some trouble with src-based policy routing, and I was wondering
if there is a way to debug iproute2. I am not sure whether there is some
problem with the network setup or there is some issue with iproute2, hence I
would like to debug it and see whats happening.
I would appreciate any help.
Thanks
-- Pranav
------------------------------
http://pd.dnsalias.org
2007 May 08
0
Squid + iproute2
Hi all, i have a problem i have this topology
192.168.1.7 GW 192.168.2.252
link 1 ------------------------------------ link 2
|
|
eth1 PROXY eth0
192.168.1.245 192.168.2.245
The default gw of the PROXY is 192.168.1.7 and the link2 is a
Secondary link that i need to go out to internet!!!! My internal IP of
the network is
2007 Jan 30
0
lartc doc and Jamal''s iproute2 notes
There are some notes written by Jamal that come with the iproute2 source
that describe some very significant features that are not even hinted at
in the lartc document.
They aren''t real easy to run across if you don''t know they exist and even
when I did first see them, I wasn''t sure if they represented the current
state of things. I also ran across IMQ and it took me a
2006 Oct 02
2
[ANNOUNCE] iproute2-2.6.18-061002
This is a much delayed update to the iproute2 command set.
It can be downloaded from:
http://developer.osdl.org/dev/iproute2/download/iproute2-2.6.18-061002.tar.gz
Repository:
git://git.kernel.org/pub/scm/linux/kernel/git/shemminger/iproute2.git
For more info on iproute2 see:
http://linux-net.osdl.org/index.php/Iproute2
The version number includes the kernel version to denote what
2006 Jul 05
0
wifi network performance is degrading with iproute2
Hello,
I used iproute2 to do iif specific routing on wifi routers with 2 wifi
802.11b interfaces on non overlapping interfaces.
I set rule as follows on router-2 (shown below)
use table 100 if incomming interface is wlan0
use table 200 if incomming interface is wlan1
all routes in table 100 have wlan1 as oif
all routes in table 200 have wlan0 as oif
--wlan0--
2006 Aug 02
0
iproute2-051007 TC static linked Makefile how to
Hi All
I''m the newbie in iproute2. For some reason, I have to
use static linked instead of dynamic. My kernel is
2.4.18-14 (Redhat 8.0). After patching
htb3.6_tc.diff, still comes out "Unknown qdisc
"htb"..." by "tc qdisc add dev eth0 root handle 1: htb
default 20" command. Or any examples/web link discuss
about iproute2 static linked? Please advise!
BR
2006 Feb 22
0
iproute2 dump nat
Sorry for disturbung you, but I am not aware about a specialized forum/ml for iproute2. I try to use iproute2''s dumb nat, I tried with kernels 2.4.27, .32 and 2.6.8.
While DNAT is working fine, I am not able to do any SNAT:
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:04:e2:10:88:5f brd ff:ff:ff:ff:ff:ff
inet 10.10.20.10/24 brd