Displaying 20 results from an estimated 10000 matches similar to: "Shorewall 4.5.10 Beta 2"
2012 Nov 22
2
howto install dscp
hello I''m new here
can I ask about how to do a patch dscp to shorewall installed from the package in ubuntu?
------------------------------------------------------------------------------
Monitor your physical, virtual and cloud infrastructure from a single
web console. Get in-depth insight into apps, servers, databases, vmware,
SAP, cloud infrastructure, etc. Download 30-day Free Trial.
2012 Nov 20
3
Simple Traffic Shaping Problem
Hello,
I have a problem with simple traffic shapping in shorewall, my current
configuration is:
zones
vlan10 ipv4 #
interfaces
vlan10 vlan10 detect tcpflags,routeback
shorewall.conf
TC_ENABLED=Simple
tcinterfaces
vlan10 Internal 1mbit:50kb
shorewall show tc
Device vlan10:
qdisc prio 5: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
2011 Sep 02
10
Shorewall 4.4.23 RC 2
RC 2 is now available for testing (Early RC1 testing on a RedHat-based
system with dynamic provider gateways uncovered a couple of debilitating
defects in the enable/disable logic).
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in
2011 Sep 02
10
Shorewall 4.4.23 RC 2
RC 2 is now available for testing (Early RC1 testing on a RedHat-based
system with dynamic provider gateways uncovered a couple of debilitating
defects in the enable/disable logic).
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in
2011 Jul 05
24
Shorewall 4.4.21 RC 3
RC 3 is now available for testing.
Problems corrected:
1) The Shorewall and Shorewall6 ''load'' and ''reload'' commands
previously used the setting of RSH_COMMAND and RCP_COMMAND from
/etc/shorewall/shorewall.conf (/etc/shorewall6/shorewall6.conf).
These commands now use the .conf file in the current working
directory.
2) The new parameterized
2011 Jul 05
24
Shorewall 4.4.21 RC 3
RC 3 is now available for testing.
Problems corrected:
1) The Shorewall and Shorewall6 ''load'' and ''reload'' commands
previously used the setting of RSH_COMMAND and RCP_COMMAND from
/etc/shorewall/shorewall.conf (/etc/shorewall6/shorewall6.conf).
These commands now use the .conf file in the current working
directory.
2) The new parameterized
2013 May 16
5
ddos attack causes high ksoftirqd cpu use
Hello List!
I got a small (50mbits or so) application layer ddos attack against a
few name servers (thousands of IPs sending lots of bogus A record
requests - weird) - one of the name servers was behind a shorewall
firewall. That firewall was running a 2.6.18-194.11.1.el5 kernel and
shorewall-4.4.11.1-1. I noticed that the shorewall host had ksoftirqd
using 100% of the CPU during the
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to
2012 Jan 22
4
Proxyndp issue
Tom
In Shorewall6 4.4.27 the following proxyndp entry:
2001:4d48:ad51:24::f3 eth2 eth0 no no
does not add the required route.
The code produced in /var/lib/shorewall6/.restart is:
qt $IP -6 route del 2001:4d48:ad51:24::f3/128 dev eth2 run_ip route add
2001:4d48:ad51:24::f3/128 dev eth2
Splitting the line into 2 separate lines:
qt $IP -6 route del 2001:4d48:ad51:24::f3/128 dev eth2
2017 Apr 11
2
connection state tracking with DNS [was Primary DNS...]
Hi, I would like to see this addressed.
I found more information on the issue at
https://kb.isc.org/article/AA-01183/0/Linux-connection-tracking-and-DNS.html
Is there a firewalld solution to this issue?
On 04/11/2017 11:05 AM, Chris Adams wrote:
> One additional DNS server note: you should disable firewalld for any DNS
> server, caching or authoritative. If you need firewalling, use
2012 Apr 07
27
Shorewall 4.5.2 RC 2
RC 2 is ready for testing.
Problems corrected:
1) The 4.5.1 Shorewall Lite and Shorewall6 Lite installers install the
wrong SysV init script on Debian and derivatives. That has been
corrected.
2) The getparams program now reads the installed shorewallrc file
rather than ~/.shorewallrc.
3) The ''load'' and ''reload'' now copy the
2012 Apr 07
27
Shorewall 4.5.2 RC 2
RC 2 is ready for testing.
Problems corrected:
1) The 4.5.1 Shorewall Lite and Shorewall6 Lite installers install the
wrong SysV init script on Debian and derivatives. That has been
corrected.
2) The getparams program now reads the installed shorewallrc file
rather than ~/.shorewallrc.
3) The ''load'' and ''reload'' now copy the
2013 Jun 26
5
[Bug 830] New: 關於iptables影響服務器性能事宜
https://bugzilla.netfilter.org/show_bug.cgi?id=830
Summary: ??iptables?????????
Product: iptables
Version: unspecified
Platform: All
OS/Version: RedHat Linux
Status: NEW
Severity: major
Priority: P5
Component: iptables
AssignedTo: netfilter-buglog at lists.netfilter.org
ReportedBy: higkoohk
2020 Feb 27
9
[Bug 1410] New: STATELESS, rules with notrack into a map
https://bugzilla.netfilter.org/show_bug.cgi?id=1410
Bug ID: 1410
Summary: STATELESS, rules with notrack into a map
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at
2018 Jan 10
5
[Bug 1213] New: Nft stateless NAT (NOTRACK)
https://bugzilla.netfilter.org/show_bug.cgi?id=1213
Bug ID: 1213
Summary: Nft stateless NAT (NOTRACK)
Product: nftables
Version: unspecified
Hardware: All
OS: Ubuntu
Status: NEW
Severity: critical
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter:
2008 Apr 18
3
ip_conntrack: table full, dropping packet.
I was trying to do what the article at
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.performance.html#conntrack_filling_tables
<http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.performance.html#conntrack_filling_tables%3C/blockquote%3E%3C/div%3E>
suggested
My iptables rules are
------------------------------------------------------------------------
#that's what the
2009 Dec 06
6
shorewall6-lite's shorecap sourcing /usr/share/shorewall-lite/lib.base?
Hey all,
Just a sanity check, but should the shorecap script in shorewall6-lite
be sourcing /usr/share/shorewall6-lite/lib.base rather
than /usr/share/shorewall-lite/lib.base like it does currently?
In fact shouldn''t there be a general s/shorewall-lite/shorewall6-lite/
in shorecap in shorewall6-lite? Maybe there is more of that lurking
about as well.
Also, the first line of the
2010 Nov 08
15
Can I use shorewell stuff for my problem
Hi all, Im new to shorewell, can anyone guide me whether I can use
shorewell for my work.
I have a requirement in our work:
Each system shall have two Ethernet card interfaces(system means hardware
devices, servers, clients in other words any device or host used in the
project). The IP address of each interface will be of different networks,
subnets and gateways completely. Bcoz if one of
2012 Jan 16
4
conntrack entries established before nat
Typically (or at least somewhat occasionally) after a reboot of my
shorewall[-lite] machine I find that I end up with conntrack table
entries for unNATted connections such as:
# conntrack -L -p udp --dport 5060 -d 99.232.11.14
udp 17 59 src=10.75.22.8 dst=99.232.11.14 sport=5060 dport=5060 packets=5472 bytes=3031488 [UNREPLIED] src=99.232.11.14 dst=10.75.22.8 sport=5060 dport=5060 packets=0