Displaying 20 results from an estimated 600 matches similar to: "ipp2p traffic not rejected"
2004 Jul 23
4
shorewall 2.0.3a, (ULOG) doesn''t log anything
Dear all:
Im using shorewall 2.0.3a (debian) w/ ULOG. shorewall starts ok, and the
firewall is running, but nothing is printed on the logs.
I try, for example, to do a connection to a port that is opened on the
server but closed by the FW and I get a connection refused. If I stop
the firewall, this port is accesible from the outside.
I think I''ve followed all the steps on
2004 Sep 24
10
hopeless - smb over bridged firewall
Dear List!
I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection
to the Internet (ppp0 - eth1 to the modem) and a bridge to the local
lan. The bridged config i''ve made with bridge.html from the shorewall
site. The Bridge is between local net and a openvpn tap device. This
works. I ccan make tunnels, and a can make a lot of things through the
firewall. I can get a list
2007 Jul 08
6
mldonkey/edonkey - servers not connected
Hi,
I''m running mldonkey on same box as shorewall.
I follow this http://mldonkey.sourceforge.net/ShorewallConfiguration to open
ports for edonkey protocol
I add in /etc/shorewall/rules:
# eDonkey 2000
ACCEPT net $FW tcp 4662
ACCEPT net $FW udp 4666
but I could not connect to any edonkey server.
I check logs and notice that udp traffic on port 4666 is still dropped.
Jul 8 22:35:57
2007 Jun 27
3
Adding custom iptables rules to shorewall
Hi,
I''m trying to add following iptables rules to shorewall:
iptables -I INPUT -d 192.168.1.1
iptables -I OUTPUT -s 192.168.1.1
What should I put in my custom action or any ware else?
I need these rules for munin accounting.
iptables -L INPUT -v -n -x
Chain INPUT (policy DROP 5 packets, 260 bytes)
pkts bytes target prot opt in out source
destination
7175
2007 Feb 03
1
Marks not working...
Hi,
I am experimenting a little bit with my firewall and I don''t seem to get
my head round marks ...
I try to mark p2p packets generated on the firewall in the output chain
and then try to match that mark either in NAT OUTPUT or POSTROUTING
I don''t seem to get the expected result.
Any help or clue would be more than welcome.
root@droopy:~/firewall > iptables-view -t
2011 Jul 21
42
Problem With OpenVPN Connectivity
Hi,
I''m running Slackware 13.37 x86 using Shorewall 4.4.21 with OpenVPN and the
VPN options I''m using in Slackware 13.37 will not work in Shorewall, but in
Slackware 13.1 using the same Shorewall version and files, the ''interfaces'',
''policy'' and ''zone'', are all I have configured, it was working and this also
works in Arch at
2007 Apr 03
3
ipp2p: error loading kernel module
Hi,
I get this error when trying to insmod the ipp2p kernel module:
"insmod: error inserting ''ipt_ipp2p.ko'': -1 Invalid module format"
in the kernel log: "ipt_ipp2p: disagrees about version of symbol
struct_module"
Kernel version 2.6.20.4
iptables version: 1.3.5
ipp2p version: 0.8.2 (latest)
Anyone tried ipp2p with kernel 2.6.20?
Best Regards Niclas
2005 Jan 25
3
IPP2P broken?
Hi,
I tried shorewall 2.2.0-rc4 and 2.2.0-rc5 on 3 different machines (just to be sure it''s not pebkac). The IPP2P support is broken, line like:
DROP loc net ipp2p
generates:
iptables -A loc2net -j DROP
that''s _wrong_ :)
i have tried playing with debug to no avail, and I''m not that good at bashing...
just to be complete, the suggested status.txt from one of the
2006 Dec 14
0
Re: [RESOLVED] Layer7 module doesn''t detect nothing on my bridge with a 2.6.18.3 kernel
Hello,
loading conntrack resolve my problem ...
layer 7 have got a dependency with conntrack but doesn''t load it
automaticaly...
so module is loaded but no packets match with l7-protocols ...
reported as a bug
http://sourceforge.net/tracker/index.php?func=detail&aid=1596065&group_id=80085&atid=558668
regards
ArcosCom Linux User a écrit :
> With:
>
2018 Feb 06
5
[Bug 1224] New: nft export json fails with successful return code
https://bugzilla.netfilter.org/show_bug.cgi?id=1224
Bug ID: 1224
Summary: nft export json fails with successful return code
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2006 Dec 15
1
catching DNAT''ed packet
Hi.
I have a Server''s network with some servers in it, all with
192.168.1.0/25 ips. There is also a router in that network with ip
192.168.1.1. This router also connected to a client''s network
10.10.0.0/16 with ip 10.10.100.1.
All services on each server are given their virtual address from one of
two virtual networks 192.168.1.128/28 and 192.168.1.144/28.
192.168.1.128/28 is
2007 Jan 25
4
":T" flags in 3.4.0-RC1
I am trying to apply the new :T flag in tcrules. the man page for this
file [1] sayas that if SOURCE is $FW then rules are applied in OUTPUT.
this doesn''t seem to work on my setup. I have in tcrules :
------------------------------------------------------------------------
RESTORE:T 0.0.0.0/0 0.0.0.0/0 all - - - 0
CONTINUE:T 0.0.0.0/0 0.0.0.0/0
2006 Jul 17
0
ipp2p patch for kernel 2.6.17.4
Hello!
Our dormitory has a linux router w/ two DSL links to the Internet; we used
ipp2p (http://ipp2p.org/) for filtering peer to peer traffic (as we can
not tell whether the content transferred using such p2p tools has been
obtained legally or not, so we block that traffic).
Up to yesterday we were using kernel 2.6.10.11, which worked perfectly
with ipp2p. Now we updated to kernel 2.6.17.4, and
2006 Jun 20
1
ipp2p
Hello,
I''m trying to use iptables rules to prioritize p2p
trafic. I use ipp2p-0.8 but it give me errors :
Ipt-ipp2p : unknow symbol ntohl
Ipt-ipp2p : unknow symbol ntohs
When i compiled ipp2p it gave me warnings :
"ntohs"
/ipt-ipp2p.ko undefined
"ntohl"
/ipt-ipp2p.ko undefined
Any suggestion ?
gege
2004 Jun 18
1
ipp2p question
Hi,
if I want to block ALL p2p traffic, ( bit torrent and apple
included )... which is better ?
# iptables -A FORWARD -p tcp -m ipp2p --ipp2p --bit --apple -j DROP
or...
# iptables -A FORWARD -p tcp -m ipp2p --ipp2p -j DROP
# iptables -A FORWARD -p tcp -m ipp2p --bit -j DROP
# iptables -A FORWARD -p tcp -m ipp2p --apple -j DROP
???
bests
andres
2006 Aug 14
2
enable p2p to some host (ipp2p)
Hi
I using ipp2p to block p2p traffic.
How to enable to use p2p to me host in my net ?
I using this setup:
iptables -A FORWARD -m ipp2p --ipp2p --bit --apple --winmx --soul --ares -j DROP
This setup:
iptables -A FORWARD -m ipp2p --ipp2p --bit --apple --winmx --soul
--ares -d ! mynet -j DROP
iptables -A FORWARD -m ipp2p --ipp2p --bit --apple --winmx --soul
--ares -s ! mynet -j DROP
not
2005 Feb 21
12
NAT
Hello,
I installed my linux server for 3 months now. It does almost everything
(dns, web & mail server, firewall ...).
I just encounterd two problems with the firewall: behind this server
there are 2 computers: i got emule on one and msn on the other. The
problem is that I can''t configure well the firewall fore these 2 rules.
I''ve added DNAT rules but it
2005 Oct 06
4
Problems with ipp2p
Hello every body:
I have RedHat fedora core 2 machine, using iptables and squid. I am having a
lot of problems with peer2peer traffic. (bittorrent, kazaa, etc.) so I have
installed ipp2p from rpm.
Every thing was ok until I use iptables rules. I get this error.
[root@router iptables]# iptables -A INPUT -p tcp -m ipp2p --ipp2p -j DROP
iptables: No chain/target/match by that name
sames
2007 May 10
0
Problem with ipp2p 0.8.2
Hello Guys ( and girls, if is there any here :) ),
I have a box with IPP2P Installed on it (Debian Etch, ipp2p 0.8.2
tarball, iptables 1.3.6 and kernel 2.6.21), and I''ve identified a
problem:
I use iptables to apply a mark on the traffic that ipp2p classifies
as p2p. In my tc rules, I have granted bandwidth to many traffic
classes (http, ssh, streaming, games, p2p, etc) and one
2006 Dec 13
7
ipp2p Problem
Hello,
can anybody interpret what the following means:
[root@funke ipp2p-0.8.0]# iptables -t mangle -A MarkList0x666-ipp2p -p
tcp -m ipp2p --edk -j MarkSet0x666
iptables: Unknown error 4294967295
-----
I have installed ipp2p-0.8.0 via:
make
copied ipt_ipp2p.ko to my kernel lib dir
copied libipt_ipp2p.so to my iptables lib dir
insmod ipt_ipp2p gives the following in dmesg:
IPP2P v0.8.0