similar to: Shorewall + IPSec: help debugging why gw1<->gw2 SA works, but loc<->gw2 traffic doesn't trigger SA

I have a zone "rw" defined as tun0 in interfaces. From that zone, pings to zone "loc" succeed but pings to remote networks (On IPsec VPNs) are rejected in the all2all chain. From my point of view, these pings should be in the rw2cctc chain. (rw to cctc is ACCEPTed in policy.) I must have a hole in my config, where would it be? Thanks, A.

Dear Shorewall Users :-) I''ve been playing with shorewall for some time now - I found it really interesting and easy tool to organise all the rules and so on (beforethat I''ve been using simple iptables rules in shell script ;-) Generally it''s quite easy to be used, but anyway found one problem which I cannot handle myself - or in other words - cannot find appropriate

Hi, I''m asking my question here, because I could not find any answer to my problem, but I''m affraid shorewall is not the one to blame. First of all I''m using shorewall version 2.0.15 on two linux box. I set up an ipsec tunnel beetween those 2 boxes to be ables to connect 2 not routable subnetworks. Here is my network topology: 10.66.17.0/24 - 10.66.17.1 = eth0

Hi everyone, First of all, this is my first post in this ML, so I''m not sure that this is the right place for my question (please don''t shoot me down ;)). For the record, I''ve been reading and using LARTC for almost 3 years now, and it''s a great help for anyone who wants to learn linux networking. My problem: I want to setup a tunnel for the following

Hi This is my 1st time here so please be gentle. I have encountered one problem since upgrading from 2.0.19 to 2.2.9 which has me beat. The system provides sasl auth services via inet to a postfix 2.11 system. Since the upgrade postfix complains of no sasl methods available. The same dovecot configuration is used on both versions. Now I get these results looking at the inet connection Version

Hi, I'm trying to set up exim (4.83) as a submission server, and need to set up the dovecot authentication in exim. I'm having an issue with that (documented at <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756258>) The problem is that exim doesn't follow the handshake as described here: <http://wiki2.dovecot.org/Design/AuthProtocol>. The wiki page says that the

Hi, I'm in the process of setting up Asterisk in a SOHO environment using ISDN for trunking. More specifically a BRI 2B+D circuit where one SPID is used for the business and the other is used for personal. The circuit already exists, but is presently being interfaced to POTS phones via a TA. This configuration is not very common in the US, but we are fortunate that our LEC offers it price

add new virt-diff tool Signed-off-by: Wanlong Gao <gaowanlong at cn.fujitsu.com> --- Hi Rich, It can work now, please give some comments. ;) Cheers, Wanlong Gao cat/Makefile.am | 20 ++- cat/virt-diff.c | 525 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ po/POTFILES | 1 + 3 files changed, 545 insertions(+), 1 deletion(-) create mode 100644 cat/virt-diff.c diff

Hi all, My setup is Debian testing dom0/domUs with a 2.6.32 pvops kernel from Debian unstable. Hypervisor is 3.4.2 from Debian testing. I use network- and vif- route with a default route in domU pointing to the nic because multiple IPs with bridge would trigger port shutdown on the switch (only one mac-address allowed per port). A subnet is routed to the dom0, which then knows which addresses the

Hi, I was asked by my boss if puppet can handle the following scenario. - 2 server (A and B) - same config for each server, eg. /etc/resolv.conf (nameserver 1.2.3.4) - but B should have a local unique requirement of another nameserver 5.6.7.8 so, A will have nameserver 1.2.3.4 but B will have nameserver 5.6.7.8 nameserver 1.2.3.4 when we change the global nameserver 1.2.3.4 to 9.8.7.6, it

Hi, Some time ago my dovecot started to become BUGgy: Evertime I restart the system, dovecot is started but I cannot login. I see the following information in the logs: Jul 4 04:04:36 mail dovecot: auth: passwd-file(user,127.11.91.218,<nfkQjFT9vwCADFra>): no passwd file: /etc/dovecot/imap.passwd Jul 4 04:04:36 mail dovecot: auth: Error: BUG: Authentication client sent unknown handshake

Hello I installed dovecot 2.0.9 (and dovecot-mysql!) on my Ubuntu 12.04 LTS root-server to work together with Postfix 2.9.1-4 After some struggle, I got Postfix's auth working, using dovecot for smtp-authentification with mysql. But dovecot himself is not working properly. When I connect, after giving plaintext password I read the error in the client (I connect for debug reasons with a

Dear all, I have made patch for samba-2.0.7/source/smbd/conn.c This will, instead of using by-directional link, use array for managing connections. # The patch does seems to work on my RHL6.1Ja(fixed) version of # Linux machine. I don't know about other OS/Architecture. This should work better then original because: 1) The original code used bitmap.c for looking empty area. But using

I have a North American BRI configured as National ISDN (NI-1) on an SBC (Nortel?) switch. SBC calls this "FastTrak ISDN", and it's surprisingly inexpensive -- less than two POTS lines. I've been trying to find an inexpensive PCI interface solution to connect this to Asterisk as voice lines. I prefer ISDN BRI over POTS lines because of the improved signalling, fast dialing,

Hello List, I am running an Ubuntu 14.04.5 LTS Server with Dovecot 2.2.9, only local filesystems and authentication done via mysql backend. Server is a Strato Virtual Server running 2.6.32-042stab120.11 #1 SMP Fri Mar 10 16:52:50 MSK 2017 i686 i686 i686 GNU/Linux Sometimes I see errors in the log like this for one user: Error: Transaction log /var/vmail/

Hi, Heiko Schlittermann <hs at schlittermann.de> (Mo 21 Nov 2016 11:50:13 CET): > a) Routing stage > You need to interact with the user database dovecot uses. > Either you access the user database directory (flat file, LDAP, > whatever) or you use the ${readsocket?} feature of Exim to talk to > dovecot. The readsocket trick doesn't seem to work anymore. Using $

[root at localhost ~]# lsb_release -d Description: CentOS Linux release 8.2.2004 (Core) [root at localhost ~]# cat /etc/resolv.conf # Generated by NetworkManager search subdomain.company.com company.com nameserver 1.2.3.4 nameserver 5.6.7.8 [root at localhost ~]# host foo foo.subdomain.company.com has address 1.2.3.4 [root at localhost ~]# host foo.subdomain Host foo.subdomain not found:

Dear all Lartc, I try to split my Internet access to my 2 ISP with 1 linux (GNU/Debian sarge) 3 NIC router, I want all my users conneted with ISP1 and just some IP connected with ISP2 Here is my configuration: Internal network: 10.117.71.0/24 Interface eth0 ISP1: IP for my linux box: 1.2.3.4/29 Interface: eth1 Gateway: 1.2.3.5 ISP2: IP for my

Hi, I am kind of lost on how to configure the backgroundrb workers to run from a remote host? Suppose I have my main rails app in 1.2.3.4, and I want my backgroundrb workers to run from a machine with ip 5.6.7.8, what do I put in my backgroundrb.yml file? How will my workers know which database server to load the models from? Thanks, Ram

Hi folks, Sorry to trouble you all - I'm having some trouble getting tincd up and running - I suspect I'm having problems with subnets. Any help would relaly be appreciated! At the moment I'm trying to get two linux boxes, both of which are running as NAT routers for their respective networks to talk. My goal is to allow staff to connect to the corporate network from their laptops