similar to: One interface rfc1918 address. Connection via DSL router

Hi all, Another Debian Etch fan here, running shorewall (shell) 3.2.6-2 (and Yes I''m going to upgrade when Lenny goes stable). I already have the SSHKnock working, as documented on the website: http://www.shorewall.net/PortKnocking.html Thanks, works great! In addition to the knock to open 22, I want to also ADD a redirect, from 2222 to 22 on an internal box. So, when I knock on 1600

Please, help me. Can i forbid and how any outgoing traffic (ping,trace) to rfc1918 networks on my external interfaces? Thank you very much. Aleksandr -------------------- Продукция AcmePower - это зарядные устройства, аккумуляторы формата АА и ААА, сетевые адаптеры, аккумуляторные батареи для фото и видеокамер, ноутбуков и PDA. Гарантия минского сервисного центра.

Hello Tom. Sorry, don't answer on my previouse letter, i forget to set subject. I fix this in current. And now about my question. I ask you before about method of stopping RFC1918 traffic on external interface and you advised me follow rule: REJECT! all net:$RFC1918_NETS Can i replace this rule by 'norfc1918' option in 'interfaces' file for this interface?

Hi, I have a linux box with vpn client. shorewall version 3.4.0 I can connect to a remote vpn network with the nortel vpn client. Can I allow local machines on my network to access remote vpn using Linux box as a gateway? Thanks and Regards Anuj ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges.

Hi list, thank you for Shorewall :) I''m trying to get a simple config to work but i can''t seem to work out how to gain access via ssh to the protected remote machine. But that doesn''t surprise me really as i have just spend well over an hour to find how to limit the lograte AND fill in the logburst in shorewall.conf. I have specified a logfile (not messages) in

Hi, I have a very simple server setup, using shorewall as my firewall. I have a line like this at the top of my rules file to allow ssh connections, but limited to 3 connection per minute with a burst rate of 3: SSH/ACCEPT net $FW - - - - 3/min:3 - Now when I have that in place, and from a remote machine run scp server:/some/file ., I find

------------------------------------------------------------------------ Shoreline Firewall http://www.shorewall.net/ January 9, 2009 press@shorewall.net ------------------------------------------------------------------------ Subject: Public unveiling of logo design competition submissions The Shorewall developers are pleased to

------------------------------------------------------------------------ Shoreline Firewall http://www.shorewall.net/ January 9, 2009 press@shorewall.net ------------------------------------------------------------------------ Subject: Public unveiling of logo design competition submissions The Shorewall developers are pleased to

Hello, Is it possible to split a port direction so it goes to one server or another? For example, I want abc.com to be routed to server X and def.com to go to server Y. Is it also possible to have e-mail addresses going to one server or another in the same concept so joe@abc.com will to server E and jane@abc.com goes to server F? If any of this is possible, what is the name of the

> > ---------- Mensaje reenviado ---------- > From: Roberto C. Sánchez <roberto@connexer.com> > To: shorewall-users@lists.sourceforge.net > Date: Fri, 4 Jul 2008 18:52:36 -0400 > Subject: Re: [Shorewall-users] Shaper > On Fri, Jul 04, 2008 at 04:47:31PM -0500, RokeFeler wrote: > > Saludos, Tengo 3 inferfaces eth0, eth1, eth2 > > eth0 - Net > > eth1 -

Hi, I have a machine with a Debian Stable installation that runs OpenVSwitch to connect a virtual machine on the same box. The machine is also running shorewall. The problem that I''m having is that shorewall try to run before openvswitch, this makes that shorewall fails because it can''t determine the IP of the virtual interface generated by openvswitch that start after

Hello, Can anyone tell me my shorewall is get hacked ? or local Lan computers got Virus ? please see the following log. http://www.wilson-kwok.com/shorewall.txt Please help --------------------------------- 現在你可輕易阻擋垃圾郵件，立即使用Yahoo! Mail 你就會相信! ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express

This problem probably has a simple solution, so I''m hoping the experienced shorewall users can help me. I''ve got a 3-interface (net,dmz, & loc) firewall and have several apache2 virtual web sites in the dmz. They come into 1 apache server in the dmz, and are redirected with the directive "ProxyPass" and "ProxyPassReverse" in my Apache

I''m following the document; <http://flurdy.com/docs/postfix/>, and SSH only By default Shorewall in Ubuntu has an empty set up. You can find the default values for Shorewall in /usr/share/doc/shorwall-common/default-config. And examples in /usr/share/doc/shorwall-common/examples. We will create a basic set up. First configure which network adapters we are accessing the net. cp

Hello, The shorewall version is shorewall-3.0.7-1 installed in Centos 5.1 (kernal 2.6.18-53.el5) on March. Number one problem is: I edited the policy file was dmz loc ACCEPT info I could use 3389 remote desktop to loc Windows 2003 server but couldn''t use SSH (22 port) to loc Linux server. Also I tried open that two ports in

Hi, I need a help... I''m a beginner with shorewall. I have two shorewall firewalls, each with a link. FW (a) - w/ openVPN eth0 = 192.168.150.5/24 eth1 = 192.168.200.5/24 eth2 = public IP eth3 = 192.168.120.5/24 tun240 = 10.240.255.1 /etc/shorewall/zones all zones declared as ipv4 /etc/shorewall/interfaces #ZONE INTERFACE BROADCAST OPTIONS tlm eth0

In the docs at http://www.shorewall.net/Shorewall-perl.html, "Your ipsets must be loaded before Shorewall starts. You are free to try to do that with the following code in /etc/shorewall/start" implies that code in /etc/shorewall/start is executed BEFORE Shorewall starts. In the default /etc/shorewall/start # /etc/shorewall/start # # Add commands below that you want to be

Hello - I am a little problem trying to find what dependency I need to up date - This is what I see when trying to install: rpm -Fvh shorewall-* error: Failed dependencies: rpmlib(PayloadIsLzma) <= 4.4.2-1 is needed by shorewall-common-4.2.0-0Beta3.noarch rpmlib(PayloadIsLzma) <= 4.4.2-1 is needed by shorewall-perl-4.2.0-0Beta3.noarch I am using Centos 5.2 with the following RPM

I want to use lastest version of Shorewall in my fresh debian squeeze instalation, so I follow http://www.shorewall.net/Install.htm#Debian but, modify preferences file was not enough for me, I have to modify/add some other files in /etc/apt/ directory: 1.) include testing repo to source.list 2.) add APT::Default-Release "stable"; to apt.conf and pinning all other packages to stable

I''m currently using Shorewall 3.4.1 to manage a firewall for my LAN at home. It works very well, and I''m definitely pleased, but . . . . I now have a situation where I need to enforce access restrictions on a specific computer during specific times of day -- e.g., a particular computer might have no Internet access at all between 10 PM and 6 AM. Is there any way to do such a