similar to: When starting shorewall its display rfc1981 error

Hello, We are using shorewall-3.0.7-1, I was tried the video conference server doesn''t via shorewall that was no problem, can I upgrade shorewall version to fix this problem ? our boss need use video conference this few days, so this is emergency. Thx ~~ --------------------------------- Yahoo! 網上安全攻略，教你如何防範黑客! 了解更多

Hello Tom. Sorry, don't answer on my previouse letter, i forget to set subject. I fix this in current. And now about my question. I ask you before about method of stopping RFC1918 traffic on external interface and you advised me follow rule: REJECT! all net:$RFC1918_NETS Can i replace this rule by 'norfc1918' option in 'interfaces' file for this interface?

I''ve set up a simple 2-interface Linux router using shorewall-perl 4.0.8 (and upgraded to 4.0.9). Everything works flawlessly. One small exception I have noticed (since I''m a new shorewall user I assume this is probably an error on my part). 1. Problem: With no "logmartians" entries in /etc/shorewall/interfaces, shorewall-perl sets

Dear list, I''m running Shorewall on a dedicated Fedora 7 box. Shorewall is working well as an office DSL router (dynamic IP) with loc and dmz zones. I am now trying to configure IPSec to connect a VPS, "casp", with a static IP to both the firewall and to the loc network behind it. The host to host SA works fine. However, pings from "loc" to "casp" can be

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I''m running Shorewall 4.4.0/Debian Lenny and I''m trying to setup OpenVPN with a mild degree of success so far. My ultimate end goal is to basically have an extension of my home lan to my laptop as well as my wife''s when we are away from home, and have all of my normal network resources available as if I were sitting at home

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As I pointed out to Wilson in a private message, this appears to show that no other connection requests (other than port 3000) are being sent from the client to the server (or at least no other connection requests are being received by the Shorewall box). Wilson: Are you sure that the client is supposed to open port 3001 on the server and not the

Hi, I have a setup problem with Shorewall 4.0.6, which I can''t figure out why it is not working: I want to install a fireall with 2 extra interfaces : - My serv ("dmz") zone is a /28 subnet behind eth1, with a small number of SUN servers (IPs between ABC.DEF.75.1 and .13), one of which is a DHCP server for the 75 subnet. - The loc zone are PCs in the 75 subnet behind eth2

Hello all, Yesterday I noticed that my system was "leaking" traffic towards the 10/8 network, I have shorewall installed on multiple machines ranging from single interface devices to ones with 10+ interfaces. I tested all the boxes and they are showing the same behavior. All systems are CentOS 3.4, 2.4.21-27.0.2.ELsmp. Shorewall version: 2.2.1 For the host mentioned is a single

OK - I figured out what it is but maybe someone can give an explanation here. If I use he multiple zones configuration I have to do in addition Hosts v3005 vlan3005:0.0.0.0/0 And of course this seems to be very logic since this means all ip´s on the internet. But I am still confused a lot why this is the first time I have to do it after using Shorewall over years without to be forced to say

Hello, I''m migrating my laptop setup to a shiny new ThnikPad W520 and in the process am getting rid of VirtualBox (marked by kernel maintainers as "unsupportable crap" or some such) and shifting to virt-manager/kvm. As with the old setup I am running shorewall-init exactly as the great online documentation lays it out. BUT: with VBox it was enough to add > net

Hi, i connect to the internet over my eth4 interface using pppoe. The internet always comes on ppp0. I am trying to setup an L2TP/IPSEC VPN and i am reading http://www.shorewall.net/IPSEC-2.6.html#RW-L2TP I notice in the example the interfaces file is given as: #ZONE INTERFACE BROADCAST OPTIONS net eth0 detect routefilter loc eth1

I''m playing around with VLAN''s and I have a VLAN capable (layer 2) smart switch. I see a steady stream of martians in the logfile if I have the routefilter option set on the loc zone interfaces in /etc/shorewall/interfaces. I have two interfaces in the loc zone, eth1 and vlan2 respectively. vlan2 is an 802.1q trunk going towards the switch. Is this the expected behavior in

Hello, Thanks for the great Shorewall which has replaced my hard to maintain home-made scripts. First, what works. Our local network is 10.48.X.X with multiple vlan, each on a dedicated interface. We use Shorewall 4.4.11 from Debian Squeeze. We have a 2 ISP: - isp1 : an optical fiber provider with 10 Mbps. - isp2 : a DSL provider with 15Mbits/1Mbits. We use isp2 as the default outgoing

Hello Mailinglist, please excuse my bad english - but I am not a native speaker. My Network looks like this: Internet --- dyn. IP --- Firewall (shorewall) --- LAN (192.168.X.X) No I try to connect my iphone (from mobile Internet G3) over VPN (l2tp/ipsec) with the firewall. But I can´t open the necessary Port 1701. /var/log/syslog ... Dec 30 00:24:29 router kernel: [226128.293757]

Dear Shorewall Users :-) I''ve been playing with shorewall for some time now - I found it really interesting and easy tool to organise all the rules and so on (beforethat I''ve been using simple iptables rules in shell script ;-) Generally it''s quite easy to be used, but anyway found one problem which I cannot handle myself - or in other words - cannot find appropriate

Hello, I have started playing around with docker (https://www.docker.io/) and am having trouble to integrate the "docker0" bridge it creates on the fly into my shorewall setup (version 4.5.16.1) on debian testing. IP forwarding is on and I have defined a "doc" ipv4 zone and the interfaces has an entry like so, > doc docker0

Hey First, apologies if this went out twice. I sent the original email from an odd email configuration (essentially from an alias of what I signed up as). I searched and noticed that my post did not appear and I did not get a bounce back so I was confused. I waited a few days before resending. So apologies if this goes out twice. I am not trying to spam. I was hoping someone could help me with

Hi everybody. I''m trying to configure shorewall folowing this manual: http://www.montanalinux.org/proxmox-ve-with-shorewall.html But with shorewall check it tells me thah: Checking /etc/shorewall/interfaces... ERROR: Unknown zone (dmz) : /etc/shorewall/interfaces (line 16) How can I define it in the zone file? thanks for the help. best regards, Santiago.

Hi, I am trying to get L2TP roadwarrior VPN working from http://www.shorewall.net/IPSEC-2.6.html#RW-L2TP but i am making a mistake somewhere, appreciate a fresh set of eyes to help. I have the following interfaces: ppp0 - interneteth0 - local networkrem - client openvpnl2tp - ppp for lt2p clients I am getting the following error logged when trying to connect into the server with L2TP from a remote

Hi, I have a problem installing Shorewall 2.0.7 on a box, when I launch it I have: Initializing... Shorewall has detected the following iptables/netfilter capabilities: NAT: Available Packet Mangling: Available Multi-port Match: Available Connection Tracking Match: Available Determining Zones... Zones: net loc Validating interfaces file... Validating hosts file... Validating Policy