similar to: Hub/Spoke OpenVPN can't communicate from Client A to Client B - FORWARD:REJECT:IN=tun0 OUT=tun0

Guys, After i got the port forwarding and everything else working as per my previous post, i ran a shields-up scan from grc.com on the firewall, i.e. a scan of the external interface. I m a little suprised at the results. On the firewall i have postfix running ( smtp port 26 ), openssh ( ssh port 22) and port forwarding of port 85 (on the firewall ) to an internal host. The Shields-Up scan

Hi all! I am a long time lurker, but have not posted until now. My old trusted firewall machine broke a couple of weeks ago and I replaced it with a XEN domU that is using DNAT and has two interfaces. The firewall domU and the FTP server domU are both guests on the same dom0. All three machines are running Debian/etch (stable) and Shorewall has version 3.2.6. I can''t get FTP to work

Hello everyone, is a pleasure to be here. I have a problem with my server, it runs qmail SMTP and protect it with shorewall. Since yesterday I get syn flood attacks on port 25, which means that no longer meet. How can I stop this with shorewall? my setup is as follows. zones: #ZONE DISPLAY COMMENTS net Net Internet loc Local Local networks dmz DMZ

I want to use fprobe-ulog (http://fprobe.sourceforge.net/) to generate NetFlow information about traffic going through my router. The question is how to get the logging rules added to the appropriate chains (I''m assuming eth2_in and eth2_out in my case)? I''m using the perl version of shorewall 4.0.6. -- Orion Poplawski Technical Manager 303-415-9701

I have an old Pentium II which I use as a gateway and firewall for a home network. The external interface is a modem on ppp and the internal interface is ethernet. I have had this setup running successfully for many years starting with the early 2.x series Shorewall. My ISP recently changed my dial-up ''phone number and presumably also the system at the other end of my modem (they

Hi guys, I''m not sure where to post for help on this one, shorewall or lvs, I''ll start with shorewall (only cause Tom is a gun at this stuff, and is polite enough to tell me to bugger off to the LVS list if I''m posting in the wrong one ;) I have a single box that is my router/firewall/LVS. Internet -- eth0 - router/firewall - eth1 --- internal lan | eth2

Attempting to setup a dual ISP on a gentoo box but I''m not sure how to configure the routing in the /etc/conf.d/net configuration file. Does shorewall do all the routing or do I set just the default route to the PRIMARY outbound ISP? Vernon ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net

hi, I am running shorewall 3.2.9 on Mandriva2007 with 2 ISPs. Certain local IPs are directed to a specific ISP in route_rules, and this was working perfectly. I had to reinstall Mandriva, and after that this redirection is not working. My files are: masq: eth1 192.168.10.3 202.71.146.210 eth2 202.71.146.210 192.168.10.3 eth1 eth0 202.71.146.210 eth2 eth0 192.168.10.3 interfaces:

>> Only one remark. Information about 'init' file i found only in >> releasenotes.txt for 4.1.6 (for setting up 'ifb' module) and i found >> 'initdone' file in Shorewall config directory and without manfile also. >> For me not very clearly as it use. > > http://www.shorewall.net/shorewall_extension_scripts.htm On this page i found a

I read several posts about SMTP being blocked at ISP. My ISP has the same limitation. My ADSL connection (1 fixed IP) only permits outbound connection to port 25 to their server. None of those posts answered my need. I tried FAQ also. I have several internal email clients/bots that needs to retrieve/send messages, some of then are notebooks. It''s not fair to change SMTP server to the

I have a really basic question (I think). We have two boxes connected to a lan segment on a hub. One is a Windows box running "Show Traffic", the other is a CentOS 5 Linux box running "ntop". Both boxes should be able to sniff all of the traffic on that hub (not a switch). The Windows box does just fine, Show Traffic is able to display traffic destined for other boxes

i have a box with 2 real interfaces and one more virtual eth0 - to the internet (193.... eth1 - to the local net (192.168..) tun0 - to another ISP the routing is: all the free/local classes i send them directly on eth0, the rest of the internet i send throw tun0 the admin from tun0 wants me to snat all the packets with my end of the ip-tun0-interface and i snat all the trafic that go to

Hello all, We have a few aliased Ethernet addresses on our server and if I do not use the Bind statement in the "Global" section then the NMBD seems to try to bind to all of the addresses. We are actually using OpenVPN which make the connections just fine on a 172.16.x.x subnet to "tun0" device. The problem is that Samba does not seem to find the tun0 device and reports

Hi everybody and merry Chrissy! I have smb listening to two interfaces and with tun0 this failed. Package was from Debian 7 - 2:3.6.6-6+deb7u4 # smbclient //10.9.8.1/public -Unot_a_user Enter not_a_user's password: Connection to 10.9.8.1 failed (Error NT_STATUS_CONNECTION_REFUSED) # smbclient //127.0.0.1/public -Unot_a_user Enter not_a_user's password: Domain=[WORKGROUP] OS=[Unix]

I'm trying to set up tinc on a Solaris 8 machine, but am having some problems setting the MAC addres on the tun0 interface to fe:fd:0:0:0:0 The error I'm seeing is: ifconfig: set_phys_addr failed: dl_errno 7 errno 0 ifconfig: failed setting mac address on tun0 Has anyone successfully setup tinc & tun0 on a Solaris machine? Any help would be appreciated. Regards, Tim Evans --

On Thu, Mar 03, 2016 at 11:19:10PM +0100, SHAD0WRUNNER at gmx.de wrote: > I have tinc up and running on a kvm/libvirt host. libvirt creates a bridge and > assigns ip to this bridge, for instance 192.168.1.1. All guests have an > ip within 192.168.1.0/24. I want to access the guests in this > libvirt network with tinc from the internet via the host. [...] > and tinc.conf like this

Hi all, I have a strange situation. I have a machine connected to an AT&T VPN. Sometimes the VPN gets disconnected, so I create a cronjob to restart the VPN client when it happens: Problem is: sshd seem doesn't want to bind to tun0. I restart ssh, network, no good. Anyone has any clue? So strange. Thank you.

Hi, i bought some VPS with KVM virtualization. I installed tinc 1.1-pre9 as usual... Have multiple servers with this working but now i got the following error... tincd -D -d -n NETWORK tincd 1.1pre9 (Jan 30 2014 11:09:17) starting, debug level 1 /dev/net/tun is a Linux tun/tap device (tun mode) Listening on 31.XXX.XXX.46 port 655 SIOCSIFADDR: No such device tun0: ERROR

On Fri, Mar 04, 2016 at 07:46:24PM +0100, shad0wrunner at gmx.de wrote: > >> I have tinc up and running on a kvm/libvirt host. libvirt creates a > >> bridge and assigns ip to this bridge, for instance 192.168.1.1. All > >> guests have an ip within 192.168.1.0/24. I want to access the guests > >> in this libvirt network with tinc from the internet via the