Displaying 20 results from an estimated 1000 matches similar to: "Hub/Spoke OpenVPN can't communicate from Client A to Client B - FORWARD:REJECT:IN=tun0 OUT=tun0"
2007 Dec 18
11
Shields-Up Scan of Shorewall Firewall
Guys,
After i got the port forwarding and everything else
working as per my previous post, i ran a shields-up
scan from grc.com on the firewall, i.e. a scan of the
external interface.
I m a little suprised at the results. On the firewall
i have postfix running ( smtp port 26 ), openssh ( ssh
port 22) and port forwarding of port 85 (on the
firewall ) to an internal host.
The Shields-Up scan
2008 Mar 30
7
FTP DNAT not working - "Server sent passive reply with unroutable address"
Hi all!
I am a long time lurker, but have not posted until now.
My old trusted firewall machine broke a couple of weeks ago and I replaced it
with a XEN domU that is using DNAT and has two interfaces. The firewall domU and
the FTP server domU are both guests on the same dom0. All three machines are
running Debian/etch (stable) and Shorewall has version 3.2.6.
I can''t get FTP to work
2008 Jun 02
4
Syn Flood Attack to SMTP server
Hello everyone, is a pleasure to be here.
I have a problem with my server, it runs qmail SMTP and protect it with
shorewall. Since yesterday I get syn flood attacks on port 25, which means
that no longer meet. How can I stop this with shorewall?
my setup is as follows.
zones:
#ZONE DISPLAY COMMENTS
net Net Internet
loc Local Local networks
dmz DMZ
2008 Jan 10
5
Want to log all ISP traffic to ULOG
I want to use fprobe-ulog (http://fprobe.sourceforge.net/) to generate
NetFlow information about traffic going through my router. The question
is how to get the logging rules added to the appropriate chains (I''m
assuming eth2_in and eth2_out in my case)? I''m using the perl version
of shorewall 4.0.6.
--
Orion Poplawski
Technical Manager 303-415-9701
2007 Dec 14
6
kernel panic with shorewall
I have an old Pentium II which I use as a gateway and firewall
for a home network. The external interface is a modem on ppp and the
internal interface is ethernet. I have had this setup running
successfully for many years starting with the early 2.x series
Shorewall.
My ISP recently changed my dial-up ''phone number and presumably also
the system at the other end of my modem (they
2008 Jan 08
8
Shorewall and LVS-NAT (via fwmark) nat'd machines can't access the outside world directly
Hi guys,
I''m not sure where to post for help on this one, shorewall or lvs, I''ll
start with shorewall (only cause Tom is a gun at this stuff, and is polite
enough to tell me to bugger off to the LVS list if I''m posting in the wrong
one ;)
I have a single box that is my router/firewall/LVS.
Internet -- eth0 - router/firewall - eth1 --- internal lan
|
eth2
2007 Dec 14
2
Dual ISP
Attempting to setup a dual ISP on a gentoo box but I''m not sure how to
configure the routing in the /etc/conf.d/net configuration file. Does
shorewall do all the routing or do I set just the default route to the
PRIMARY outbound ISP?
Vernon
-------------------------------------------------------------------------
SF.Net email is sponsored by:
Check out the new SourceForge.net
2007 Dec 14
1
route_rules redirection not working
hi,
I am running shorewall 3.2.9 on Mandriva2007 with 2 ISPs. Certain
local IPs are directed to a specific ISP in route_rules, and this was
working perfectly. I had to reinstall Mandriva, and after that this
redirection is not working. My files are:
masq:
eth1 192.168.10.3 202.71.146.210
eth2 202.71.146.210 192.168.10.3
eth1 eth0 202.71.146.210
eth2 eth0 192.168.10.3
interfaces:
2008 Mar 28
1
Re: rfc1918
>> Only one remark. Information about 'init' file i found only in
>> releasenotes.txt for 4.1.6 (for setting up 'ifb' module) and i found
>> 'initdone' file in Shorewall config directory and without manfile also.
>> For me not very clearly as it use.
>
> http://www.shorewall.net/shorewall_extension_scripts.htm
On this page i found a
2003 Jan 06
9
SMTP external forward
I read several posts about SMTP being blocked at ISP.
My ISP has the same limitation.
My ADSL connection (1 fixed IP) only permits outbound connection to port 25
to their server.
None of those posts answered my need. I tried FAQ also.
I have several internal email clients/bots that needs to retrieve/send
messages, some of then are notebooks.
It''s not fair to change SMTP server to the
2008 Jan 17
7
Netfilter, libpcap, ntop and promiscuous mode?
I have a really basic question (I think). We have two boxes connected
to a lan segment on a hub. One is a Windows box running "Show Traffic",
the other is a CentOS 5 Linux box running "ntop". Both boxes should be
able to sniff all of the traffic on that hub (not a switch).
The Windows box does just fine, Show Traffic is able to display traffic
destined for other boxes
2004 Oct 10
0
weird problem with ip+snat+tun0
i have a box with 2 real interfaces and one more virtual
eth0 - to the internet (193....
eth1 - to the local net (192.168..)
tun0 - to another ISP
the routing is: all the free/local classes i send them directly on eth0,
the rest of the internet i send throw tun0
the admin from tun0 wants me to snat all the packets with my end of the
ip-tun0-interface
and i snat all the trafic that go to
2005 Aug 19
2
Binding to Tun0 device
Hello all,
We have a few aliased Ethernet addresses on our server and if I do not
use the Bind statement in the "Global" section then the NMBD seems to
try to bind to all of the addresses.
We are actually using OpenVPN which make the connections just fine on a
172.16.x.x subnet to "tun0" device.
The problem is that Samba does not seem to find the tun0 device and
reports
2014 Dec 26
0
unable to have smb listen on NIC tun0 or 10/8 IP addres
Hi everybody and merry Chrissy!
I have smb listening to two interfaces and with tun0 this failed.
Package was from Debian 7 - 2:3.6.6-6+deb7u4
# smbclient //10.9.8.1/public -Unot_a_user
Enter not_a_user's password:
Connection to 10.9.8.1 failed (Error NT_STATUS_CONNECTION_REFUSED)
# smbclient //127.0.0.1/public -Unot_a_user
Enter not_a_user's password:
Domain=[WORKGROUP] OS=[Unix]
2002 Oct 10
1
Solaris tun0 problem
I'm trying to set up tinc on a Solaris 8 machine, but am having some
problems setting the MAC addres on the tun0 interface to fe:fd:0:0:0:0
The error I'm seeing is:
ifconfig: set_phys_addr failed: dl_errno 7 errno 0
ifconfig: failed setting mac address on tun0
Has anyone successfully setup tinc & tun0 on a Solaris machine?
Any help would be appreciated.
Regards,
Tim Evans
--
2016 Mar 04
0
issue with tinc and libvirt / Network is already in use by interface tun0
On Thu, Mar 03, 2016 at 11:19:10PM +0100, SHAD0WRUNNER at gmx.de wrote:
> I have tinc up and running on a kvm/libvirt host. libvirt creates a bridge and
> assigns ip to this bridge, for instance 192.168.1.1. All guests have an
> ip within 192.168.1.0/24. I want to access the guests in this
> libvirt network with tinc from the internet via the host.
[...]
> and tinc.conf like this
2016 Mar 03
2
issue with tinc and libvirt / Network is already in use by interface tun0
2009 Feb 11
1
sshd won't bind to tun0
Hi all,
I have a strange situation.
I have a machine connected to an AT&T VPN.
Sometimes the VPN gets disconnected, so I create a cronjob to restart
the VPN client when it happens:
Problem is: sshd seem doesn't want to bind to tun0.
I restart ssh, network, no good.
Anyone has any clue? So strange.
Thank you.
2014 Jan 30
0
Problem: "tun0: ERROR while getting interface flags: No such device"
Hi,
i bought some VPS with KVM virtualization.
I installed tinc 1.1-pre9 as usual... Have multiple servers with this
working but now i got the following error...
tincd -D -d -n NETWORK
tincd 1.1pre9 (Jan 30 2014 11:09:17) starting, debug level 1
/dev/net/tun is a Linux tun/tap device (tun mode)
Listening on 31.XXX.XXX.46 port 655
SIOCSIFADDR: No such device
tun0: ERROR
2016 Mar 04
0
issue with tinc and libvirt / Network is already in use by interface tun0
On Fri, Mar 04, 2016 at 07:46:24PM +0100, shad0wrunner at gmx.de wrote:
> >> I have tinc up and running on a kvm/libvirt host. libvirt creates a
> >> bridge and assigns ip to this bridge, for instance 192.168.1.1. All
> >> guests have an ip within 192.168.1.0/24. I want to access the guests
> >> in this libvirt network with tinc from the internet via the