similar to: Re: Bug in shorewall auto start

Displaying 20 results from an estimated 8000 matches similar to: "Re: Bug in shorewall auto start"

2008 Nov 13
3
Does code in /etc/shorewall/start exec before or after Shorewall starts?
In the docs at http://www.shorewall.net/Shorewall-perl.html, "Your ipsets must be loaded before Shorewall starts. You are free to try to do that with the following code in /etc/shorewall/start" implies that code in /etc/shorewall/start is executed BEFORE Shorewall starts. In the default /etc/shorewall/start # /etc/shorewall/start # # Add commands below that you want to be
2008 Oct 22
1
Shorewall log analyzer
Hi all, I am looking for an easy shorewall log analyzer, nothing too fancy, just the most blocked traffic on a firewall by IP and port, preferably in daily reports or so. Which tool are you using? Thanks in adv, Erwin ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer''s challenge Build the
2008 Oct 31
1
Improvements in shorewall-interfaces.man & etc.
Tom & others, Two suggestions for small improvements in shorewall-interfaces.man. 1. Option dhcp, criterion 3., change "you have a static IP but are on a LAN segment with lots of DHCP clients." to "the interface has a static IP but is on a LAN segment with lots of DHCP clients." 2. Can the effect of the dhcp option be described briefly in one or
2008 Nov 13
1
Need destination zone with DNAT- in shorewall-perl 4.2.1?
On September 5, Tom wrote: > In Shorewall 4.2, you can leave the ''loc:'' out of the DNAT- rule. I tried that just now (shorewall-perl 4.2.1), and I got an error: Checking... WARNING: Destination zone (172.29.0.29) ignored : /etc/shorewall/rules (line 38) ERROR: Unknown Host (0.0.0.0/0) : /etc/shorewall/rules (line 38) where 172.29.0.29 is the destination address on
2008 Jul 28
4
rpmlib(PayloadIsLzma) <= 4.4.2-1 is needed by shorewall-common-4.2.0-0Beta3.noarch
Hello - I am a little problem trying to find what dependency I need to up date - This is what I see when trying to install: rpm -Fvh shorewall-* error: Failed dependencies: rpmlib(PayloadIsLzma) <= 4.4.2-1 is needed by shorewall-common-4.2.0-0Beta3.noarch rpmlib(PayloadIsLzma) <= 4.4.2-1 is needed by shorewall-perl-4.2.0-0Beta3.noarch I am using Centos 5.2 with the following RPM
2008 Nov 13
4
ERROR: Unknown Host (All hosts) : /usr/share/shorewall/macro.Any macro or rule
Hi. I set, for example, a rule with a host server: Macro.http accept fw net:www.google.es I restart shorewall and it works, but when i stop the firewall for disabling Internet (for any reason), and i want start the firewall it says: Failed to start firewall : Compiling... Compiling /etc/shorewall/zones... Compiling /etc/shorewall/interfaces... WARNING: Support for the detectnets interface
2008 Nov 13
4
ERROR: Unknown Host (All hosts) : /usr/share/shorewall/macro.Any macro or rule
Hi. I set, for example, a rule with a host server: Macro.http accept fw net:www.google.es I restart shorewall and it works, but when i stop the firewall for disabling Internet (for any reason), and i want start the firewall it says: Failed to start firewall : Compiling... Compiling /etc/shorewall/zones... Compiling /etc/shorewall/interfaces... WARNING: Support for the detectnets interface
2008 Jul 26
0
Shorewall 4.2.0 Beta 3
Beta 3 is now available for download. http://www.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-Beta3 ftp://ftp.shorewall.net/pub/shorewall/development/4.2/shorewall-4.2.0-Beta3 New Features: 1) Beginning with Shorewall 4.0.0, the -f option was no longer the default for ''/etc/init.d/shorewall start''. Beginning with 4.0.13 and 4.2.0-Beta3, this is also
2008 Jul 21
1
Need help to run Quake 3 server on Shorewall version 3.2.6
Hi there, I''m total stuck in this. I have NO problems, with controlling port 80, 22, 21 and other TCP ports. But to open UDP port 27960 is very difficult for me, I''ve searched google, but can''t find a solution, therefore I ask the experts in here. My OS is Debian Etch 64 bit # uname -a Linux sauron 2.6.18-6-amd64 #1 SMP Fri Jun 6 05:24:08 UTC 2008 x86_64 GNU/Linux
2008 Nov 07
2
Multiple Zones in the same interface
Hi, I am trying something so easy but doesnt work for me. I want to have more than once zone in my lan, for example my lan es 192.168.0.0/24 and I want to have one zone for servers, other for admin Pcs. etc here is my conf: Interfaces: -------------- #ZONE INTERFACE BROADCAST OPTIONS - eth3 detect net eth1 detect norfc1918 net eth0
2008 Aug 01
1
Re: How to block forwarding by port 25? (John Morris)
On Fri, 2008-08-01 at 03:37 -0700, shorewall-users-request@lists.sourceforge.net wrote: > Re: How to block forwarding by port 25? (John Morris) Thanks, that helped to find out the infected pc in private network, also to stop sending spam without our knowledge. is there a good tutorial how to block p2p sharing and messengers with shorewall? i read some topics and posts in forums, but
2008 Sep 05
5
PPTP Client Behind a Shorewall Firewall
Hi all, I´m running a server that frecuently needs to open a pptp session with a remote server outside my Company. This server is running behind a Shorewall firewall and I don´t find information in Shorewall web page because there is no information in the link http://www.shorewall.net/PPTP.htm#ClientsBehind Nowadays I can connect this server with the remote one but te session is closed after
2008 Nov 13
1
Error in RouteStopped, why happens!?
I get this enabling the option "routestopped" in my interface (eth0, net, one interface): Failed to apply configuration : Compiling... Compiling /etc/shorewall/zones... Compiling /etc/shorewall/interfaces... ERROR: Invalid Interface option (routestopped) : /etc/shorewall/interfaces (line 11) Means that routestopped don''tt work, is it? Then, what could i do? Thank you very
2008 Oct 01
2
DNAT Issue
Hi. Im setting up a web farm test lab. I have a number of machines in the test last on a dmz zone on network 10.20.30.0. The test lab firewall has two NICS. One (eth0) has two ip addresses, eth0 10.161.101.40 and eth0:0 10.161.10.49. The other one, eth1 is on a private network, 10.20.30.0. I want to use DNAT to allow test engineers to ssh into the machines in the web farm. I have
2008 Sep 23
3
Outgoing service always on a certain external address
Hi, Shorewall version -4.0.12-2 (EL5 rpm version) OS : Centos 5.2 I have shorewall successfully running on Linux with multi ISP. Trying to make services such as "rsync, ftp" go through my secondary ISP. For which I did the following eth0 : Internal LAN eth4 : DSL (Second ISP) => x.x eth5 : T1 (First ISP) => y.y Created the following entries in
2008 Aug 23
1
Multi-ISP Connectivity Issues from Firewall only
Dear all, I have a multi-isp setup using DSL and leased line config for my firewall box using shorewall version 4.0.13. Clients behind the router can connect to the net without problem, they are always routed via the DSL (BusinessOne) provider. The problem i am having is that sometimes when the firewall tries to connect to the internet the connections time out (apt-get update, ping,
2008 Jul 19
5
Disabled adaptor causing fatal error
On by eth1 does nothing, I tried configuring Shorewall and just ignoring it, but Shorewall errors with "Unable to determine the routes through interface ''eth1''", searching high low seems to reveal I am either the first person ever to see this error, or it is so trivially overcome that it is not documented or commented upon anywhere on the internet. I tried all sorts
2008 Oct 21
7
DNAT or NAT - QUESTION
Hi, I have a simple question. I have my firewall with 2 external Ip and 1 lan. For example ISP1 FW LAN----Mail Server ISP2 Ok, when i DANT the smpt port to my mail server, I can see that the conection in my mail server comes from the external IP of my ISP. I need to change this so the conection to my mail server cames from the LAN IP from my firewall Is this possible?
2008 Aug 05
4
Multi ISP ppp0 and ppp1 switching
Hi, I currently connect to my ISP via my adsl modem in bridge mode and PPPoE. I am due to put a second PPPoE ISP onto my firewall box which will give me ppp0 (general) and ppp1 (static leased line). The static leased line will run a number of services on its static IP and it is therefore imperative to make sure rules defined for the static line are assigned to the correct interface. I need this to
2008 Oct 20
1
[Fwd: Question]
I am forwarding this post to the Shorewall Users mailing list. The email address ''support@shorewall.net'' is reserved for sending large or confidential attachments to the Shorewall support team. See http://www.shorewall.net/support.htm -Tom -------- Original Message -------- Subject: Question Date: Mon, 20 Oct 2008 11:30:04 +0000 From: Raul <rfunez@polar.es> To: