similar to: Return to sender

Displaying 20 results from an estimated 6000 matches similar to: "Return to sender"

2010 Feb 27
3
Port Redirection
Hi Everyone! I''m having problems to redirect an UDP port to an external server. My firewall have 4 interfaces: NET, LOC (192.168.0.0/24), DMZ(192.168.1.0/24), CMTC(10.0.0.0/24). On CMTC interface I have a direct connection to another network using a VPN link. I need to redirect an UDP port to on server (10.1.0.2) on CMTC zone using my local IP (192.168.0.1) for gateway. I will use
2009 Jul 03
5
rules and nat
Hi, I just add these file rules: DNAT net loc:192.168.8.35 tcp - - 202.158.70.38 DNAT net loc:192.168.8.36 tcp - - 202.158.70.38 DNAT net loc:192.168.8.37 tcp - - 202.158.70.38 And these on file nat: 202.158.70.38 eth0 192.168.8.35 no no 202.158.70.38 eth0 192.168.8.36 no no 202.158.70.38 eth0 192.168.8.37 no no I try to connect to the internet and check the IP and all hosts returns
2009 Jun 10
6
Shorewall + IPsec Tunnel
Hi everyone! First of all, sorry about my bad English and the e-mails extension. I need some help to implement a VPN connection using shorewall and openswan as IPSec Tunnel. My network map: CLIENT VPN APPLIANCE --> +++INTERNET+++ --> FIREWALL --> OPENSWAN SERVER (DMZ) I have two VPN connections with two different subnets to the other end. The two of then are correctly established.
2009 Jul 12
2
Shorewall 4.4.0 Beta 4
Beta 4 is now ready for testing. http://www.shorewall.net/pub/shorewall/development/4.4/shorewall-4.4.0-Beta4/ ftp://ftp.shorewall.net/pub/shorewall/development/4.4/shorewall-4.4.0-Beta4/ ---------------------------------------------------------------------------- P R O B L E M S C O R R E C T E D I N 4 . 4 . 0 Beta 4
2009 Jul 17
1
Problem with Email at same network
Hello, My firewall is a Shorewall 4.2.5 I''ve a webserver and a mailserver runnig at same internal network. The DNAT instruction runnig okay (DNAT rule has to map smtp port). I receive mail from externals senders. But, when my webserver sents any mail to my domain (my mailserver), the message doesn''t receives. Is there a rule that I need to make to running ? DNAT
2010 Mar 17
2
DNAT Problem
Hi everyone! I''m having time out problems when using a DNAT rule. Rule: DNAT:info cmtc loc:192.168.0.158 tcp 8011 Log: Mar 17 17:50:17 gw kernel: [1583997.524924] Shorewall:cmtc_dnat:DNAT:IN=eth3 OUT= SRC=10.1.0.2 DST=10.0.0.2 LEN=60 TOS=0x10 PREC=0x00 TTL=62 ID=4279 DF PROTO=TCP SPT=32791 DPT=8011 WINDOW=5840 RES=0x00 SYN URGP=0 Telnet: root@emudar:~# telnet
2009 Oct 23
9
sip/iax problem - udp conntrack entries not getting destroyed
Hello all, I have an asterisk sip/iax peer behind a linux gateway doing nat. I''m using pppoe with a dynamic ip that changes frequently. The problem is when the line drops the sip/iax registrations drop as well, and they don''t register thereafter. When I check the conntrack entries, I noticed the entries still have the old wan ip address and because of keepalive (i''m
2008 Sep 23
3
Outgoing service always on a certain external address
Hi, Shorewall version -4.0.12-2 (EL5 rpm version) OS : Centos 5.2 I have shorewall successfully running on Linux with multi ISP. Trying to make services such as "rsync, ftp" go through my secondary ISP. For which I did the following eth0 : Internal LAN eth4 : DSL (Second ISP) => x.x eth5 : T1 (First ISP) => y.y Created the following entries in
2008 Oct 24
6
routing packet from/to source/destination
Hi all and specially Mr. Tom.... (Please, do not be acid with me please! I am only a newbie, trying learn more about shorewall) I get involved with a Firewall Project in a customer here in my city... In this customer, he has two Internet Providers. So, he ask me how make certain connection following one routing path (like RT_1) and others connections type, following the other routing path
2011 Jan 10
12
Multi-provider halp
Hi to the list, I configured a multi-provider setup with /etc/shorewall/providers: Orange 1 1 main eth1 81.255.74.150 track,balance=1 eth0 Free 2 2 main eth2 88.180.116.254 track,balance=3 eth0 and /etc/shorewall/tcrules: 2:P 192.168.2.0/24 0.0.0.0/0 tcp 143 2:P 192.168.2.0/24
2010 Jun 15
4
TPROXY configuration
I''m trying to get TPROXY / Squid running and I have a few questions... I found this page: http://www.shorewall.net/Shorewall_Squid_Usage.html#TPROXY However, it doesn''t explain what I''m seeing in the configuration. For the zone file, do I keep my loc and net configurations and just add the following to the file? - lo - - or do I remove the loc and net zones and
2010 Nov 23
4
ERROR: Duplicate Host Group
Hello, This is using version 4.4.11.3 (Debian). The following error occurs: ERROR: Duplicate Host Group (eth1:10.128.23.34/16) in zone loc : The configuration is a test config. Commented lines removed to keep it clear: # cat zones fw firewall loc ipv4 # cat interfaces loc eth1 - # cat hosts loc eth1:10.128.23.34/16 # cat policy all all ACCEPT
2010 Mar 03
5
Applications running on the Firewall (MultiISP)
Hello, it seems I am hit by http://shorewall.net/MultiISP.html#Local : "Experience has shown that in some cases, problems occur with applications running on the firewall itself. This is especially true when you have specified routefilter on your external interfaces in /etc/shorewall/interfaces (see above). When this happens, it is suggested that you have the application use specific local IP
2013 Mar 31
1
Can't match DSCP CS6 and CS7
Hi, DSCP match in /tcrules/ doesn''t work with CS6 and CS7, it provides an error "invalid value" for string and hexa values. It seems that it comes from /Chain.pm/, in the function /do_dscp/: fatal_error( "Invalid DSCP ($dscp)" ) unless defined $value && $value < 0x2f && ! ( $value & 1 ); I dont understand why "$value < 0x2f", but
2009 May 29
5
CONNMARK target and connmark match support in Ubuntu kernel
Hi, as per the shorewall MultiISP documentation ( http://www1.shorewall.net/MultiISP.html ), it says "Use of this feature requires that your kernel and iptables include CONNMARK target and connmark match support (Warning: Standard Debian™ and Ubuntu™ kernels are lacking that support!)." it means MultiISP wont work properly if i am using Ubuntu server. if yes whats the
2013 Mar 16
23
Shorewall 4.5.15 Beta 1
Beta 1 is now availablew for testing. Problems Corrected: 1) Previously, the Shorewall and Shorewall6 install.sh scripts did two things wrong with respect to the /etc/shorewall[6]/routes file: - The existing file was unconditionally removed. - A skeleton file was not installed when SPARSE was not set in the shorewallrc file. Additionally, the installer would remove
2013 Mar 16
23
Shorewall 4.5.15 Beta 1
Beta 1 is now availablew for testing. Problems Corrected: 1) Previously, the Shorewall and Shorewall6 install.sh scripts did two things wrong with respect to the /etc/shorewall[6]/routes file: - The existing file was unconditionally removed. - A skeleton file was not installed when SPARSE was not set in the shorewallrc file. Additionally, the installer would remove
2010 Oct 21
10
KVM and bridge
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 An Ubuntu 10.04 server running Shorewall 4.4.6.1 hosts three KVM virtual servers on the default libvrt virbr0 bridge at the default vnet+ bridge ports. The bridge and ports are on a separate private subnet (192.168.122.0/24). Each bridge port and the bridge itself are in the dmz, there are two physical interfaces and private local subnets in loc, and
2011 Aug 02
5
selinux issues
Please see https://bugzilla.redhat.com/show_bug.cgi?id=727648 for more info. Shorewall executes some bash code like the following: while read address interface external haveroute; do qt $IP -4 neigh del proxy $address dev $external [ -z "${haveroute}${g_noroutes}" ] && qt $IP -4 route del $address/32 dev $interface
2013 Jun 13
3
"Multiple Internet Connections" with four interfaces
Hi, I was reading document http://shorewall.net/MultiISP.html#idp3634200. Inspired by the document I was trying to establish the following changes: * one additional interface: COMA_IF * COM[A,B,C]_IF interfaces request IP address via DHCP * all non-RFC 1918 destined trafic is NATed from INT_IF to COMA_IF * all non-RFC 1918 destined trafic from GW is routed via COMB_IF by default * non-RFC 1918