Displaying 20 results from an estimated 10000 matches similar to: "4.4.7 to 4.4.8"
2010 Apr 12
21
Using the limit action on a DNAT rule to prevent DoS attackson a specific port
Hi there.
I''m reading and reading through the doc''s and previous posts, but cannot
seem to find what I''m looking for. I want to create a rule that prevents DoS
and maybe even DDoS attacks against a specific port. The current rule looks
like this (the PORT''s and IP''s are dummies of course):
#ACTION SOURCE DEST
2010 May 13
6
Re: Problem release that does not work
Anex.
Thanks Tom.
2010/5/12 Tom Eastep <teastep@shorewall.net>
> On 5/12/10 2:47 PM, Orlandinei Vujanski wrote:
> > Tom, all right?
> >
> > Until yesterday my shorewall was working perfectly, but today it stopped
> > working. I already restarted the server, already changed the rules and
> > did not work.
> >
> > My shorewall this in 4.0.15
2011 Jul 22
32
Shorewall 4.4.22 Beta 3
Beta 3 is now available for testing.
Corrections in this release:
1) Corrections included in Shorewall 4.4.21.1.
2) Several problems reported by Steven Springl.
The rest is largely cleanup of the new rule infrastructure.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \
2011 Jul 22
32
Shorewall 4.4.22 Beta 3
Beta 3 is now available for testing.
Corrections in this release:
1) Corrections included in Shorewall 4.4.21.1.
2) Several problems reported by Steven Springl.
The rest is largely cleanup of the new rule infrastructure.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \
2011 Jul 05
24
Shorewall 4.4.21 RC 3
RC 3 is now available for testing.
Problems corrected:
1) The Shorewall and Shorewall6 ''load'' and ''reload'' commands
previously used the setting of RSH_COMMAND and RCP_COMMAND from
/etc/shorewall/shorewall.conf (/etc/shorewall6/shorewall6.conf).
These commands now use the .conf file in the current working
directory.
2) The new parameterized
2011 Jul 05
24
Shorewall 4.4.21 RC 3
RC 3 is now available for testing.
Problems corrected:
1) The Shorewall and Shorewall6 ''load'' and ''reload'' commands
previously used the setting of RSH_COMMAND and RCP_COMMAND from
/etc/shorewall/shorewall.conf (/etc/shorewall6/shorewall6.conf).
These commands now use the .conf file in the current working
directory.
2) The new parameterized
2010 Apr 15
3
Please help: Shorewall 4.4.8 captures all traffic as "world" on both loc & net on a bridge firewall
Hello All,
I¹ve installed the vanilla shorewall F12, I¹ve got it installed on a couple
of other servers with no problems. no matter how I define the zones and
interfaces, shorewall logs and allows, rejects or drops only traffic to
world.
ACCEPT:info net:<myip>/32 $FW icmp
Shorewall:world2fw:REJECT:IN=br0
ACCEPT:info world:<myip>/32 $FW icmp
2013 Nov 05
8
Forwarding external traffic to another external server?
I''m trying to use my VPS server (single interface of course) as
somewhat of a VPN gateway to my other location (which is not
accessible directly from some places) where the openvpn server is
running, and am kind of lost as to what to try next.
I tried a redirect rule, but apparently shorewall didn''t like that (it
just failed to start).
I tried adding the rules via
2011 Sep 17
4
Shorewall DNAT to IPSET
I would like to dnat certain protocols (HTTP, HTTPS, SSH) to the
contents of an ipset (lan:+serviceshost or similar) where the ipset is
ensured to contain only one host, but can be changed dynamically when
services are in maintenance mode and go to the "services are down"
message on another server. Will this work, or am I barking up a fish here?
2011 Sep 02
10
Shorewall 4.4.23 RC 2
RC 2 is now available for testing (Early RC1 testing on a RedHat-based
system with dynamic provider gateways uncovered a couple of debilitating
defects in the enable/disable logic).
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in
2011 Sep 02
10
Shorewall 4.4.23 RC 2
RC 2 is now available for testing (Early RC1 testing on a RedHat-based
system with dynamic provider gateways uncovered a couple of debilitating
defects in the enable/disable logic).
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in
2012 May 18
11
Shorewall 4.5.4 Beta 3
4.5.4 Beta 3 is now available for testing. I apologize for the
back-to-back Betas but I guess it''s better to find these problems during
the Beta period rather than later.
Problems corrected:
1) This release includes all defect repairs from Shorewall 4.5.3.1.
2) When EXPORTMODULES=No in shorewall.conf, the following errors were
issued:
/usr/share/shorewall/modules: line 19:
2012 May 18
11
Shorewall 4.5.4 Beta 3
4.5.4 Beta 3 is now available for testing. I apologize for the
back-to-back Betas but I guess it''s better to find these problems during
the Beta period rather than later.
Problems corrected:
1) This release includes all defect repairs from Shorewall 4.5.3.1.
2) When EXPORTMODULES=No in shorewall.conf, the following errors were
issued:
/usr/share/shorewall/modules: line 19:
2012 Apr 16
6
problems with shorewall proxyarp
Hi everybody.
I''m trying to configure shorewall folowing this manual:
http://www.montanalinux.org/proxmox-ve-with-shorewall.html
But with shorewall check it tells me thah:
Checking /etc/shorewall/interfaces...
ERROR: Unknown zone (dmz) : /etc/shorewall/interfaces (line 16)
How can I define it in the zone file?
thanks for the help.
best regards,
Santiago.
2011 Aug 23
8
problems configuring shorewall in proxmox pve (debian5)
hello
before asking my question I come
My name is Santiago and I''m from Spain but I''m in Colombia
I followed this guide:
https://www.doas.montanalinux.org/proxmox-ve-with-shorewall.html
but when I run shorewall check, this error occurs:
Checking...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
ERROR: Invalid
2010 Feb 12
5
rate limiting
Hi,
i am using squid as a transparent proxy. i have added this 3 lines to my rules file
ACCEPT $FW net tcp www
ACCEPT loc $FW tcp 8080
REDIRECT loc 8080 tcp www - !192.168.100.2
i want to limit the number of connection that are made from every pc on the network to the proxy server. if i change the 2nd rule to
ACCEPT loc $FW tcp 8080
2010 Jun 15
4
TPROXY configuration
I''m trying to get TPROXY / Squid running and I have a few questions...
I found this page:
http://www.shorewall.net/Shorewall_Squid_Usage.html#TPROXY
However, it doesn''t explain what I''m seeing in the configuration.
For the zone file, do I keep my loc and net configurations and just add
the following to the file?
- lo - -
or do I remove the loc and net zones and
2009 Jun 18
9
Redirect port 80 away from Shorewall?
Hi There,
Due to shortage computer, I need to install Apache to my Shorewall box (192.168.1.1)
But the real web server is on another box (192.168.1.2)
I tried to put rule:
DNAT net loc:192.168.168.1 tcp 80
But everytime www connection coming in, it will hit my shorewall
Any solution?
Cheer
Access Yahoo!7 Mail on your mobile. Anytime. Anywhere.
Show me how:
2012 Jan 21
9
linux kernel 3.2.x gentoo maclist
how to make this work, its seem to me that netfilter is changed more or
less someplaces that shorewall do not support, using 4.4.27 shorewall
and shorewall6
suggestion welcomed
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99!
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to