similar to: Port Masquerading

Hi all, I have a problem to get my Linux machine to masquerade for other computers on the network. My main machine is connect to the ADSL modem on eth0. The machine also has another network card, eth1 which connects directly to the other computer. Both machines can ping each other fine, but I can''t access the net from the other (Windows) system. IP Configuration on the linux

Hello! I've setup tinc almost succesfully, but there is one problem remaining with a routing issue. Short Description of the situation : Workstation A (192.168.1.3) | | Tinc Host "50K" (192.168.1.1) | | <Unknown Firewall> + + + <Masq Firewall (Linux)> and Tinc Host "oeoe" (192.168.2.1) | | Workstation B

snat not working my local ip is aaa.aaa.aaa.aaa asterisk sitting on the internet at ip bbb.bbb.bbb.bbb my firewall''s internal ip is 192.168.0.254 i did snat: iptables -t nat -A POSTROUTING -o ppp0 -j SNAT --to aaa.aaa.aaa iptables -t nat -L -v gives: Chain POSTROUTING (policy ACCEPT 23663 packets, 2182K bytes) pkts bytes target prot opt in out source destination 33056

Shorewall 4.3.7 is available for testing. ---------------------------------------------------------------------------- P R O B L E M S C O R R E C T E D I N 4 . 3 . 7 ---------------------------------------------------------------------------- 1) Klemens Rutz reported a problem that affects all Shorewall-perl 4.2 and 4.3 versions. The problem: a) Only occurs when

I apologize before hand for my newbie question, but I have done the research and I still cant find a solution. Shoreline 1.4.8 Problem: Firewall isent allowing me to port forward to server Port Open = 3389 (RDP) Line added for Port Forwarding:DNAT net loc:192.168.42.5 tcp 3389 Error Produced: Mar 11 06:37:40 net2allROP:IN=ppp0 OUT=eth1 SRC=64.x.x.xxx DST=192.168.42.2 LEN=48 TOS=0x00

hi list, i got a small problem. here is my setup: WAN | | | bridged $FW-------DMZ | | masqueraded | LOCAL my shorewall machine ($FW) got three interfaces: eth0 eth1 eth2 * eth0 is connected to the WAN * eth1 is connected to my DMZ * eth2 is connected to LOCAL network i manage a whole C class (public adresses) in my DMZ, let''s say X.Y.Z.0/24 * my router

Hello Everyone! I am using shorewall-3.0.5 on suse linux. Recently we have implemented dansguardian running on 8080 and squid on port 3128. Previously (before dans guardian) masquerading was working fine but after the implementation of dansguardian masquerading is not working. My rules file has entry Previous entry was ACCEPT loc:192.192.192.3 net REDIRECT loc 8080 tcp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, Shorewall-3.0.3 RH9 (+legacy updates) eth0: loc: 192.168.1.0/24 eth0:0: loc: 192.168.20.0/24 eth1:: 69.70.32.8/29 I''m worked all day on an issue I found today and I just can''t find a way to fix my problem. So, basically, for now, my network looks like this: Internet ^ | (69.70.32.8/29) Firewall 192.168.1.1

Hi, I''m trying to enable ssh (when that works, want to add:pop3s,smtp,web) from the internet to the firewall but it does not work. I managed to DNAT ftp to a host in the loc network (192.168.0.50) successful but I don''t know why SSH: Does not work for me: ACCEPT net fw tcp 22 Works from the loc network: ACCEPT loc fw tcp 22 I have tried also with (no success): AllowSSH

I've got small numbers of connections moving through a load balancer configured in NAT mode. So I've got an iptables table called "nat", which has in it a line "-A POSTROUTING -o eth0 -j MASQUERADE" (lan connect is eth0, private lan inside the cluster is eth1). The load balancer is working; connections made to the virtual ip on that host do get routed to one of the

Dear All, Firstly, thank you very much - shorewall is great. I''m not a member of this list, and please forgive me if I am suggesting something stupid, but the following occurs to me, and I thought it might be useful. Why no make it possible to specify zones as well as interfaces in the /etc/shorewall/masq file ? Eg: instead of: eth0 eth1 one might write: net loc (or masq in

This mornings activity log shows this: . . . From 23.102.132.99 - 2 packets to tcp(3389) From 23.102.133.164 - 1 packet to tcp(3389) From 23.102.134.239 - 2 packets to tcp(3389) From 23.102.136.210 - 3 packets to tcp(3389) From 23.102.136.222 - 2 packets to tcp(3389) From 23.102.137.62 - 3 packets to tcp(3389) From 23.102.137.101 - 2 packets to tcp(3389) From

Hello Shorewall list, I''m a happy Shorewall user since a few years now and everything works fine for me except one thing that I try to implement since a week, the multi-isp. I''ve downloaded the 2.4.0 Stable release yesterday and tried the RC2 since a week. My config is a Debian running a kernel 2.4.27 home made with the CONNMARK.diff patch applied I''m using 2 ISP,

Hi, I just migrated my office's server from Slackware64 14.1 to CentOS 7. So far everything's running fine, I just have a few minor details to work out. I removed the firewalld package and replaced it by a simple Iptables script: --8<---------------------------------------------------- #!/bin/sh # # firewall-lan.sh IPT=$(which iptables) MOD=$(which modprobe) SYS=$(which sysctl)

This is a minor release of Shorewall which rolls up a number of bug fixes. New features include: 1. A NEWNOTSYN option has been added to shorewall.conf. This option determines whether Shorewall accepts TCP packets which are not part of an established connection and that are not ''SYN'' packets (SYN flag on and ACK flag off). 2. The need for the

Hello, I''ve successfully gotten Shorewall 2.0.7 configured and working. However, I am confused about how I can setup the interface "ppp1" in the file masq to allow the masquerading of my local LAN over a L2TP tunnel. It works without a hitch if the ppp interface is up, but if I reboot my machine without the interface being, shorewall refuses to load because the interface is

Hello! I''ve got the following setup: ippp0 (isdn), ppp0 (adsl), eth1 (internal lan), eth0 (nic dedicated to the adsl modem) Firewall rules: Default 2.4. iptables (everything set to accept) except: iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -t nat -A POSTROUTING -o ippp0 -j MASQUERADE Routing Table: Default gw is set to the ptp partner of ippp0 Problem: Packets

I've got this report (edited for clarity): # As it happens, it is unique to tunneling. I only have one protocol to # test with tunnelling at present due to firewalling on the host I'm # connecting to (rdp to a terminal server). # # When I try and telnet [host] 3389, it works fine, and I can disconnect # as normal. If I try the rdp client, I get this error: # # rdesktop: A Remote Desktop

Hi all! I try to make port based routing, because a have two connections to the internet. My router is a "one disk floppy router for linux". It is a big router project www.fli4l.de. I try also to make a opt, it is like a plugin for this router. This project uses Kernel 2.2.19 compiled with libc5 (because it is small and you can use one floppy disk). At the moment, iproute2 is not

Hi Folks! I''m new to shorewall (in the process of switching from Bastille), and I have a question as to how to address using Bluetooth enabled Palms with a BT dongle on a linux box protected by shorewall. Basically I followed the directions located at http://www.metacon.ca/bcs/view.php?page=bluetooth to get things working strictly with iptables, specifically: echo