Displaying 20 results from an estimated 5000 matches similar to: "Re: Problem release that does not work"
2010 Jan 27
5
Problem Shorewall
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
2012 Apr 16
6
problems with shorewall proxyarp
Hi everybody.
I''m trying to configure shorewall folowing this manual:
http://www.montanalinux.org/proxmox-ve-with-shorewall.html
But with shorewall check it tells me thah:
Checking /etc/shorewall/interfaces...
ERROR: Unknown zone (dmz) : /etc/shorewall/interfaces (line 16)
How can I define it in the zone file?
thanks for the help.
best regards,
Santiago.
2011 Aug 23
8
problems configuring shorewall in proxmox pve (debian5)
hello
before asking my question I come
My name is Santiago and I''m from Spain but I''m in Colombia
I followed this guide:
https://www.doas.montanalinux.org/proxmox-ve-with-shorewall.html
but when I run shorewall check, this error occurs:
Checking...
Initializing...
Determining Zones...
IPv4 Zones: net loc
Firewall Zone: fw
Validating interfaces file...
ERROR: Invalid
2009 Jun 18
9
Redirect port 80 away from Shorewall?
Hi There,
Due to shortage computer, I need to install Apache to my Shorewall box (192.168.1.1)
But the real web server is on another box (192.168.1.2)
I tried to put rule:
DNAT net loc:192.168.168.1 tcp 80
But everytime www connection coming in, it will hit my shorewall
Any solution?
Cheer
Access Yahoo!7 Mail on your mobile. Anytime. Anywhere.
Show me how:
2012 May 18
11
Shorewall 4.5.4 Beta 3
4.5.4 Beta 3 is now available for testing. I apologize for the
back-to-back Betas but I guess it''s better to find these problems during
the Beta period rather than later.
Problems corrected:
1) This release includes all defect repairs from Shorewall 4.5.3.1.
2) When EXPORTMODULES=No in shorewall.conf, the following errors were
issued:
/usr/share/shorewall/modules: line 19:
2012 May 18
11
Shorewall 4.5.4 Beta 3
4.5.4 Beta 3 is now available for testing. I apologize for the
back-to-back Betas but I guess it''s better to find these problems during
the Beta period rather than later.
Problems corrected:
1) This release includes all defect repairs from Shorewall 4.5.3.1.
2) When EXPORTMODULES=No in shorewall.conf, the following errors were
issued:
/usr/share/shorewall/modules: line 19:
2013 Sep 30
4
strange problem
Hi,
In log I get:
-----------------------------------------------------------
Sep 30 16:19:03 host kernel: Shorewall:FORWARD:REJECT:IN=eth0 OUT=eth0 SRC=ip1 DST=ip2 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=27279 DF PROTO=TCP SPT=51501 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0
----------------------------------------------------------
Even in /etc/shorewall/rules I have
2011 Jul 22
32
Shorewall 4.4.22 Beta 3
Beta 3 is now available for testing.
Corrections in this release:
1) Corrections included in Shorewall 4.4.21.1.
2) Several problems reported by Steven Springl.
The rest is largely cleanup of the new rule infrastructure.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \
2011 Jul 22
32
Shorewall 4.4.22 Beta 3
Beta 3 is now available for testing.
Corrections in this release:
1) Corrections included in Shorewall 4.4.21.1.
2) Several problems reported by Steven Springl.
The rest is largely cleanup of the new rule infrastructure.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \
2011 Jul 05
24
Shorewall 4.4.21 RC 3
RC 3 is now available for testing.
Problems corrected:
1) The Shorewall and Shorewall6 ''load'' and ''reload'' commands
previously used the setting of RSH_COMMAND and RCP_COMMAND from
/etc/shorewall/shorewall.conf (/etc/shorewall6/shorewall6.conf).
These commands now use the .conf file in the current working
directory.
2) The new parameterized
2011 Jul 05
24
Shorewall 4.4.21 RC 3
RC 3 is now available for testing.
Problems corrected:
1) The Shorewall and Shorewall6 ''load'' and ''reload'' commands
previously used the setting of RSH_COMMAND and RCP_COMMAND from
/etc/shorewall/shorewall.conf (/etc/shorewall6/shorewall6.conf).
These commands now use the .conf file in the current working
directory.
2) The new parameterized
2013 Mar 16
23
Shorewall 4.5.15 Beta 1
Beta 1 is now availablew for testing.
Problems Corrected:
1) Previously, the Shorewall and Shorewall6 install.sh scripts did two
things wrong with respect to the /etc/shorewall[6]/routes file:
- The existing file was unconditionally removed.
- A skeleton file was not installed when SPARSE was not set in
the shorewallrc file.
Additionally, the installer would remove
2013 Mar 16
23
Shorewall 4.5.15 Beta 1
Beta 1 is now availablew for testing.
Problems Corrected:
1) Previously, the Shorewall and Shorewall6 install.sh scripts did two
things wrong with respect to the /etc/shorewall[6]/routes file:
- The existing file was unconditionally removed.
- A skeleton file was not installed when SPARSE was not set in
the shorewallrc file.
Additionally, the installer would remove
2009 Jun 10
6
Shorewall + IPsec Tunnel
Hi everyone!
First of all, sorry about my bad English and the e-mails extension.
I need some help to implement a VPN connection using shorewall and openswan
as IPSec Tunnel.
My network map:
CLIENT VPN APPLIANCE --> +++INTERNET+++ --> FIREWALL --> OPENSWAN SERVER
(DMZ)
I have two VPN connections with two different subnets to the other end. The
two of then are correctly established.
2012 Jun 06
5
Error when upgrade from shorewall-4.4.13-3 to shorewall-4.5.2.3-1
Dear All,
I try to upgrade, my old shorewall from 4.4.13-3 to 4.5.2.3-1 on CentOS,
after upgrade i can''t start shorewall with this message:
"/Shorewall: Address Ranges require the Multiple Match capability in
your kernel and iptables/"
I try to search on the net about this, but no still no light. Somebody
can help me?
Great appreciate for any help.
Regards,
2013 Nov 05
8
Forwarding external traffic to another external server?
I''m trying to use my VPS server (single interface of course) as
somewhat of a VPN gateway to my other location (which is not
accessible directly from some places) where the openvpn server is
running, and am kind of lost as to what to try next.
I tried a redirect rule, but apparently shorewall didn''t like that (it
just failed to start).
I tried adding the rules via
2011 Sep 17
4
Shorewall DNAT to IPSET
I would like to dnat certain protocols (HTTP, HTTPS, SSH) to the
contents of an ipset (lan:+serviceshost or similar) where the ipset is
ensured to contain only one host, but can be changed dynamically when
services are in maintenance mode and go to the "services are down"
message on another server. Will this work, or am I barking up a fish here?
2011 Sep 02
10
Shorewall 4.4.23 RC 2
RC 2 is now available for testing (Early RC1 testing on a RedHat-based
system with dynamic provider gateways uncovered a couple of debilitating
defects in the enable/disable logic).
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in
2011 Sep 02
10
Shorewall 4.4.23 RC 2
RC 2 is now available for testing (Early RC1 testing on a RedHat-based
system with dynamic provider gateways uncovered a couple of debilitating
defects in the enable/disable logic).
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in
2010 Feb 12
5
rate limiting
Hi,
i am using squid as a transparent proxy. i have added this 3 lines to my rules file
ACCEPT $FW net tcp www
ACCEPT loc $FW tcp 8080
REDIRECT loc 8080 tcp www - !192.168.100.2
i want to limit the number of connection that are made from every pc on the network to the proxy server. if i change the 2nd rule to
ACCEPT loc $FW tcp 8080