Displaying 20 results from an estimated 3000 matches similar to: "Creating/Protecting a Subnet"
2011 Jan 10
12
Multi-provider halp
Hi to the list,
I configured a multi-provider setup with /etc/shorewall/providers:
Orange 1 1 main eth1 81.255.74.150
track,balance=1 eth0
Free 2 2 main eth2 88.180.116.254
track,balance=3 eth0
and /etc/shorewall/tcrules:
2:P 192.168.2.0/24 0.0.0.0/0
tcp 143
2:P 192.168.2.0/24
2011 Feb 03
0
ipsec and XEN
2011 Sep 02
10
Shorewall 4.4.23 RC 2
RC 2 is now available for testing (Early RC1 testing on a RedHat-based
system with dynamic provider gateways uncovered a couple of debilitating
defects in the enable/disable logic).
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in
2011 Sep 02
10
Shorewall 4.4.23 RC 2
RC 2 is now available for testing (Early RC1 testing on a RedHat-based
system with dynamic provider gateways uncovered a couple of debilitating
defects in the enable/disable logic).
Thank you for testing,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to
2012 Mar 15
3
Firewall up not letting traffic through
Tom :
Firewall up not letting traffic through
It is probably a setting that I have wrong
Private Network:
Can ping the outside network card from inside the network, but can not ping "yahoo.com" or one of its ip address (209.191.122.70)
Firewall computer:
On the firewall computer can ping computer on inside network and "yahoo.com"
--
Eric Teeter
504 Main St.
2011 Mar 19
6
localhost being blocked
Hi
I have shorewall/iptables running on my server (pub) but access to localhost is blocked then I attemp to use ping localhost, telnet localhost 25, echo Hello | sendmail -v root@localhost. All these commands were run after using shorewall reset and creating the attached file. All these commands work with shorewall clear.
My problem is I can''t email the root messages from (pub) to
2012 Mar 18
4
fail2ban
Hi,
I realise that one can simply start fail2ban and then it will insert its
own ruleset before shorewall''s ruleset. Are there subscribers to this
list having alternative (and probably better) ways to use both fail2ban
and shorewall?
Thanks,
Mark
------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90
2006 Aug 08
7
This list is a black hole.
Many questions goes in,
Very few answers come out.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
2011 Mar 10
3
multi-isp and preventing certain traffic on a given connection
I have a multi-isp configuration:
CGCO 1 256 main $CGCOIF detect track,balance br-lan,tun0
IGS 2 512 main $IGSIF detect track,fallback br-lan,tun0
where I force SMTP out one of the connections:
512:P br-lan - tcp 25
But the effect of that of course is that if IGS goes down, SMTP will
leak out of the CGCO connection. How can I prevent that?
Cheers,
b.
2011 Mar 17
2
DNAT problem
Hi All,
I use rather old Shorewall 3.2.6 and I know it''s no longer supported.
I haven''t been updating the software because it works as intended until now.
The problem is a simple DNAT rule. I actually have around 8 DNAT rules
and they all work just fine.
Here is what I want to achieve. I have a SMTP server in my LAN (lets say
address 192.168.1.10). The SMTP daemon listens on
2011 Mar 13
4
ipod touch, skype, and a shorewall firewall
Hi,
My firewall is a machine running Debian Squeeze with shorewall 4.4.11.6.
/etc/shorewall/policy says this:
loc $FW ACCEPT
loc loc ACCEPT
loc net ACCEPT
$FW net ACCEPT
$FW loc ACCEPT
net all DROP # info
all all REJECT
2017 Feb 10
3
Wich web browser on CentOS6 ?
On Fri, February 10, 2017 06:26, Patrick Begou wrote:
> Hello
>
> I have more and more troubles using firefox in professional
> environment with
> CentOS6. The latest version is 45.7.0 But I can't use it anymore to
> access some
> old server hardware (IDRAC7 of DELL C6100) because of
> "/SSL_ERROR_WEAK_SERVER_CERT_KEY/". I had to install an old Firefox32
>
2010 Jan 02
1
Using Push IMAP to trigger POP3 download
Hello all,
I have an HTPC connected 24/7 to the Internet running Mythbuntu. I
also have a web/email host that runs Dovecot for email and provides
IMAP and POP3 access.
I understand that Dovecot supports Push IMAP and I could, for example,
use Thunderbird to connect to my email host to receive instant email
as it arrives. I would like to add a Dovecot IMAP server on my HTPC
(for increased
2011 Sep 17
4
Shorewall DNAT to IPSET
I would like to dnat certain protocols (HTTP, HTTPS, SSH) to the
contents of an ipset (lan:+serviceshost or similar) where the ipset is
ensured to contain only one host, but can be changed dynamically when
services are in maintenance mode and go to the "services are down"
message on another server. Will this work, or am I barking up a fish here?
2018 Aug 07
3
Best practices for backing up small mailserver to remote location
My webserver also houses our mailserver. There's about six users on that
mail system and I'm thinking it would be good to back up the mailboxes to
my always on HTPC computer at home, which is reachable via a dynamic IP
service.
I know (or think) I need to use doveadm-backup for this but rather than
reinvent the wheel (or use the wrong wheel altogether) I'm wondering if
anyone can
2023 Oct 23
1
Host name lookup failure using hostbased authentication
On Mon, 23 Oct 2023 at 00:43, Thomas K?ller <thomas at koeller.dyndns.org> wrote:
> There is a nasty problem when using hostbased authentication:
Suggestions:
- "host" does DNS lookups, but is your system's nsswitch.conf or
equivalent actually configured to use DNS?
- have you turned off DNS lookups in sshd with "UseDNS no" in sshd_config?
- you could try
2010 Apr 13
6
Fileserver help.
Hi all.
Im pretty new to the whole OpenSolaris thing, i''ve been doing a bit of research but cant find anything on what i need.
I am thinking of making myself a home file server running OpenSolaris with ZFS and utilizing Raid/Z
I was wondering if there is anything i can get that will allow Windows Media Center based hardware (HTPC or XBOX 360) to steam from my new fileserver?
Any help
2004 Oct 01
1
Error 16770
When I try to mount an administrative //mymachine2/c$ share(the shared
resource is on a WinXP_SP2 unfirewalled machine) from a Linux machine,
using the command bellow, I receive an 16770 error message.
[root@mymachine1 scripts]# smbmount //mymachine2/c$ /mnt/tmp/ -o username=administrator
16770: session request to MYMACHINE2 failed (Not listening on called name)
16770: session request to