similar to: multi-isp and preventing certain traffic on a given connection

Beta 1 is now available for testing. ---------------------------------------------------------------------------- I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- 1) Previously /var/log/shorewall*-init.log was created in the wrong Selinux context. The rpm''s have been modified to

Beta 1 is now available for testing. ---------------------------------------------------------------------------- I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- 1) Previously /var/log/shorewall*-init.log was created in the wrong Selinux context. The rpm''s have been modified to

Hi I have shorewall/iptables running on my server (pub) but access to localhost is blocked then I attemp to use ping localhost, telnet localhost 25, echo Hello | sendmail -v root@localhost. All these commands were run after using shorewall reset and creating the attached file. All these commands work with shorewall clear. My problem is I can''t email the root messages from (pub) to

Hi All, I use rather old Shorewall 3.2.6 and I know it''s no longer supported. I haven''t been updating the software because it works as intended until now. The problem is a simple DNAT rule. I actually have around 8 DNAT rules and they all work just fine. Here is what I want to achieve. I have a SMTP server in my LAN (lets say address 192.168.1.10). The SMTP daemon listens on

Hi, My firewall is a machine running Debian Squeeze with shorewall 4.4.11.6. /etc/shorewall/policy says this: loc $FW ACCEPT loc loc ACCEPT loc net ACCEPT $FW net ACCEPT $FW loc ACCEPT net all DROP # info all all REJECT

[ I hope this isn''t a dupe. Evolution crashed on my last send and I see nothing in my logs that leads me to believe the mail made it out before the crash ] Well, it probably is working. I''m probably just misunderstanding something. Given routing rules that look like this: 0: from all lookup local 10000: from all fwmark 0x40 lookup CGCO 10001: from all fwmark 0x80

I cannot connect to the INTERNET via my stand alone computer or my wireless laptop with the /etc/shorewall/interface setting I have. What Interface setting will allow me to connect to the Internet? Please see attached document for more details. ------------------------------------------------------------------------------ Free Software Download: Index, Search & Analyze Logs and other IT

Tom : Firewall up not letting traffic through It is probably a setting that I have wrong Private Network: Can ping the outside network card from inside the network, but can not ping "yahoo.com" or one of its ip address (209.191.122.70) Firewall computer: On the firewall computer can ping computer on inside network and "yahoo.com" -- Eric Teeter 504 Main St.

Hi, I realise that one can simply start fail2ban and then it will insert its own ruleset before shorewall''s ruleset. Are there subscribers to this list having alternative (and probably better) ways to use both fail2ban and shorewall? Thanks, Mark ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90

Hello, I''m migrating my laptop setup to a shiny new ThnikPad W520 and in the process am getting rid of VirtualBox (marked by kernel maintainers as "unsupportable crap" or some such) and shifting to virt-manager/kvm. As with the old setup I am running shorewall-init exactly as the great online documentation lays it out. BUT: with VBox it was enough to add > net

I''m wondering if the following is possible under recent versions of shorewall: 1. We have several class-C networks from both UUNet and Internap, both of which are actually routed over a single inbound ethernet line from UUNet at our colocation facility: 204.176.148.0/23 and 216.52.83.0/24. This gives us a total of 3 class-C subnets. All packets for these three subnets would land on

Dear R experts, I'm hoping someone can help me to interpret the results of building gam's with mgcv in R. Below are summaries of two gam's based on the same dataset. The first gam (named "gam.mod") has six predictor variables. The second gam (named "gam.mod2") is exactly the same except it is missing one of the predictor variables. What is confusing me is

I have an admin machine, and a backup server which does backups. The backup server has IPMI so I can do lights-out admin, and I want to allow this from the admin machine only. IPMI is completely unfirewalled, and so it must have a different class C than working networks.... this is just how it is. I''ve set the IPMI IP on the backup server to 192.168.10.4, and created a virtual

Hi, I am trying to register SIP clients which are behind NAT on different network. In order to achieve this goal I think I need STUN Server . I downloaded STUN Server from http://internap.dl.sourceforge.net/sourceforge/stun/stund_0.96_Aug13.tgz But I don't know how to install/configure it. And please advice me that STUN server is good idea for this scenario? Thanks in advance Wazb

Alle, Does anyone know if there are any reputable repositories out there that contain packages for fuse/sshfs? Best Regards, Camron -- Camron W. Fox Hilo Office High Performance Computing Group Fujitsu America, INC. E-mail: cwfox at us.fujitsu.com

Hi, in shorewall version 3.4.8 used this rule to block access to Facebook through port 443 (https): /shorewall/rules: REJECT loc net:69.171.224.12, 69.171.224.0/19,69.63.176.0/20,66.220.144.0/20 tcp 443 What I did was block the public IP network segment to fitthrough https. Now I use this same rule in version 4.4 and I works already. Has anything changed in this

so last night all my servers were severely probed and they tried to violate me (lol) the attack was so egregious I decided to contact the isp for that ip. Telepacific. The ip has some google searches that point to a few spam and a few attacks...So i assume a compromised server. So I sent them the info and said it must be a hacked server (the ip is on their business network) they responded

Hi, what does the 'a' means in the win installer: http://internap.dl.sourceforge.net/sourceforge/flac/flac-1.1.4a.exe ? Is this to indicate alpha version or ...? I was not sure. And does the installer uses the same flac tools as in this zip file: http://sourceforge.net/project/showfiles.php?group_id=13478&package_id=12675? thanks in advance! -------------- next part --------------

Hi! I work for the University of Dortmund in germany where we use icecast as a server for DGPS data (see http://igs.ifag.de/index_ntrip.htm for more information). We took icecast version 1.3.12 and adapted it to our needs: - low data rates of 50 and 500 bytes/sec - up to 150 source streams - no meta data Our operating system is Red Hat Linux 8.0. Under these circumstances and after variable

I am looking into supporting around 20 SIP clients (ATAs, IP softphones, etc) distributed in around 10 different end points (in South America). For the most part they all have narrow band connections 64kpbs, 128 at most and I?d like to use g729 all around (don?t have too many alternatives) To start with, I will have one * with no gateway to the PSTN and eventually a few * boxes with termination