similar to: linux kernel 3.2.x gentoo maclist

Tom In Shorewall6 4.4.27 the following proxyndp entry: 2001:4d48:ad51:24::f3 eth2 eth0 no no does not add the required route. The code produced in /var/lib/shorewall6/.restart is: qt $IP -6 route del 2001:4d48:ad51:24::f3/128 dev eth2 run_ip route add 2001:4d48:ad51:24::f3/128 dev eth2 Splitting the line into 2 separate lines: qt $IP -6 route del 2001:4d48:ad51:24::f3/128 dev eth2

I''d like to ask for clarification on the upgrade procedure using tarballs. In the past, with version 4.4, I have downloaded shorewall-4.4.x.y.tar.bz2 and shorewall6-4.4.x.y.tar.bz2, extracted each, and executed ''install.sh -s'' in each directory. Now there is a new package shorewall-core-4.5.x.y.tar.bz2. As I understand it, with version 4.5, this core package needs to be

Hello Guys I have problem with internet bank. I have 2 Internet links balancing mode, thus the bank is charging connection down. I tried to force Internet traffic (port 80 and 443) for only a link, however it did not work. How do I make a setting to force the connection to these ports for a specific link. Note: I can not use the file as route_rules have neither the source IP (ltsp) nor of

I am in the process of building a new machine to replace several older servers. I am considering running several virtual servers on one box, all linux for host and virtual machines using VirtualBox. Is it possible/advisable to configure shorewall on the host to act as a firewall for the virtual machines, each having one or more static public IP address? Any pointers, suggestions and/or

Hi All! Been quite a few years and lots of water under the bridge but here I am back! I have a customer that has now decided they need a bit more bandwidth over and above their fixed line! They are not in a good area for ADSL because of copper theft and being a bit to far from the closest DSLAM! They have installed a wireless link and I have made certain that put it behind my simple iptables

Hi, I am trying to get L2TP roadwarrior VPN working from http://www.shorewall.net/IPSEC-2.6.html#RW-L2TP but i am making a mistake somewhere, appreciate a fresh set of eyes to help. I have the following interfaces: ppp0 - interneteth0 - local networkrem - client openvpnl2tp - ppp for lt2p clients I am getting the following error logged when trying to connect into the server with L2TP from a remote

The Shorewall Team is pleased to announce the availability of Shorewall 4.5.0. ---------------------------------------------------------------------------- P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- 1) This release includes all defect repair included in 4.4.27.1-4.4.27.3. 2) The start

Hi All! I only ever have complex setups. Customer site has a dedicated leased line from their ISP terminating on a Cisco router. Router is configuered with the first usable address on a /28 network - 196.x.y.73. The linux firewall is configured with the remaining 5 ip''s, 196.x.y.74 to 196.x.y.78 and 79 as the broadcast. Sounds normal but here is the twist. The primary or first ip

Hi list! I would like to modernize my server at home which is still running Shorewall 3. The server will be running CentOS 6.2 but i also want to use KVM virtualization to run a Windows host on the same box that i can log in to remotely. I looked through the documentation samples on the shorewall site and found several bridging configurations but they do not match my setup, yes it will

Typically (or at least somewhat occasionally) after a reboot of my shorewall[-lite] machine I find that I end up with conntrack table entries for unNATted connections such as: # conntrack -L -p udp --dport 5060 -d 99.232.11.14 udp 17 59 src=10.75.22.8 dst=99.232.11.14 sport=5060 dport=5060 packets=5472 bytes=3031488 [UNREPLIED] src=99.232.11.14 dst=10.75.22.8 sport=5060 dport=5060 packets=0

When I attempt to start shorewall (version 4.0.15) I get an RTNETLINK error (see below). /var/log/shorewall-init.log [...] 21:02:18 Creating Interface Chains... 21:02:19 Adding Providers... RTNETLINK answers: File exists ERROR: Command "ip route add table 1 129.116.XXX.0/24 dev eth2 proto kernel s cope link src 129.116.XXX.30" Failed 21:02:25 Shorewall-generated routing tables and

Hello Mailinglist, please excuse my bad english - but I am not a native speaker. My Network looks like this: Internet --- dyn. IP --- Firewall (shorewall) --- LAN (192.168.X.X) No I try to connect my iphone (from mobile Internet G3) over VPN (l2tp/ipsec) with the firewall. But I can´t open the necessary Port 1701. /var/log/syslog ... Dec 30 00:24:29 router kernel: [226128.293757]

Sent from my iPad ************************************************************************************** Marco M. Salimu IT Manager VisionFund Tanzania [P.o. Box 1546] Mob: +255 784 370294 | +255 715 370294 : Off. Dir-Tel: +255 27 5098, Other: | Tel: +255 27 8218 | Fax: +255 27 8273 Off. Email: marco@seda.or.tz | marco_salim@wvi.org | Private Email: smarcos2001@yahoo.com smarcos2001@hotmail.com|

Hi everyone. We are putting together a network appliance for emergency management use, and it has to be adaptable to different network connections. eth0 is a connection to whatever physical ethernet is available on site, if any, including satellite. ppp0 is a 3G modem connection, if available br0 is the internal network supporting IAX2, SIP, general internet use and video monitoring, over eth1

Hi! Progress is much better now with my new install with not many problems left! I just have a simple - I hope - question. I have a few users that need access to the net via masquerade rules. The rest have to go via squid on the firewall. That all works well. I also have two windows servers that also need access to the net but they have to each use a specific outgoing ip address. I add two

Hi, I have 2 Debian testing boxes running a very similar setup (both running the latest aptosid kernel); on one of them, since the iptables/libxtables10 packages have been upgraded from 1.4.19.1-1 to 1.4.20-2, shorewall-init can''t start shorewall anymore and for this reason ifupdown also fails triggering firewall up. Shorewall can be successfully started later on, and ifupdown starts

When using shorewall with a road warrior openvpn setup, how can I get the tun interface to masq through a lan interface? Example Setup: Machine A (tun0 10.0.0.1) -----------VPN---------(tun0 10.0.0.2)---------Machine B(10.10.10.1) When I ping Machine B from Machine B, Machine B is receiving the echo request, but it doesn''t know the route back to the 10.0.0.0/24, and there

Dear all, I''m setting up a new gateway for a small network (under 30 users)Gw will host the following services:shorewalldnsproxy i''m considering installing snort.can i do so on the same exact box ? is there any security risk of doing so ? box would have 4 ISPs and two internal interfaces. Any recommendation about the optimal setup of snort and shorewall (or if you suggest

Hi I''m running on a debian box shorewall-4.5.17. My main gateway is a router running on openwrt and I want to use the shorewall-lite packet provided by openwrt. The openwrt''s provided shorewall-lite packet is 4.5.7. So my questions would be: 1: Do I need to make some modifications before installing shorewall-core-4.5.7/shorewall-4.5.7 on my debian box? 2: if I have both