similar to: masq and snat

Hi All! Been quite a few years and lots of water under the bridge but here I am back! I have a customer that has now decided they need a bit more bandwidth over and above their fixed line! They are not in a good area for ADSL because of copper theft and being a bit to far from the closest DSLAM! They have installed a wireless link and I have made certain that put it behind my simple iptables

Hi All! I only ever have complex setups. Customer site has a dedicated leased line from their ISP terminating on a Cisco router. Router is configuered with the first usable address on a /28 network - 196.x.y.73. The linux firewall is configured with the remaining 5 ip''s, 196.x.y.74 to 196.x.y.78 and 79 as the broadcast. Sounds normal but here is the twist. The primary or first ip

Sent from my iPad ************************************************************************************** Marco M. Salimu IT Manager VisionFund Tanzania [P.o. Box 1546] Mob: +255 784 370294 | +255 715 370294 : Off. Dir-Tel: +255 27 5098, Other: | Tel: +255 27 8218 | Fax: +255 27 8273 Off. Email: marco@seda.or.tz | marco_salim@wvi.org | Private Email: smarcos2001@yahoo.com smarcos2001@hotmail.com|

Hello Guys I have problem with internet bank. I have 2 Internet links balancing mode, thus the bank is charging connection down. I tried to force Internet traffic (port 80 and 443) for only a link, however it did not work. How do I make a setting to force the connection to these ports for a specific link. Note: I can not use the file as route_rules have neither the source IP (ltsp) nor of

I am in the process of building a new machine to replace several older servers. I am considering running several virtual servers on one box, all linux for host and virtual machines using VirtualBox. Is it possible/advisable to configure shorewall on the host to act as a firewall for the virtual machines, each having one or more static public IP address? Any pointers, suggestions and/or

Hi All! Just an update! The snmp driver seems quite happy with an APC AP9618 managment card in an APC Smart-UPS RT 5000 XL UPS. I have an APC AP9630 to test in the near future so will give and update on that one too! Cheers Ang -- Angela Williams angierfw at gmail dot com Linux/Networking Hacker Blog http://angierfw.wordpress.com Smile! Jesus Loves You!

Tom In Shorewall6 4.4.27 the following proxyndp entry: 2001:4d48:ad51:24::f3 eth2 eth0 no no does not add the required route. The code produced in /var/lib/shorewall6/.restart is: qt $IP -6 route del 2001:4d48:ad51:24::f3/128 dev eth2 run_ip route add 2001:4d48:ad51:24::f3/128 dev eth2 Splitting the line into 2 separate lines: qt $IP -6 route del 2001:4d48:ad51:24::f3/128 dev eth2

how to make this work, its seem to me that netfilter is changed more or less someplaces that shorewall do not support, using 4.4.27 shorewall and shorewall6 suggestion welcomed ------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99!

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=9 ------- Additional Comments From kaber@trash.net 2006-09-16 14:45 MET ------- I guess this is obsolete now that we don't exclude locally originating packets from MASQUERADE anymore .. in the end all ports will be unique. -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are

More than one of our docs issues revolve around some confusion between "IP masquerading" and "SNAT" -- a confusion I might share, or if contagious, I may be catching. <g> I think of SNAT more or less as a special case of IP masquerading, applicable when, for example, the external interface has multiple IP''s and you choose to _explicitly_ set the address through

I''d like to ask for clarification on the upgrade procedure using tarballs. In the past, with version 4.4, I have downloaded shorewall-4.4.x.y.tar.bz2 and shorewall6-4.4.x.y.tar.bz2, extracted each, and executed ''install.sh -s'' in each directory. Now there is a new package shorewall-core-4.5.x.y.tar.bz2. As I understand it, with version 4.5, this core package needs to be

hi, in the masq file''s documentation, there is a sentence: "If you have a static IP on that interface, listing it here makes processing of output packets a little less expensive for the firewall." this realy means that SNAT to the primary address is less expensive than a MASQ rules in the netfilter? is this documented anywhere in iptables/netfilter? thanks. -- Levente

Hi! Normally nut was just worked and worked for me! Not this time though! Distro is Gentoo withe latest nut-2.6.0 emerged today. Linux kernel version is 2.6.36 UPS is PowerCom BNT2000AT "Driver" is powercom ups.conf looks like this! Okay so APC1 is not and APC! [APC1] driver = powercom type = BNT port = /dev/ttyS1 numOfBytesFromUPS = 16

Hi list! I would like to modernize my server at home which is still running Shorewall 3. The server will be running CentOS 6.2 but i also want to use KVM virtualization to run a Windows host on the same box that i can log in to remotely. I looked through the documentation samples on the shorewall site and found several bridging configurations but they do not match my setup, yes it will

Hi! Normally nut was just worked and worked for me! Not this time though! Distro is Gentoo withe latest nut-2.6.0 emerged today. Linux kernel version is 2.6.36 UPS is PowerCom BNT2000AT "Driver" is powercom ups.conf looks like this! Okay so APC1 is not and APC! [APC1] driver = powercom type = BNT port = /dev/ttyS1 numOfBytesFromUPS = 16

Hi everyone. We are putting together a network appliance for emergency management use, and it has to be adaptable to different network connections. eth0 is a connection to whatever physical ethernet is available on site, if any, including satellite. ppp0 is a 3G modem connection, if available br0 is the internal network supporting IAX2, SIP, general internet use and video monitoring, over eth1

Hi, I am trying to get L2TP roadwarrior VPN working from http://www.shorewall.net/IPSEC-2.6.html#RW-L2TP but i am making a mistake somewhere, appreciate a fresh set of eyes to help. I have the following interfaces: ppp0 - interneteth0 - local networkrem - client openvpnl2tp - ppp for lt2p clients I am getting the following error logged when trying to connect into the server with L2TP from a remote

Dino, Alexey, there are a number of users suffering issues with your Powercom devices. Could you (Dino, and Keven if possible) please have a look at the below one, from Angela, and check for a fix? I've scheduled to release 2.6.1 next week, and having that fixed is part of the list. 2011/5/16 Angela Williams <angierfw at gmail.com> > Hi All > > On Friday 13 May 2011 at

I have a dual-homed firewall. It has 2 Internet connections, provided by different ISPs (each with an associated IP address). The 2 Internet connections are connected to the same physical interface. The 2 Internet connections do NOT have equal bandwidth How do I configure the SNAT/MASQ and ensure sharing of the gateways with the correct ratio of usage and with the correct source IP address? I