Displaying 20 results from an estimated 1000 matches similar to: "Shorewall 4.5.1.1"
2012 Mar 18
4
fail2ban
Hi,
I realise that one can simply start fail2ban and then it will insert its
own ruleset before shorewall''s ruleset. Are there subscribers to this
list having alternative (and probably better) ways to use both fail2ban
and shorewall?
Thanks,
Mark
------------------------------------------------------------------------------
This SF email is sponsosred by:
Try Windows Azure free for 90
2012 Mar 15
3
Firewall up not letting traffic through
Tom :
Firewall up not letting traffic through
It is probably a setting that I have wrong
Private Network:
Can ping the outside network card from inside the network, but can not ping "yahoo.com" or one of its ip address (209.191.122.70)
Firewall computer:
On the firewall computer can ping computer on inside network and "yahoo.com"
--
Eric Teeter
504 Main St.
2012 Mar 25
1
kvm and shorevall-init
Hello,
I''m migrating my laptop setup to a shiny new ThnikPad W520 and in the
process am getting rid of VirtualBox (marked by kernel maintainers as
"unsupportable crap" or some such) and shifting to virt-manager/kvm.
As with the old setup I am running shorewall-init exactly as the great
online documentation lays it out. BUT: with VBox it was enough to add
> net
2011 Dec 05
0
[Bug 763] New: dnat and snat not changing port numbers on sctp packets
http://bugzilla.netfilter.org/show_bug.cgi?id=763
Summary: dnat and snat not changing port numbers on sctp packets
Product: netfilter/iptables
Version: linux-2.6.x
Platform: x86_64
OS/Version: RedHat Linux
Status: NEW
Severity: normal
Priority: P3
Component: NAT
AssignedTo: netfilter-buglog at
2009 Jul 17
0
[ANNOUNCE] conntrack-tools 0.9.13 released
Hi!
The netfilter project presents another development release of the
conntrack-tools that includes support for all the protocol helpers
available in 2.6.30 that were missing so far (SCTP, UDPlite, DCCP and
GRE). The daemon updates includes a fix for a memory leak that can be
triggered under heavy load and if you set a hashtable in user-space that
is smaller than the one in the kernel. Moreover,
2016 Mar 16
2
Does SCTP help against TCP reset attacks?
Hello,
i have a question regarding SCTP support of OpenSSH. (I have
searched the list, and it seems to show up periodically every two
years, and since it's that time again i dare to ask...)
It can't be described better than what i've placed in a bug report
yesterday, so please let me (mostly) copy & paste that:
Hello.
I don't know how you do it, i never managed a(n
2009 May 23
0
Shorewall 4.3.11
Shorewall 4.3.11 is now available for testing.
Much of what is in this release is below the surface. Many of the
modules have been reorganized to provide for more readable code and to
eliminate a lot of parameter passing.
----------------------------------------------------------------------------
P R O B L E M S C O R R E C T E D I N 4 . 3 . 11
2012 Mar 14
7
Block port 443 (https) to Facebook.com
Hi, in shorewall version 3.4.8 used this rule to block access to Facebook
through port 443 (https):
/shorewall/rules:
REJECT loc net:69.171.224.12,
69.171.224.0/19,69.63.176.0/20,66.220.144.0/20 tcp 443
What I did was block the public IP network segment to fitthrough https.
Now I use this same rule in version 4.4 and I works already.
Has anything changed in this
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to
2019 Apr 22
1
[Bug 1335] New: iptables-restore will crash if -6 rules are present
https://bugzilla.netfilter.org/show_bug.cgi?id=1335
Bug ID: 1335
Summary: iptables-restore will crash if -6 rules are present
Product: iptables
Version: unspecified
Hardware: All
OS: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: iptables-restore
2019 Aug 27
0
[Bug 1362] New: iptables translation issues
https://bugzilla.netfilter.org/show_bug.cgi?id=1362
Bug ID: 1362
Summary: iptables translation issues
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: iptables over nftable
Assignee: pablo at
2009 Mar 23
2
[ANNOUNCE]: Release of iptables-1.4.3
The netfilter coreteam presents:
iptables version 1.4.3
the iptables release for the 2.6.29 kernel. It has been some time
since the last release and we've had a lot of changes all over the
place. Besides the usual fixes and cleanups, we have:
- numerous documentation updates from Jan Engelhardt and others
- a set of changes to move some of the iptables functionality to
a shared
2023 Jun 17
2
[PATCH net-next v2 17/17] net: Kill MSG_SENDPAGE_NOTLAST
Now that ->sendpage() has been removed, MSG_SENDPAGE_NOTLAST can be cleaned
up. Things were converted to use MSG_MORE instead, but the protocol
sendpage stubs still convert MSG_SENDPAGE_NOTLAST to MSG_MORE, which is now
unnecessary.
Signed-off-by: David Howells <dhowells at redhat.com>
cc: "David S. Miller" <davem at davemloft.net>
cc: Eric Dumazet <edumazet at
2012 Mar 12
1
2 Interface router running KVM with virtual hosts
Hi list!
I would like to modernize my server at home which is still running
Shorewall 3. The server will be running CentOS 6.2 but i also want to use
KVM virtualization to run a Windows host on the same box that i can log
in to remotely.
I looked through the documentation samples on the shorewall site and found
several bridging configurations but they do not match my setup, yes it
will
2016 Mar 06
1
[Bug 1055] New: dccp type reset throws errors
https://bugzilla.netfilter.org/show_bug.cgi?id=1055
Bug ID: 1055
Summary: dccp type reset throws errors
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter:
2014 May 07
0
[Bug 930] New: DCCP: --dccp-types and --dccp-option are not supported
https://bugzilla.netfilter.org/show_bug.cgi?id=930
Summary: DCCP: --dccp-types and --dccp-option are not supported
Product: nftables
Version: unspecified
Platform: x86_64
OS/Version: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: nft
AssignedTo: pablo at netfilter.org
2018 Jul 26
0
net-next boot error
[ Added Thomas Gleixner ]
On Thu, 26 Jul 2018 11:34:39 +0200
Dmitry Vyukov <dvyukov at google.com> wrote:
> On Thu, Jul 26, 2018 at 11:29 AM, syzbot
> <syzbot+604f8271211546f5b3c7 at syzkaller.appspotmail.com> wrote:
> > Hello,
> >
> > syzbot found the following crash on:
> >
> > HEAD commit: dc66fe43b7eb rds: send: Fix dead code in rds_sendmsg
2006 Sep 18
1
Getting network working in HVM domU
Hi all,
I now have Xen running on Intel Core2 duo system, and am running a HVM domU
with Microsoft Windows XP Home Edition, cold-installed from distribution CD.
Problem is, Windows can''t get to the network.
My dom0 ifconfig looks correct, as far as I can tell. I have a DHCP server
on my local network, but the Windows XP domU claims to be unable to find
DHCP. I''ve also tried
2003 Oct 23
3
Shorewall backup configuration patch/hack
Hi,
I created a modification (more like a hack) to shorewall that backups a
configuration after succesfully (re)starting it. In case a future
(re)start fails it will use this backup configuration. (instead of
stopping the firewall and generating a massive ammount phonecalls ;)
I didn''t pay too much attention to the ramifications of this patch, so let
me know if i screwed anything up.