Displaying 20 results from an estimated 2000 matches similar to: "Shorewall 4.5.5.2"
2012 Sep 26
2
Error message starting Shorewall with TC simple enabled
Hi,
Hi, I get an error with TC Simple.
System:
shorewall 4.5.6.2
kernel 3.5.3
iptables 1.4.13
xtables 1.45
iproute2 3.5.1
OS: gentoo/linux amd64
when shorewall executes this command:
tc filter add dev eth0 protocol all prio 1 parent 1011: handle 1011 flow hash keys nfct-src divisor 1024
It fails with this error:
RTNETLINK answers: No such file or directory
We have an error
2012 Jul 04
0
Shorewall 4.5.6 RC 1
Shorewall 4.5.6 RC 1 is now available for testing.
Problems corrected since Beta 4:
1) In the generated script, the logic for handling wildcard interfaces
with the ''wait=n'' option was incorrect. For each matching interface,
the script would check its readiness n times in rapid
succession. The script now sleeps 1 second between checks.
2) Previously, the tcrules
2012 Jul 04
0
Shorewall 4.5.6 RC 1
Shorewall 4.5.6 RC 1 is now available for testing.
Problems corrected since Beta 4:
1) In the generated script, the logic for handling wildcard interfaces
with the ''wait=n'' option was incorrect. For each matching interface,
the script would check its readiness n times in rapid
succession. The script now sleeps 1 second between checks.
2) Previously, the tcrules
2012 May 18
11
Shorewall 4.5.4 Beta 3
4.5.4 Beta 3 is now available for testing. I apologize for the
back-to-back Betas but I guess it''s better to find these problems during
the Beta period rather than later.
Problems corrected:
1) This release includes all defect repairs from Shorewall 4.5.3.1.
2) When EXPORTMODULES=No in shorewall.conf, the following errors were
issued:
/usr/share/shorewall/modules: line 19:
2012 May 18
11
Shorewall 4.5.4 Beta 3
4.5.4 Beta 3 is now available for testing. I apologize for the
back-to-back Betas but I guess it''s better to find these problems during
the Beta period rather than later.
Problems corrected:
1) This release includes all defect repairs from Shorewall 4.5.3.1.
2) When EXPORTMODULES=No in shorewall.conf, the following errors were
issued:
/usr/share/shorewall/modules: line 19:
2012 May 31
5
Shorewall + squid + multi isp
Hello all,
I''m reading the nice documentation about shorewall with multi isp. And I wonder about squid (non transparent) and shorewall
Can I use on same machine, squid with ldap ident, dansguardian, and shorewall with multi-isp (four or five) ? Perhaps there is a problem because squid mask source IP, shorewall can maintain and load balance sessions for the same source IP ?
Thanks Fred
2012 Apr 24
0
Shorewall 4.5.3 Beta 1
Beta 1 is now available for testing.
Problems Corrected:
1) This version includes all defect repairs from Shorewall 4.5.2.1 -
4.5.2.3.
2) The LOCKFILE setting in shorewall.conf and shorewall6.conf had
become inadvertently undocumented. It is now documented again.
New Features:
1) The ''-T'' option is now supported in the Shorewall and Shorewall6
2012 Apr 24
0
Shorewall 4.5.3 Beta 1
Beta 1 is now available for testing.
Problems Corrected:
1) This version includes all defect repairs from Shorewall 4.5.2.1 -
4.5.2.3.
2) The LOCKFILE setting in shorewall.conf and shorewall6.conf had
become inadvertently undocumented. It is now documented again.
New Features:
1) The ''-T'' option is now supported in the Shorewall and Shorewall6
2012 Jun 05
2
Anti DDOS rules
Hi,
How can I tell shorewall to block any ip address if it generate x no of
request within x no of seconds. I want to filter SYN, ICMP and HTTP Get
floods etc. Is it possible have a minimum local level deterrence against
ddos attacks at firewall level?
--
AzfarHashmi
Cloudways
Your Managed Cloud
e: azfar.hashmi@cloudways.com
w: www.cloudways.com <http://www.cloudways.com>
PGP
2012 May 08
19
Shorewall, TPROXY, Transparent Squid and Multiples ISP
Hello,
I wonder if someone could use the TPROXY with Shorewall and
transparent Squid with using the routing rules on shorewall
(tcrules) for hosts / networks (LAN) with multiples providers (WANs)
directly from the internal network on port 80 (with TPROXY
transparent squid or REDIRECT).
On this issue, the routing rules is not work propertly because the
source is the
2012 Jun 17
2
tcrules' SIP HELPER is not helping
Hello
Asterisk sits in a Vserver guest (192.168.3.9) on the firewall. I can''t
seem to get the sip helper to mark the SIP packets though.
I have an ftp client on a different Vserver guest on the firewall. If
I put ftp in the HELPER column of tcrules I can mark those packets.
With sip in the HELPER column though nothing happens.
Attached is a "shorewall dump > dump.txt"
2012 Jun 13
3
Default Route disappear
Hi
I have a default route to 192.168.1.1 as soon as I start shorewall the
default route dissapear. What do I need to do to have it not disappear.
Kind Regards
My network setup
/etc/network/interfaces:
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.17
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
2012 Jun 06
5
Error when upgrade from shorewall-4.4.13-3 to shorewall-4.5.2.3-1
Dear All,
I try to upgrade, my old shorewall from 4.4.13-3 to 4.5.2.3-1 on CentOS,
after upgrade i can''t start shorewall with this message:
"/Shorewall: Address Ranges require the Multiple Match capability in
your kernel and iptables/"
I try to search on the net about this, but no still no light. Somebody
can help me?
Great appreciate for any help.
Regards,
2012 May 08
1
kernel: ip_tables: MARK target: only valid in mangle table, not filter
When Shorewall refreshes the config I get following in the log..
kernel: ip_tables: MARK target: only valid in mangle table, not filter
logger: Shorewall refreshed
Is that something I should worry about?
Thanks
P.S.
shorewall version
4.5.0.2
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the
2012 Aug 21
1
online manpage broken link.
Tom,
There appears to be a broken link on the online manpage for
shorewall.conf
http://www.shorewall.net/manpages/shorewall.conf.html
"
*GEOIPDIR*=[/pathname/]
Added in Shorewall 4.5.4. Specifies the pathname of the directory
containing the /GeoIP Match/ database. See
http://www.shorewall.net/ISOCODES.html. If not specified, the
default value is
2012 May 04
1
shorewall and snmp managed hardware routers
any howto for this ?
will shorewall-lite with ssh work if the hardware router have ssh login
?
just imho ssh commands is not iptables at all :(
even the router is linux kernels, any google hints ?
--
Benny Pedersen
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today''s
2012 Aug 28
1
psad Error
Just installed psad and am testing it. This morning I awoke to an email saying:
[-] You may just need to add a default logging rule to the /sbin/ip6tables
''filter'' ''INPUT'' chain on hydra. For more information,
see the file "FW_HELP" in the psad sources directory or visit:
http://www.cipherdyne.org/psad/docs/fwconfig.html
Well I have
2012 Jul 07
1
Web document correction
On http://www.shorewall.net/ISO-3661.html in the ''Introduction'',
shouldn''t that /etc/shorewall/rules instead of /etc/shorewall/tcrules ?
Bill
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today''s security and
threat landscape has changed and how IT
2012 Aug 20
2
DDoS
I know someone who for the past 4 days has been having the heck ddosed out of him. He runs a gaming server, and ran a report on the ddos; he has 8 pages of that and a few hours ago there were 16 pages. They''re attacking his machine on random ports and he blocks UDP traffic on those ports, but they keep attacking on other ports. So far he''s banned over 800,000 IP''s.
2012 May 17
3
modules ?INCLUDE
I''m using Roberto''s squeeze repository on an old lenny VM that I just
updated from 4.5.2.something to 4.5.3. After the update I was seeing
this during start/restart:
Initializing...
/usr/share/shorewall/modules: line 19: ?INCLUDE: command not found
/usr/share/shorewall/modules: line 23: ?INCLUDE: command not found
/usr/share/shorewall/modules: line 27: ?INCLUDE: command not