Displaying 20 results from an estimated 3000 matches similar to: "DDoS"
2012 Jun 05
2
Anti DDOS rules
Hi,
How can I tell shorewall to block any ip address if it generate x no of
request within x no of seconds. I want to filter SYN, ICMP and HTTP Get
floods etc. Is it possible have a minimum local level deterrence against
ddos attacks at firewall level?
--
AzfarHashmi
Cloudways
Your Managed Cloud
e: azfar.hashmi@cloudways.com
w: www.cloudways.com <http://www.cloudways.com>
PGP
2012 Apr 30
4
Shorewall under xen
Hi All
It''s about time to upgrade my shorewall routers again so thinking of possible
changes.
In our main office have managed switches and 5 xen servers.
I''m thinking of running the firewall/router under xen.
Don''t have all the details figured out but this is roughly what I''m thinking
of:
Set up separate vlan for the two isps and plug isps into the switch.
2012 May 08
19
Shorewall, TPROXY, Transparent Squid and Multiples ISP
Hello,
I wonder if someone could use the TPROXY with Shorewall and
transparent Squid with using the routing rules on shorewall
(tcrules) for hosts / networks (LAN) with multiples providers (WANs)
directly from the internal network on port 80 (with TPROXY
transparent squid or REDIRECT).
On this issue, the routing rules is not work propertly because the
source is the
2012 Jun 06
5
Error when upgrade from shorewall-4.4.13-3 to shorewall-4.5.2.3-1
Dear All,
I try to upgrade, my old shorewall from 4.4.13-3 to 4.5.2.3-1 on CentOS,
after upgrade i can''t start shorewall with this message:
"/Shorewall: Address Ranges require the Multiple Match capability in
your kernel and iptables/"
I try to search on the net about this, but no still no light. Somebody
can help me?
Great appreciate for any help.
Regards,
2012 Jul 05
11
testing shorewall6 on a virtual machine
I want to test shorewall6 in a scenario with several virtual machines. Each virtual machine has the interface eth0.
With IPv4, I would assign an IP-alias to eth0:1 and so would have eth0 and eth0:1 as interfaces for shorewall6.
How is this done with IPv6?
Viele Grüße
Andreas Rittershofer
--
------------------------------------------------------------------------------
Live Security
2012 Jul 31
11
A lot of kernel martian source messages in /var/log/messages
Hi all:
I see a lot of the errors below in /var/log/messages on my firewall:
Aug 1 00:47:44 munin kernel: [109008.257109] martian source 192.168.1.5 from 127.0.0.1, on dev eth1
Aug 1 00:48:44 munin kernel: [109068.257384] martian source 192.168.1.5 from 127.0.0.1, on dev eth1
Aug 1 00:49:44 munin kernel: [109128.257509] martian source 192.168.1.5 from 127.0.0.1, on dev eth1
Aug 1 00:50:44
2012 May 18
11
Shorewall 4.5.4 Beta 3
4.5.4 Beta 3 is now available for testing. I apologize for the
back-to-back Betas but I guess it''s better to find these problems during
the Beta period rather than later.
Problems corrected:
1) This release includes all defect repairs from Shorewall 4.5.3.1.
2) When EXPORTMODULES=No in shorewall.conf, the following errors were
issued:
/usr/share/shorewall/modules: line 19:
2012 May 18
11
Shorewall 4.5.4 Beta 3
4.5.4 Beta 3 is now available for testing. I apologize for the
back-to-back Betas but I guess it''s better to find these problems during
the Beta period rather than later.
Problems corrected:
1) This release includes all defect repairs from Shorewall 4.5.3.1.
2) When EXPORTMODULES=No in shorewall.conf, the following errors were
issued:
/usr/share/shorewall/modules: line 19:
2012 May 31
5
Shorewall + squid + multi isp
Hello all,
I''m reading the nice documentation about shorewall with multi isp. And I wonder about squid (non transparent) and shorewall
Can I use on same machine, squid with ldap ident, dansguardian, and shorewall with multi-isp (four or five) ? Perhaps there is a problem because squid mask source IP, shorewall can maintain and load balance sessions for the same source IP ?
Thanks Fred
2012 Jun 13
3
Default Route disappear
Hi
I have a default route to 192.168.1.1 as soon as I start shorewall the
default route dissapear. What do I need to do to have it not disappear.
Kind Regards
My network setup
/etc/network/interfaces:
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.17
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
2012 Sep 03
10
Shorewall 4.5.8 Beta 1
Shorewall 4.5.8 Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) This release includes the defect repair from Shorewall 4.5.7.1.
2) The restriction that TTL and HL rules could
2012 Sep 03
10
Shorewall 4.5.8 Beta 1
Shorewall 4.5.8 Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) This release includes the defect repair from Shorewall 4.5.7.1.
2) The restriction that TTL and HL rules could
2012 Jul 13
4
Multiple Wifi Profiles
This may not necessarily be the best place to ask this, but I''ve tried the Admin Guide, LinuxQuestions and Debian forums and no one knows.
Running Debian Testing, and I need to set up two profiles for my wifi adapter, one for home and one for any open AP. I''m using the manual method of configuring, editing the /etc/wpa_supplicant/wpa_supplicant.conf and /etc/network/interfaces
2012 May 17
3
modules ?INCLUDE
I''m using Roberto''s squeeze repository on an old lenny VM that I just
updated from 4.5.2.something to 4.5.3. After the update I was seeing
this during start/restart:
Initializing...
/usr/share/shorewall/modules: line 19: ?INCLUDE: command not found
/usr/share/shorewall/modules: line 23: ?INCLUDE: command not found
/usr/share/shorewall/modules: line 27: ?INCLUDE: command not
2012 Sep 05
2
DNAT issue
Hi,
Sorry, not an experienced shorewall user, this is my first basic setup.
This starts to drive me crazy.
I wanted to use DNAT to forward port 33890 to an internal machine (windows)
port 3389. To reach my workstation when I''m not home.
In my rules :
DNAT:debug net loc:192.168.0.11:3389 tcp 33890 -
pub.lic.ip.add
#SECTION BLACKLIST
#well known port scans
DROP net
2012 Jun 17
2
tcrules' SIP HELPER is not helping
Hello
Asterisk sits in a Vserver guest (192.168.3.9) on the firewall. I can''t
seem to get the sip helper to mark the SIP packets though.
I have an ftp client on a different Vserver guest on the firewall. If
I put ftp in the HELPER column of tcrules I can mark those packets.
With sip in the HELPER column though nothing happens.
Attached is a "shorewall dump > dump.txt"
2012 Sep 26
2
Error message starting Shorewall with TC simple enabled
Hi,
Hi, I get an error with TC Simple.
System:
shorewall 4.5.6.2
kernel 3.5.3
iptables 1.4.13
xtables 1.45
iproute2 3.5.1
OS: gentoo/linux amd64
when shorewall executes this command:
tc filter add dev eth0 protocol all prio 1 parent 1011: handle 1011 flow hash keys nfct-src divisor 1024
It fails with this error:
RTNETLINK answers: No such file or directory
We have an error
2012 Aug 29
2
tcclasses matching on the TOS field
Hello,
I am trying to set up traffic shaping/control for my voip connection.
I am running 4.4.22.3. Here is my current configuration:
--- tcdevices ---
#NUMBER: IN-BANDWITH OUT-BANDWIDTH OPTIONS REDIRECTED
#INTERFACE INTERFACES
eth1 2048kbps 1500kbps
-- tcclasses ---
#INTERFACE:CLASS MARK RATE: CEIL PRIORITY OPTIONS
# DMAX:UMAX
eth1 1 100kbps
2012 May 08
1
kernel: ip_tables: MARK target: only valid in mangle table, not filter
When Shorewall refreshes the config I get following in the log..
kernel: ip_tables: MARK target: only valid in mangle table, not filter
logger: Shorewall refreshed
Is that something I should worry about?
Thanks
P.S.
shorewall version
4.5.0.2
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the
2012 Aug 21
1
online manpage broken link.
Tom,
There appears to be a broken link on the online manpage for
shorewall.conf
http://www.shorewall.net/manpages/shorewall.conf.html
"
*GEOIPDIR*=[/pathname/]
Added in Shorewall 4.5.4. Specifies the pathname of the directory
containing the /GeoIP Match/ database. See
http://www.shorewall.net/ISOCODES.html. If not specified, the
default value is