Displaying 20 results from an estimated 200 matches similar to: "Error message starting Shorewall with TC simple enabled"
2011 Apr 23
6
TC: Simple and complex configs interplay
Hello,
From a user perspective, the simple (tcpri) and complex TC configs
offers two rather distinct choices. A user can very well be OK with
only using the simple way and that''s very fine. Then again, even in
doing so, the more complex config options are available. What is the
interplay between the two as far as having some parameters configured
in both at the same time ? So far
2012 Nov 20
3
Simple Traffic Shaping Problem
Hello,
I have a problem with simple traffic shapping in shorewall, my current
configuration is:
zones
vlan10 ipv4 #
interfaces
vlan10 vlan10 detect tcpflags,routeback
shorewall.conf
TC_ENABLED=Simple
tcinterfaces
vlan10 Internal 1mbit:50kb
shorewall show tc
Device vlan10:
qdisc prio 5: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
2012 Sep 20
1
Debian Lenny very simple traffic shaping not working
Hi,
I am trying to do the simplest configuration of traffic shaping.
So I did:
shorewall.conf
TC_ENABLED=Simple
tcinterfaces
eth0.2 External 500kbit
tcdevices
eth0.2 500kbit 200kbit
And I am testing the speed on that interface - whether I did it ok or not,
and my speed is still 4mbit/512kbit.
So the question is - How to reduce the speed on interface connected
2009 Mar 24
4
cls_flow
Hello Tom,
On the page 'http://lwn.net/Articles/313328/' i found info about changes
in 'cls_flow.c' in kernel-2.6.29:
net/sched/cls_flow.c | 4 +-
and may be now it will work properly to everyone's entertainment.
Thank you,
Alex
---
Прогноз погоды ТУТ - http://pogoda.tut.by
2013 Jun 05
8
btrfs raid1 on 16TB goes read-only after "btrfs: block rsv returned -28"
Dear Devs,
I have x4 4TB HDDs formatted with:
mkfs.btrfs -L bu-16TB_0 -d raid1 -m raid1 /dev/sd[cdef]
/etc/fstab mounts with the options:
noatime,noauto,space_cache,inode_cache
All on kernel 3.8.13.
Upon using rsync to copy some heavily hardlinked backups from ReiserFS,
I''ve seen:
The following "block rsv returned -28" is repeated 7 times until there
is a call trace
2012 Jun 27
0
Shorewall 4.5.5.2
Shorewall 4.5.5.2 is now available for download.
Problems Corrected:
1) Previously, when ipp2p was used in the /etc/shorewall/tcpri file,
the generated code for saving the packet mark was clearing the
connection marks fields not having to do with traffic shaping. It
now only alters the traffic-shaping part of the connection mark.
2) Shorewall 4.4.11 allowed UID and GID ranges
2012 Jun 06
5
Error when upgrade from shorewall-4.4.13-3 to shorewall-4.5.2.3-1
Dear All,
I try to upgrade, my old shorewall from 4.4.13-3 to 4.5.2.3-1 on CentOS,
after upgrade i can''t start shorewall with this message:
"/Shorewall: Address Ranges require the Multiple Match capability in
your kernel and iptables/"
I try to search on the net about this, but no still no light. Somebody
can help me?
Great appreciate for any help.
Regards,
2012 Jul 05
11
testing shorewall6 on a virtual machine
I want to test shorewall6 in a scenario with several virtual machines. Each virtual machine has the interface eth0.
With IPv4, I would assign an IP-alias to eth0:1 and so would have eth0 and eth0:1 as interfaces for shorewall6.
How is this done with IPv6?
Viele Grüße
Andreas Rittershofer
--
------------------------------------------------------------------------------
Live Security
2012 Jul 31
11
A lot of kernel martian source messages in /var/log/messages
Hi all:
I see a lot of the errors below in /var/log/messages on my firewall:
Aug 1 00:47:44 munin kernel: [109008.257109] martian source 192.168.1.5 from 127.0.0.1, on dev eth1
Aug 1 00:48:44 munin kernel: [109068.257384] martian source 192.168.1.5 from 127.0.0.1, on dev eth1
Aug 1 00:49:44 munin kernel: [109128.257509] martian source 192.168.1.5 from 127.0.0.1, on dev eth1
Aug 1 00:50:44
2012 May 18
11
Shorewall 4.5.4 Beta 3
4.5.4 Beta 3 is now available for testing. I apologize for the
back-to-back Betas but I guess it''s better to find these problems during
the Beta period rather than later.
Problems corrected:
1) This release includes all defect repairs from Shorewall 4.5.3.1.
2) When EXPORTMODULES=No in shorewall.conf, the following errors were
issued:
/usr/share/shorewall/modules: line 19:
2012 May 18
11
Shorewall 4.5.4 Beta 3
4.5.4 Beta 3 is now available for testing. I apologize for the
back-to-back Betas but I guess it''s better to find these problems during
the Beta period rather than later.
Problems corrected:
1) This release includes all defect repairs from Shorewall 4.5.3.1.
2) When EXPORTMODULES=No in shorewall.conf, the following errors were
issued:
/usr/share/shorewall/modules: line 19:
2012 Jan 11
0
Shorewall 4.5.0 Beta 3
Beta 3 is now available for testing.
Problems Corrected:
1) The value ''0'' is once again accepted in the IN_BANDWIDTH columns of
tcinterfaces and tcrules, and causes no ingress policing to be
configured.
2) MARK_IN_FORWARD_CHAIN=Yes no longer generates an error when
$FW:<address> is entered in the SOURCE column of the tcrules file.
New Features:
1) The
2012 Jan 11
0
Shorewall 4.5.0 Beta 3
Beta 3 is now available for testing.
Problems Corrected:
1) The value ''0'' is once again accepted in the IN_BANDWIDTH columns of
tcinterfaces and tcrules, and causes no ingress policing to be
configured.
2) MARK_IN_FORWARD_CHAIN=Yes no longer generates an error when
$FW:<address> is entered in the SOURCE column of the tcrules file.
New Features:
1) The
2012 May 31
5
Shorewall + squid + multi isp
Hello all,
I''m reading the nice documentation about shorewall with multi isp. And I wonder about squid (non transparent) and shorewall
Can I use on same machine, squid with ldap ident, dansguardian, and shorewall with multi-isp (four or five) ? Perhaps there is a problem because squid mask source IP, shorewall can maintain and load balance sessions for the same source IP ?
Thanks Fred
2012 May 08
19
Shorewall, TPROXY, Transparent Squid and Multiples ISP
Hello,
I wonder if someone could use the TPROXY with Shorewall and
transparent Squid with using the routing rules on shorewall
(tcrules) for hosts / networks (LAN) with multiples providers (WANs)
directly from the internal network on port 80 (with TPROXY
transparent squid or REDIRECT).
On this issue, the routing rules is not work propertly because the
source is the
2012 Jun 13
3
Default Route disappear
Hi
I have a default route to 192.168.1.1 as soon as I start shorewall the
default route dissapear. What do I need to do to have it not disappear.
Kind Regards
My network setup
/etc/network/interfaces:
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.17
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
2014 Jan 30
2
CentOS 6.5: NFS server crashes with list_add corruption errors
Hi,
I'm running CentOS 6.5 as NFS server (v3 and v4) and exporting Ext4 and
XFS filesystem.
After many months that all works fine today the server crash:
Jan 30 09:46:13 qb-storage kernel: ------------[ cut here ]------------
Jan 30 09:46:13 qb-storage kernel: WARNING: at lib/list_debug.c:26
__list_add+0x6d/0xa0() (Not tainted)
Jan 30 09:46:13 qb-storage kernel: Hardware name: PowerEdge
2012 Jul 13
4
Multiple Wifi Profiles
This may not necessarily be the best place to ask this, but I''ve tried the Admin Guide, LinuxQuestions and Debian forums and no one knows.
Running Debian Testing, and I need to set up two profiles for my wifi adapter, one for home and one for any open AP. I''m using the manual method of configuring, editing the /etc/wpa_supplicant/wpa_supplicant.conf and /etc/network/interfaces
2012 Sep 03
10
Shorewall 4.5.8 Beta 1
Shorewall 4.5.8 Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) This release includes the defect repair from Shorewall 4.5.7.1.
2) The restriction that TTL and HL rules could
2012 Sep 03
10
Shorewall 4.5.8 Beta 1
Shorewall 4.5.8 Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) This release includes the defect repair from Shorewall 4.5.7.1.
2) The restriction that TTL and HL rules could