similar to: catching DNAT''ed packet

Hi, I''m using following rule in /etc/shorewall/rules REJECT:ULOG:P2P loc net ipp2p:all ipp2p iptables -L : Chain loc2net (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ULOG all -- anywhere anywhere ipp2p v0.8.2--ipp2p ULOG

Dear all: Im using shorewall 2.0.3a (debian) w/ ULOG. shorewall starts ok, and the firewall is running, but nothing is printed on the logs. I try, for example, to do a connection to a port that is opened on the server but closed by the FW and I get a connection refused. If I stop the firewall, this port is accesible from the outside. I think I''ve followed all the steps on

Dear List! I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection to the Internet (ppp0 - eth1 to the modem) and a bridge to the local lan. The bridged config i''ve made with bridge.html from the shorewall site. The Bridge is between local net and a openvpn tap device. This works. I ccan make tunnels, and a can make a lot of things through the firewall. I can get a list

Hi. I have strange troubles with DNATing UDP packets. The situation: 1. We have local network 10.10.0.0/16 2. We have a "server network" 192.168.1.0/25 connected with local network by a router 10.10.100.1 (other ip 192.168.1.1). 3. Web server is located at 192.168.1.2 4. There are HW pingers in the net 10.10.0.0/16 whose do ping 10.10.100.1 every second. The ping is the UDP packet

I have a simple DHCP range . option routers 192.168.1.1; subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.60 192.168.1.129; range 192.168.1.150 192.168.1.199; } So I want to add a range 192.168.2.1 -> 192.168.2.254 so I did this: subnet 192.168.1.0 netmask 255.255.254.0 { range 192.168.1.60 192.168.1.129; range 192.168.1.150 192.168.1.199;

Hi guys, i have a problem with a configuration what i''m trying to do. I have two computers with linux, A and B, connected in the same network with this configuration: PC1 A: 192.168.192.1 PC2 B: 192.168.192.30 The PC1 A is a firewall doing nat... this one is connected to the internet via an adsl modem and of course it have its own public ip , and the router B is a smtp server but

Hi, I''m running Slackware 13.37 x86 using Shorewall 4.4.21 with OpenVPN and the VPN options I''m using in Slackware 13.37 will not work in Shorewall, but in Slackware 13.1 using the same Shorewall version and files, the ''interfaces'', ''policy'' and ''zone'', are all I have configured, it was working and this also works in Arch at

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=62 Summary: I patched the iptables-restore and liblptulog for string included "," " Product: iptables userspace Version: 1.2.7a Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2

http://bugzilla.netfilter.org/show_bug.cgi?id=591 Summary: NAT REDIRECT target does not always work Product: netfilter/iptables Version: unspecified Platform: i386 OS/Version: Debian GNU/Linux Status: NEW Severity: major Priority: P1 Component: NAT AssignedTo: laforge at netfilter.org

Dear Simon, > And can you diff the config of eno1 and eno4. # pwd /etc/sysconfig/network-scripts # diff -u ifcfg-eno1 ifcfg-eno4 --- ifcfg-eno1??? 2020-09-21 17:23:25.576672703 +0200 +++ ifcfg-eno4??? 2020-09-22 07:18:43.160532532 +0200 @@ -3,15 +3,20 @@ ?BROWSER_ONLY=no ?BOOTPROTO=none ?DEFROUTE=no -IPV4_FAILURE_FATAL=yes -IPV6INIT=no -IPV6_AUTOCONF=no +IPV4_FAILURE_FATAL=no

Dear Simon, every second IP-address is unwanted. We restarted? eno4: nmcli con down eno4; nmcli con up eno4 and the second address vanishes. Then after a few ours, the second ip address reappears. This is the config-file of eno2: # cat ifcfg-eno2 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=yes IPV6INIT=no IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes

I'm finally moving to ad, after way way too long. I did the classic upgrade, and my existing PC's all can log in fine. I can make new user accounts, and log in on those machines fine. My ddns (with bindz) seems to be working, and I do see new ip addresses pop up in there. The problem is I can't add a new Windows machine to the domain. When I trying joining the domain from Windows

Hi, I have the following situation: I've installed Asterisk at Machine 1 (M1 - IP: 192.168.1.145) and X-Lite (X_lite-Xten-Win32-1103m.exe from www.xten.com) at Machine 2 (M2 - IP: 192.168.1.100) and Machine 3 (M3 - IP: 192.168.1.200). I need to catch the SIP and MGCP messages that will appear when M2 calls to M3 and vice versa. The SIP messages are working (I don't have problems with the

Hi All. This has got me stumped!!! I created a share the other day like I do all the time. There's about 10 users in the group. All of them can access the share fine, except for one guy. He's a valid user and has many other share drives on this system that are working fine. All 10 users are using a Windows XP platform. The log.smbd has an entry like this for his requests:

Here's the problem my sipura 2000 is setup on Nat Network in my office and my Asterisk Server is setup also on Nat Network at home the sipura can register and get calls but no audio comes in and out of the sipura and when i dial local extensions on the sipura i get this error message. any suggestions on what i can try as work around. *CLI> NOTICE[1158921008]: File chan_sip.c, Line 5394

Hello, I want to use Dovecot as a POP3 proxy (http://wiki.dovecot.org/HowTo/ImapProxy). All is working fine on my sample platform, except that I have plenty (several thousands) of users that login using local_part#domain, instead of local_part at domain, which is an old setting on my POP3 server. And in that case, Dovecot returns 'Authentication failed'. Here is my proxy table :

http://bugzilla.netfilter.org/show_bug.cgi?id=793 Summary: ulogd -d does not close all fds Product: ulogd Version: SVN (please provide timestamp) Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ulogd AssignedTo: netfilter-buglog at lists.netfilter.org

I''m trying to get Shorewall to use ulogd for logging, but I''m not seeing any logging in either the file I set up for logs, nor in /var/log/messages (where the logs used to be). I''m running a stock Debian 3.0 woody system, with a custom 2.4.21 kernel. I used all the settings as described on shorewall.net when configuring the kernel. ulogd (0.97-1) and shorewall

While I''m in temporary retirement, I''ve decided spend a little time experimenting with new things and making some updates to the web site. The biggest result of this effort to date has been: http://shorewall.sf.net/Shorewall_Squid_Usage.html This outlines how to use Squid as a transparent proxy running on the firewall, in the DMZ or in the local network. In the latter two

Dear All, I''m using the kernel 2.6.6, iproute2-2.4.7.20020116, iptables v1.2.9, and gentoo. I have a leased-line 64 kbps. I can see the counter works in iptables, but in the htb, it doesn''t go to the right class (it always go to the default class). Any help will be appreciated here''s my htb conf #!/bin/bash tc qdisc del dev eth1 root tc qdisc add dev eth1 root