Displaying 20 results from an estimated 100 matches similar to: "[Bug 1070] New: NETMAP "to" address is not separated from previous output while listing NAT rules"
2004 Mar 19
6
Anyone want to test NETMAP?
If you are interested in helping with testing new features, please look
at http://shorewall.net/netmap.html. If you have a need for this type of
network-level address mapping and/or are in a position to test it please
let me know.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2019 May 21
0
[Bug 1339] New: NETMAP feature, using a displaced mask fail.
https://bugzilla.netfilter.org/show_bug.cgi?id=1339
Bug ID: 1339
Summary: NETMAP feature, using a displaced mask fail.
Product: netfilter/iptables
Version: unspecified
Hardware: All
OS: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: unknown
Assignee:
2019 May 09
0
[Bug 1337] New: NETMAP feature, using a displaced mask fail.
https://bugzilla.netfilter.org/show_bug.cgi?id=1337
Bug ID: 1337
Summary: NETMAP feature, using a displaced mask fail.
Product: iptables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: iptables
Assignee: netfilter-buglog at
2007 Jun 01
0
netmap feature request
Tom,
how hard would it be to add destination and source columns in the NETMAP
configuration file? I have an openvpn tunnel interface I use for three
different branches - but one of them CANNOT be netmap''ed. In the lack of
those columns, I had to use a started script that inserts a RETURN target
in the first line of the nat tun0_in and tun0_out chains.
Thanks for all the good
2013 Sep 10
4
[Bug 850] New: DNAT applied even after deleting the IP Tables DNAT Rule
https://bugzilla.netfilter.org/show_bug.cgi?id=850
Summary: DNAT applied even after deleting the IP Tables DNAT
Rule
Product: iptables
Version: 1.4.x
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P5
Component: iptables
AssignedTo: netfilter-buglog at
2004 Nov 15
3
source policy routing going to wrong path
Hi,
Below is my Linux firewall network configuration: -
eth0 - isp 1, IP: 1.1.1.10, Netmask: 255.255.255.252
eth1 - isp 2, IP: 2.2.2.10, Netmask: 255.255.255.252
eth2 - lan, IP: 172.16.0.254, Netmask: 255.255.255.0
eth3 - dmz, 192.168.0.254, Netmask: 255.255.255.0
isp 1 gateway: 1.1.1.9
isp 2 gateway: 2.2.2.9
Below is my iptables rules: -
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables
2013 Feb 22
1
Variables within Manifests question
Hello all
Can someone please help me or answer if this is possible
I''m using the puppet forge IIS module, and want to use variables within the
syntax dependent up ip address
for example:
colo_a = 1.1.1.0
colo_b = 2.2.2.0
if $network_local_area_connection = 1.1.1.0
add colo_a
elseif $network_local_area_connection = 2.2.2.0
add colo_b
iis_site {''mysite.co.uk'':
2003 Oct 17
5
Question on sNAT for multiple external subnets
I''m wondering if the following is possible under recent versions of
shorewall:
1. We have several class-C networks from both UUNet and Internap, both of
which are actually routed over a single inbound ethernet line from UUNet
at our colocation facility: 204.176.148.0/23 and 216.52.83.0/24. This
gives us a total of 3 class-C subnets. All packets for these three subnets
would land on
2004 Nov 24
6
Route first or NAT?
Hi,
I''m trying to use shorewall for a RAS dialup solution
We have networks we need to connect to with the same ranges internally
(i.e. 2 separate users with a 192.168.0.0/24 range). We connect to these
via a pptp tunnel (or isdn)
The problem we have is that we need to access these networks all the
time, so allocate them a range from our internal range. This will then
be NATed to the
2005 Nov 09
5
What Cisco calls ''Overloading NAT''??
Hi,
Is there a way in Linux to do NAT with a pool of outside addresses such
that each connection to the outside resource gets a different IP address??
I don''t want 1:1 NAT as I have some thousands of IP addresses on one side
of the LARTC router that _may_ need to access a resource on the other
side... The resource needs to see a different IP address for each active
call, but these
2003 Feb 27
1
Routing for multiple uplinks/providers
Hi, I read the howto of iproute, I have the same case with HOWTO, the
difference is that the whole incoming traffic goes through interface 0, the
other difference is that I do not want to balance the out going traffic,
because I have specific networks to take it throughout another interface.
Mi Case
IF1 --> Input and Output
IF2 --> Only aoutput for three Network
I need Help, How can I
2004 Aug 15
1
Error: iptables: No chain/target/match by that name
Hi, I have a problem installing Shorewall 2.0.7 on a box, when I launch it I have:
Initializing...
Shorewall has detected the following iptables/netfilter capabilities:
NAT: Available
Packet Mangling: Available
Multi-port Match: Available
Connection Tracking Match: Available
Determining Zones...
Zones: net loc
Validating interfaces file...
Validating hosts file...
Validating Policy
2007 Apr 18
1
[Bridge] help setting up a linux bridge with spanning tree to allow multiple vlans accross multiple uplinks
For easy reading: http://www.karthaus.nl/r/
Hi,
We used to have 1 single ip range (1.1.1.0/24) that had one uplink to a =
switch of the colocation provider.
Recently we got a second range 2.2.2.0/24 and a redundant uplink =
directly on two routers. But our switch does not have spanning tree =
protocol support so we cannot use them redundantly.
We have set up the switch to have a vlan for both
2005 May 05
4
Twice NAT Possible
Hi all,
I have had shorewall running successfully for over two years, its a
great firewall! I have a NAT question that I cannot seem to find the
answer to, and I was hoping someone could give me a hand. I have
recently learned of a type of NAT called "Twice NAT", it which when a
specific DNS address is requested, the information is forwarded on. I
have outlined what I would
2017 Jan 27
0
[ANNOUNCE] iptables 1.6.1 release
Hi!
The Netfilter project proudly presents:
iptables 1.6.1
iptables is the userspace command line program used to configure the
Linux 2.4.x and later packet filtering ruleset. It is targeted towards
system administrators.
This update contains accumulated bugfixes, several new extensions and
lots of translations via iptables-translate to ease migration to
nftables.
See ChangeLog that comes
2003 Apr 15
3
SNAT or DNAT or what?
Hello,
I have a Debian-Woody-3.0 Router with 3 NIC''s.
Kernelversion 2.4.18
+------------+ +-------------+
| | | |
|192.168.1.1 | | 192.168.2.1 |
| DSL-Router | | ISDN-Router |
+------------+ +-------------+
| |
2003 May 07
1
Problem with third link in multiple uplink configuration
Hello!
I have access server with 4 uplinks (nice, huh?). I ran RedHat 7.3.
Yesterday I did an upgrade to RedHat 9.
After upgrade Linux says the third link is bad:
# ip route show
2.2.2.0/30 dev eth2 scope link src 2.2.2.2
4.4.4.0/30 dev eth4 scope link src 4.4.4.4
3.3.3.0/29 dev eth3 scope link src 3.3.3.3
1.1.1.0/28 dev eth1 scope link src 1.1.1.1
10.1.1.0/24 dev eth0 scope link
2018 Jan 16
0
Squid + wccp + firewalld
Hi Everyone,
I'm trying to get squid + wccp on a Centos 7 box working with a Cisco
router. I've done this before several times using Centos 6 and
iptables, but never on Centos 7 with firewalld.
I've searched far and wide for clear, concise instructions on how to do
what I want in Centos 7. I've pieced together what I've found to come
up with what I thought should work.
2020 Jun 06
0
[ANNOUNCE] nftables 0.9.5 release
Hi!
The Netfilter project proudly presents:
nftables 0.9.5
This release contains fixes and new features available up to the Linux
kernel 5.7 release.
* Support for set counters:
table ip x {
set y {
typeof ip saddr
counter
elements = { 192.168.10.35, 192.168.10.101, 192.168.10.135 }
}
2011 Jun 30
6
puppet autosign by VLAN IP
Hi,
Can puppet autosign work by giving vlan IP instead of domain?
For example, in the autosign.conf file, instead of using
*.mydomain.org, I want to give 172.18.133.*
But it does not seem to work if I give the IP address. But I don''t
want to limit the client from *.mydomain.org by only allow certain
vlan client not all the are in the same domain.
Thanks,
-Haiyan
--
You received this