similar to: [Bug 1227] New: Current conntrack state isn't considered when evaluating multiple SNAT rules

Displaying 20 results from an estimated 300 matches similar to: "[Bug 1227] New: Current conntrack state isn't considered when evaluating multiple SNAT rules"

2012 Sep 19
2
Unable to disable beeper on Powercom Imperial IMP-525AP
Hi ALL, Powercom Imperial IMP-525AP seems to be fully compatible with NUT. Unfortunately, I can not disable beeper. upscmd -u {NUT_USER} -p {NUT_PASSWORD} powercom beeper.toggle returns *OK*, however, ups.beeper.status=enabled Thank you, Sergey ========== Additional info: 1) $ upsc powercom battery.charge: 100 battery.charge.low: 10 battery.charge.warning: 30 battery.date: 2010/01/01
2005 Apr 07
0
2 isp feeds, 2 networks and 3 fw/routers
Hi, I''m seeking advice for the following setup. Shorewall 2.2.2, debian/sarge on Soekris net4501 boards. We have two ISP feeds (let''s call them ISP-1 and ISP-2) and get 8 static IPs with each feed. The plan is to have the publicly accessible servers sitting in the DMZ connected to ISP-1. Our local intranet (LOC) will be connected to ISP-2. There will be 3 firewall/routers: fw1
2006 Nov 22
2
Terrible, horrible firewall issues in * to * setup
My mission is to get one * box to dial another * box' extensions. I have set this up previously without any issues by making a simple IAX trunk/extension pair on the two boxes and create a dial plan with a prefix like 9|XXX to select an extension on the other box. My problem is that I now have to do this with extremely restrictive firewalls thrown into the mix - firewalls I have no control
2011 Jul 21
1
Unexpected shutdown begins for WOW-500U
G'day, all! I installed latest stable nut-2.6.1.tar.gz from source on Xenserver 5.6 SP2 (Linux xen-home 2.6.32.12-0.7.1.xs5.6.100.323.170596xen #1 SMP Fri Apr 8 07:25:07 EDT 2011 i686 athlon i386 GNU/Linux), my UPS is Powercom WOW--500U FW3.A4. All works almost fine but here are some troubles: when I pull the plug then upsd immediately starts (after FINALDELAY delaying) the procedure of
2011 Jul 21
1
Udev rules troubles: incorrect ACTION expression?
G'day, all! It's my second trouble with NUT. Latest nut-2.6.1.tar.gz installed from source on Xenserver 5.6 SP2, UPS is Powercom WOW--500U FW3.A4 (USB). Problem with setting permissions for udev (described in /etc/udev/rules.d/52-nut-usbups.rules file): ACTION!="add|change", GOTO="nut-usbups_rules_end" don't work for me. Only when I changed ACTION to:
2010 Jul 27
9
HVM Network Interfaces
Hi Everyone, In my HVM guest''s config file, I have given my guest 3 interface. I have called them fw1, fw2 and fw3. I have joined each interface to a bridge on the Dom0. This does appear when I do a "brctl show". However, there are 3 other interfaces also added called tapx.0,tapx.1 and tapx.2 (Where x is the domain ID for the guest). Furthermore, I am only able to run
2008 Nov 07
2
Multiple Zones in the same interface
Hi, I am trying something so easy but doesnt work for me. I want to have more than once zone in my lan, for example my lan es 192.168.0.0/24 and I want to have one zone for servers, other for admin Pcs. etc here is my conf: Interfaces: -------------- #ZONE INTERFACE BROADCAST OPTIONS - eth3 detect net eth1 detect norfc1918 net eth0
2007 Feb 24
0
source policy routing and SNAT - wrong hardware adress
Hi, when using diffrent routing tables, outgoing packets after SNAT always have hw-adresses as if the packed was coming from my machine. So a forwarded packet to default gw x on eth0 gets hw-adresses as if the same packet with origin loopback was routed to default gw y on network wlan0 which is diffrent. I do "ip rule add iif lo table mine" and some "ip route add ... table
2005 Nov 23
0
Source based routing, some TCP packets not SNAT-ed
Hello, I have a problem with the following setup, I hope you can help me. I have two internet gateways, one for LAN1 and the second for LAN2. +--------------+ GW1 more eth0| |eth4(SNAT) GW2 ---...routers...-----+ router +----------------- | | +---+------+---+ eth1|
2005 May 29
1
Routing for multiple uplinks and SNAT to 2 source IPs
Hi, I configured a router box to use 2 providers, as described in the HOWTO. (Apendix 1) I want to use both links to reach a single smtp server. As I read in the kptd and in some old messages of this list, doing a SNAT in the postrouting chain comes _after_ the routing desision. So I guess the following lines I''m trying to use are wrong. (See Apendix 1) What can I do to have multiple
2005 Jun 01
0
SNAT (or MASQUERADING) and DNAT question
Hi, The private adresses (192.168.254.0/255.255.255.0) of my network are sent dynamically by dhcp on my network. The dhcp server is on the firewall which address is 192.168.254.1/255.255.255.255 (this address is static). I''ve got a rsync server on this network which is on a separe server. His address is 192.168.254.200/255.255.255.255 (this address is static). I want that the users
2005 Feb 11
0
SNAT and multiply real addresses ?
hi, I have a real networks on the eth0 side and real network on the eth1 side. a.a.a.0/24 x.x.x.0/24 <eth0--SNAT-box--eth1:0> y.y.y.2/24 <====> y.y.y.1/24 <===>INTERNET z.z.z.0/24 I want to nat those behind eth0 to go out as y.y.y.0/24 (eth1 is with another address different gw and address, so that i''m using eth1:0 and separate rule&table) I''m currently
2005 Jun 24
1
SNAT multiple IP to single internal IP and limiting access based on external IP
Hello all, I have shorewall setup with 3 SNAT entries for external IP address''s to a single IP internal address. I am wondering how to limit access based on the source IP address. ex. EXT IP 1 access only to port 25 EXT IP 2 access only to port 443 EXT IP 3 access only to port 80 I have the SNAT setup correctly and I have 3 accept line in the rules file (25,80,443) but I can hit
2005 May 18
0
translation of a SNAT iptables script to the shorewall way
hi list, any idea how i can transcribe this simple iptables script to shorewall config? wich files should be modified ? iptables -A POSTROUTING -t nat -s 10.8.0.0/16 -j SNAT --to-source $SOURCEIP
2005 Jan 24
2
Migrate rules from iptables to shorewall - SNAT
Hi all, I''m using Shorewall since one year (1.4, then 2.0) I''m trying to migrate a linux firewall from iptables rules to shorewall. The firewall has three zones - net internet - loc1 lan - loc2 second lan I have a lot of rules like this, to SNAT the ip addresses of some computers on loc1 (192.168.16.0/24) when they connect to loc2 (10.0.0.0/8) iptables -v -t nat -I
2004 Nov 29
1
dynamic SNAT
Hу здpаcте shorewall-users, can i make subj with shorewall? i enabled iproute2 (i have dial-up and LAN) for some machine behind NAT. NAT network is 10.33.20.0/24 and ppp0 ip is given dynamicly sooo... for me to make machine with 10.33.20.10 ip to go throught new gate with given addres i need to perform subj (or so i think :-)). PS: i''m not a constant subscriber...
2012 Dec 06
0
[Bug 693] SNAT is failing to maquerade some TCP RST packets
http://bugzilla.netfilter.org/show_bug.cgi?id=693 Jozsef Kadlecsik <kadlec at netfilter.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |INVALID --- Comment #11 from Jozsef Kadlecsik
2012 Mar 05
0
masq and snat
Hi! Progress is much better now with my new install with not many problems left! I just have a simple - I hope - question. I have a few users that need access to the net via masquerade rules. The rest have to go via squid on the firewall. That all works well. I also have two windows servers that also need access to the net but they have to each use a specific outgoing ip address. I add two
2010 Mar 19
1
snat
Hi, I have two public ip''s and i want to dedicate one ip for incoming and outgoing to one server. I followed http://www.shorewall.net/shorewall_setup_guide.htm and used the example of the daughter system. I have a machine connected on vmbr0 with address 10.10.10.1 listening on port 80 www. Still I can''t connect to this system. I''m forgetting something? Sincerely,
2004 May 30
1
missing graphics with SNAT
Hi, NOTE: I''m not subscribed to the shorewall list, please cc me on your replies. I have a basic 2 interface system. The firewall (bastion host) has a: 1. eth0 - public address 2. eth1 - 192.168.1.0/24 subnet I''m using SNAT to allow the hosts on the internal network to get access to the web. It''s all working ok except for a few missing graphics on some web sites