Displaying 20 results from an estimated 1000 matches similar to: "[Bug 1280] New: meta pkttype incompatible? with ingress"
2017 Apr 02
2
[Bug 1141] New: trace aborts using pkttype on ingress
https://bugzilla.netfilter.org/show_bug.cgi?id=1141
Bug ID: 1141
Summary: trace aborts using pkttype on ingress
Product: nftables
Version: unspecified
Hardware: x86_64
OS: other
Status: NEW
Severity: major
Priority: P5
Component: kernel
Assignee: pablo at netfilter.org
2018 Feb 19
0
[bt full included] imap-login: Panic: file client-common.c: line 272 (client_destroy): assertion failed: (client->create_finished)
Hi,
as discussed with cmouse on freenode two days ago please find attached
necessary debug information on a crashing imap-login process, that
appeared after upgrading to v2.3 (+ sieve). It is a standard setup in
combination with postfix and thunderbird, roundcube and K9(Android) as
imap clients. Panic happens 5-6 times a day, but no influence on user
experience. Unfortunately i have no idea
2004 Sep 27
1
Re: routing between networks on same
Hi Tom,
Thank you for your quick reply.
I aplied changes as you suppose, and now users can
comunicate each with others. - thank you very much.
I have just one aditional question regarding
PKTTYPE=No variable.
I didnt find it in shorewall.conf so I simply add it
at the end of conf file (above #Last line :-) ) So
question is it is standard feature of shorewall, and
from which version it is
2020 Aug 13
7
[Bug 1449] New: nft ipv4 set with interval issue
https://bugzilla.netfilter.org/show_bug.cgi?id=1449
Bug ID: 1449
Summary: nft ipv4 set with interval issue
Product: nftables
Version: unspecified
Hardware: x86_64
OS: other
Status: NEW
Severity: blocker
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2007 Jul 26
1
Re : DMZ and LOG
hello Tom
>Another very likely cause is that Shorewall-shell is generating a pkttype
>test to identify multicast packets. This can be unreliable and can be
>avoided by setting PKTTYPE=No in shorewall.conf.
After using PKTTYPE=No in shorewall.conf , my syslog is clean now.
Do you mean that adding the following line in /etc/shorewall/interfaces is suffiscient?
dmz eth1
2005 May 20
1
Shorewall 2.2.5
This will be my last 2.2 release. It contains a couple of small bug
fixes that I had laying around.
http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.5
ftp://shorewall.net/pub/shorewall/2.2/shorewall-2.2.5
1) Previously, if PKTTYPE=No in shorewall.conf then pkttype match would
still be used if the kernel supported it.
2) A typo in the ''tunnel'' script has been corrected
2018 Jul 25
1
[Bug 1272] New: netdev-ingress.nft is missing from files/netfilter/
https://bugzilla.netfilter.org/show_bug.cgi?id=1272
Bug ID: 1272
Summary: netdev-ingress.nft is missing from files/netfilter/
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at
2017 Apr 01
6
[Bug 1140] New: nft dump invalid (flow table)
https://bugzilla.netfilter.org/show_bug.cgi?id=1140
Bug ID: 1140
Summary: nft dump invalid (flow table)
Product: nftables
Version: unspecified
Hardware: x86_64
OS: other
Status: NEW
Severity: major
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2018 Mar 31
2
[Bug 1238] New: meta limits protocols when it shouldn't
https://bugzilla.netfilter.org/show_bug.cgi?id=1238
Bug ID: 1238
Summary: meta limits protocols when it shouldn't
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Fedora
Status: NEW
Severity: minor
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2005 Jul 02
6
Port redirection on standalone pc to pop3 proxy AV scanner
G''day all.
I''m trying to set up Clam AV scanning of incoming POP3 email to my
Thunderbird mail client; I have a standalone laptop with a 56k dialup
connection to my ISP.
I can''t seem to get port redirection working: I''m trying to redirect
incoming POP3 mail from my ISP''s mail server to p3scan which is
listening on 127.0.0.1:8110 and will do the AV
2017 Apr 02
6
[Bug 1142] New: invalid binop operation 6nft
https://bugzilla.netfilter.org/show_bug.cgi?id=1142
Bug ID: 1142
Summary: invalid binop operation 6nft
Product: nftables
Version: unspecified
Hardware: x86_64
OS: other
Status: NEW
Severity: major
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter:
2005 Feb 28
1
Mail server on DMZ
Hello,
I have this problem: when my mail server on the DMZ starts a connection to
the internet it''s ip (213.58.230.26) is "masqueraded" with the firewall ip
(213.58.230.50). I wouldn''t mind but there is a one customer who rejects the
connection because it makes reverse dns and finds no dns entry for the
firewall ip.
How can i correct this?
Thanks,
MSantos
shorewall
2010 Jul 15
1
Error using the mi package
I'm trying to impute data using the mi package, but after running
through almost the entire first round of imputations (which takes
quite a while), it throws this error (I'll include the whole output
prior to the error for context). Does anyone know what is causing it,
or how I can fix it?
More specifically, how can I tell what is throwing the error so I know
what to fix? Is
2004 Jul 21
2
Small Modification to the Shorewall Release Model
After gaining some experience with the new release model, it has become
apparent to me that a small adjustment is warrented. I previously
announced that updates to the stable release would only contain bug
fixes. I''m modifying that slightly to allow for small low-risk
enhancements; large and/or risky enhancements will still be restricted
to the development release.
We have seen this
2016 Oct 08
2
[Bug 1090] New: Named sets: comments disappear with flags interval
https://bugzilla.netfilter.org/show_bug.cgi?id=1090
Bug ID: 1090
Summary: Named sets: comments disappear with flags interval
Product: nftables
Version: unspecified
Hardware: x86_64
OS: other
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at
2014 Jun 26
2
Firewall question
I have a firewall rule to drop packets from certain addresses: (email spam)
my /etc/sysconfig/iptables begins as:
# Generated by iptables-save v1.4.7 on Thu Jun 26 09:11:09 2014
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1:148]
-A INPUT -m pkttype --pkt-type multicast -j ACCEPT
-A INPUT -s 223.255.229.0/24 -j DROP
-A INPUT -s 218.96.0.0/24 -j DROP
-A INPUT -s
2024 Feb 22
4
[Bug 1737] New: meta hour error with different time-zones
https://bugzilla.netfilter.org/show_bug.cgi?id=1737
Bug ID: 1737
Summary: meta hour error with different time-zones
Product: nftables
Version: 1.0.x
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2006 Jan 28
3
Shorewall/Xen setup (correct from-address this time)
(if this post gets line-feed-mangled please read
http://www.dl.reneschmidt.de/shorewallxenpost.txt - that''s an unmangled
version, thank you)
Hello,
first I would like to thank the Mr. Eastep and contributors for this great piece
of software and superb documentation.
I have a SOHO server (Debian testing) that I''m using for several purposes so
I''ve set up a Xen
2004 Nov 29
2
SFTP
(anonymous post) I have a simple 2 interface firewall setup and all is
good, almost. I am hosting virtual websites and DNS behind shorewall no
problem. However I am trying to use SFTP via a different port number and
have no luck even though Putty works well. Is there anything weird to
sftp and shorewall? My lab uses a different firewall (firestarter) and
it works OK.
I am using;
DNAT net
2004 Oct 07
3
builtin action dropBcast - How to disable? - I''m not subscribed to the mailing list
Hi all,
I''m using Fedora Core 2, kernel 2.6.5. I''ve
installed shorewall 2.1.9 from rpm package.
It seems that there is a builtin action called
"dropBcast" drops all broadcast packages on my
ethernet interfaces base on package type
"pkttype=broadcast". For a particular reason, I
need all traffics of broadcast packages are
allowed to pass my ethernet