similar to: Desktop Over NFS Home Blocked By Firewalld

On Fri, Nov 20, 2020 at 11:19 AM Frank Cox <theatre at sasktel.net> wrote: > > So firewalld is blocking something that the Fedora desktop needs. What > > is it? What services do I need to add to firewalls? > > https://www.cyberciti.biz/faq/enable-firewalld-logging-for-denied-packets-on-linux/ Hi Frank, Thanks for that tip. Here's what I get: Nov 20 12:03:15 goose

Le 23/05/2018 ? 16:36, Nux! a ?crit?: > Try "iptables -I INPUT" for your FTP rule. Doesn't work. I redirected all my errors to /var/log/messages, so here's what I get when I try to connect Filezilla to that server. May 23 16:48:58 c7-server kernel: +++ IPv4 packet rejected +++ IN=enp0s3 OUT= MAC=08:00:27:00:00:03:d4:85:64:b2:b2:1b:08:00 SRC=192.168.2.2 DST=192.168.2.12

Hi, I have CentOS 7 and I am trying to get dhclient hooks working. I have 1) created file /etc/dhcp/dhclient-enp4s0.conf, 2) created directories /etc/dhcp/{dhclient-enter-hooks.d, dhclient-exit-hooks.d}, 3) added line 'DHCLIENTARGS="-nc"' into file ifcfg-enp4s0 and 4) added file /etc/dhcp/dhclient-enter-hooks.d/test with line echo "executed enter-hook", 5) but I was

Hi, I am trying to configure the SMTP service on DMZ host. Added the rule: ACCEPT wan dmz:66.58.99.84 tcp pop3 - ACCEPT wan dmz:66.58.99.84 tcp 25 - ACCEPT dmz:66.58.99.84 wan tcp 25 - ACCEPT dmz:66.58.99.84 wan tcp pop3 - issued shorewall clear, shorewall restart, but still couldn''t telnet to the mail server

Hai,   Just a questions, this might be a bug, might not, but for this one i need some help.   Setup, debian 9.   Member server samba 4.9.3 AD DC servers samba 4.8.7   Im setting up the member with a very tight firewall, so nothing in/our/routed unless its defined. Im using UFW firewall for it.   I notice the following in my member its firewall logs, and this only happend when i run : id or

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=448 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- Component|ip_conntrack |nf_conntrack ------- Additional Comments From laforge@netfilter.org 2006-02-14 09:05 MET ------- ipv6 conntrack is

Here's the output: Feb 9 15:51:26 SSI001 kernel: SFW2-INext-ACC-TCP IN=eth0 OUT= MAC=00:0f:ea:73:88:12:00:40:2b:67:5b:a7:08:00 SRC=192.168.1.54 DST=192.168.1.2 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=51248 DF PROTO=TCP SPT=1964 DPT=139 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402) Feb 9 15:51:28 SSI001 kernel: SFW2-INext-ACC-TCP IN=eth0 OUT=

On 10/03/2016 07:00 PM, TE Dukes wrote: > /etc/sysconfig/ifcfg-eth1 > GATEWAY=192.168.1.1 ... > /etc/sysconfig/ifcfg-lo > GATEWAY=192.168.1.1 Don't specify GATEWAY in interface files where it isn't used. This should be set on eth0 only. > # brctl show > > bridge name bridge id STP enabled interfaces OK, so you don't have a bridge interface. If you want to

I have the problem when my localnetwork do telnet to the net Shorewall:FORWARD:REJECT:IN=eth0 OUT=eth2 my files are the following: policy #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST loc net CONTINUE info loc fw ACCEPT info loc loc ACCEPT loc dmz ACCEPT info fw

Hi all, I''m tring to isolate P2P traffic, specifically BitTorrent, for my QoS scripts. I can''t seem to completely isolate ALL BitTorrent traffic. I identify & mark packets and then use tc filters to put them into appropriate classes. My firewall rules (below) do the markings. My VoIP boxes'' and ICMP traffic get highest priority (mark 1). Then comes DNS, SSH,

Hello, I wanted to get an extra IP on my local NIC, so I ran `sudo ip addr add 192.168.1.130/24 dev enp4s0`. This didn't work as intended, so I thought I'd restart the Ubuntu system to have things back to how they were. Alas, this didn't happen. While the host still has network as usual, none of the VMs are able to get a DHCP lease from the router, or any connectivity at all. I can

Hello, when I execute "shorewall hits" command I find this stats: HITS IP DATE ---- --------------- ------ 92099 192.168.0.2 Nov 24 7764 59.104.107.85 Nov 23 3997 192.168.1.77 Nov 24 337 181.50.93.89 Nov 23 331 59.104.156.68 Nov 23 315 99.109.157.73 Nov 23 301 190.225.157.40 Nov 23 275 179.153.183.53 Nov 23 268

Hi everybody! I''m very happy with shorewall, seems to safe my computer well, a little bit to well. But i''m sure it''s a mistake of mine: I can''t get edonkey working! They say that edonkey needs the following ports enabled: 4665 udp in / out 3665,4665,7665,8665 udp out 4661,4662,4666 tcp in thats what i wrote in the rules file: ACCEPT fw net

I've been getting LOTS of messages like the below in the daily log, and from all indications, it appears to all be related to the cpu; the machine is just over a year old, and was the old vortex.wa4phy;net server from the downtown co-lo site. Aside from huge log files, and lots of other fluff, numerous problems of other nature have started cropping up. Anyone have any suggestions as to

I can see, that theres a program that keeps sending packets on port 25: Dec 27 14:11:46 a kernel: [ 6336.992320] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=61533 DF PROTO=TCP SPT=37263 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 Dec 27 14:12:01 a kernel: [ 6352.635704] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=55853

Hi All , My first message and I have a little problem with my FC6 box trying to block emule traffic using layer7 . Here my network : Internet --------- ADSL Router ------------------- FC6 Box -------------------- Emule Box external ADSL : Dynamic Internal ADSL : 192.168.254.1 external FC6 : 192.168.254.3 internal FC6 : 192.168.253.1 Emule Box : 192.168.253.3 I guess that everything

I'm looking for some information regarding the interaction of KVM, VLANs, firewalld, and the kernel's forwarding configuration. I would appreciate input especially from anyone already running a similar configuration in production. In short, I'm trying to figure out if a current configuration is inadvertently opening up traffic across network segments. On earlier versions of CentOS

Dear List! I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection to the Internet (ppp0 - eth1 to the modem) and a bridge to the local lan. The bridged config i''ve made with bridge.html from the shorewall site. The Bridge is between local net and a openvpn tap device. This works. I ccan make tunnels, and a can make a lot of things through the firewall. I can get a list

Hi My situation: I have two pc''s with public ip''s (192.159.56.206(webserver) and 84.196.123.65(mail-gateway)) in the dmz. The firewall (84.196.123.66) is configures with proxyarp, so nothing is changed on the pc''s from when they were not behind the firewall (i.e. they don''t have the firewall as gateway (and they each have different gateways, only 84.196.123.65

Hi, I have a install of shorewall I have 2 interfaces(I think) ppp0[connection device] and eth0 [LAN device], I want to allow all traffic from the the internet in or aleast port 80 and CVS and webmin and mail and everything normal to the main machine with shorewall on it. I changed to policy file but it just gave me errors as to double interfaces. I also what still to alow connection sharing