Displaying 20 results from an estimated 1200 matches similar to: "[Fwd: [shorewall-coding] Shorewall2 functions, 1.39, 1.40]"
2004 Nov 28
5
include directive doesn''t expand parameters?
Hello all,
I tried to include a file from within the accounting config-file.
The filename was specified using a parameter in params as:
ACCFILE=/var/lib/shorewall/accounting.generated
and then included in accounting as:
INCLUDE $ACCFILE
However when (re)starting shorewall, it gave some error about being
unable to find ''/etc/shorewall/$ACCFILE'' (with the $ACCFILE parameter
2005 Jun 02
28
One Remaining Issue Regarding 2.4.0
I believe that 2.4.0 is about ready to be sent out the door. I''ve made a
couple of small changes since RC2 but I don''t believe that they warrant
another RC.
There remains the issue of what to do about support for Shorewall 2.0 given
that 2.2 has only been available since March.
It would be my recommendation to make 2.4 the new "stable" release but
continue to
2004 Nov 27
16
bridge and dynamically adding hosts to zones
Hi,
I''ve set up a bridge which connects two parts of the same subnet with
each other.
I''ve set up everything as described in the Documentation and it works
very nicely.
However: I have a problem with adding hosts to zones dynamically.
The zone I want to add hosts to is called ''work''.
Since only the bridge br0 is defined in /etc/shorewall/interfaces
2005 May 25
5
Patch to fix dynamic add/delete to zone functinality
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I''m running systems with openswan and modified _updown script supporting
shorewall dynamic hosts. Because on problems with cvs head version of
openswan I found a error from shorewall dynamic hosts support. When host
is already in zone shorewall aborts adding process with error. This is
not good thing(tm).
I found out that deleting host from
2004 Sep 23
9
help with a W2K VPN client 619 error and PPTP server
I''ve got what I think is a fairly simple home network configuration with one
Linux box functioning as the firewall, VPN server, DHCP server and
file/print server. I am having trouble configuring both a VPN server
(PopTop) and the firewall rules for a W2K PPTP VPN client. The VPN server
runs on the firewall machine and the VPN client runs on a W2K machine behind
the firewall. The VPN
2004 Jan 12
0
Shorewall2 -- now running on gateway.shorewall.net
I''ve gotten the basic code working on my firewall.
So that I can quickly get back online if I screw up, I''m currently calling it
shorewall2. That way if it screws up I can just "shorewall restart".
/sbin/shorewall2 -- command interpreter
/etc/shorewall2/ -- configuration files
/usr/share/shorewall2/ -- shared files
Both Shorewall and Shorewall2 use the
2004 Mar 10
1
Shorewall2 - Action commands
Dear All,
I have read all the documentation I can find but I still have not understood how, in what context and where to use the action commands enumerated in /usr/share/shorewall/actions.std.
Illustrating with SMB traffic for instance, how can one use AllowSMB, DropSMB and RejectSMB to control SMB traffic instead of the classic
ACCEPT z1 z2 udp 135,445
ACCEPT z1
2004 Oct 08
5
local yp/nis on the server
So, now I see why I was doing the fw 2 fw rule. It was for my YP/NIS usage.
Does anyone know how I get that to work?
2004 Jan 31
5
Shorewall 2.0.0 Alpha 1
http://shorewall.net/pub/shorewall/Alpha/shorewall-2.0.0
ftp://shorewall.net/pub/shorewall/Alpha/shorewall-2.0.0
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2005 May 26
11
Quick poll: CVS commits
Hi folks,
I''m conducting a straw poll for your opinions on whether we should send
CVS commit logs (probably with diffs) to the shorewall-devel list, or to
another (new) list?
I can see advantages to both ways: separate lists mean that people who
aren''t contributing code don''t get flooded with code noise, but a single
list will help keep everyone involved in the
2005 Feb 21
4
Routing changes break NAT (not a shorewall question)
Hi folks,
I know this isn''t a shorewall question, but i''m hoping someone can
point me to the right place to look for answers on this (since, as Tom
suggests, search engines are useless for some things):
Here is my firewall setup:
ADSL1 ADSL2 dialup
\ | /
firewall
|
DMZ
It''s a fairly simple setup. ADSL1 has a static IP, ADSL2 is
2005 Jan 07
6
Questions: place for doco, and routestopped during ''shorewall restart''
Hi folks,
A while back we had some discussions about integrating heartbeat and
shorewall. Thanks to your help and the excellent state of Linux
failover clustering, i''ve managed to install my high-availability
firewall. I know there''s already a howto for it at
http://www.xenos.net/library/hafirewall.html, but i thought i would
document my setup for others, since it''s
2004 May 07
5
mark ack with shorewall 2.x
Hi!
how can I mark ack packets with shorewall 2.x?
(In 1.x I have done it with own rule in common file)
TiA
CU
2004 Aug 22
12
Tom''s Key
Since you''ve started signing your email, Tom, my machine can''t
verify your sig. Where are you publishing your key?
--
John Andersen - NORCOM
http://www.norcomsoftware.com/
2005 Mar 01
3
I''m out of here for a while
I''m going to start being rude with people if I don''t take a break from
the list for a while.
I''ll be back in a couple of days after I cool off.....
--Tom
--
Tom Eastep \ Off-list replies are cheerfully ignored
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
2005 Jun 26
1
Vservers and shorewall
hello
I''m using the 2.6 series 5 vservers on eth1 running on
debian unstable and I wanted two of them to be used as
"proxies".
One of the proxies has 3 interfaces (well 4 if you
count the ath0 interface whose traffic I''d like to
pass through the "vproxy"); one facing the hosts''/out
interface, one facing the "dmz" where two vservers
2005 Feb 24
3
[Fwd: Re: 2.2 shorewall installation fails on suse 9.2]
Anyone else seeing this??
Thanks,
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
2005 Jan 07
1
smtp / pop allow
Hello,
My server is on Mandrake 10.1 off.
eth0 is WAN with static IP connected 512 DSL
eth1 is LAN.
My default shorewall settings are :
Source zone Destination zone Policy Syslog level Traffic limit
loc net ACCEPT None None
fw net ACCEPT None None
net Any DROP info None
Any Any REJECT info None
I have done NAT on eth0 and I am running
squid proxy on the server.
I am not able send or
2004 Sep 11
2
just checking if you have seen this before Tom.
Been trying to track down an issue where when I issue a restart on
shorewall it stalls for maybe 5 minutes. I have tracked it down to the
removing of the rules portion but have not been able to get any closer
yet.
Some place after "strip_file rules" and echo "Deleting user chains..."
It seems to fix itself after a reboot of the system for an unknown time
then it resurfaces
2004 Aug 12
1
Blacklist and rules - order of processing
I was wondering if i could stick a certain ip in the blocklist, but at
the same time have an allow rule for http in the rules section. In
other words i would like to block pretty much all access from a certain
internet address except for http from the internal network. So does the
rules file get parsed before the blacklist in the firewall to make this
possible?