Displaying 20 results from an estimated 20000 matches similar to: "More on routing support in CVS"
2004 Sep 23
0
Fwd: RE: 2.6 kernel ipsec and shorewall
FYI...
---------- Forwarded Message ----------
Subject: RE: [Shorewall-users] 2.6 kernel ipsec and shorewall
Date: Thursday 23 September 2004 07:44
From: "Jonathan Schneider" <jon@clearconcepts.ca>
To: "''Tom Eastep''" <teastep@shorewall.net>
I must have been up too late working on this, looking at it the next day I
noticed I completely forgot
2005 May 15
0
New Toy in CVS
If you are willing to patch your iptables and kernel to support the ROUTE
target, the code in CVS project Shorewall2/ now supports very flexible
routing. As an example, I run Squid in my DMZ for transparent proxy. Rather
than the complex routing setup described in
http://shorewall.net/Shorewall_Squid_Usage.html, I now use this single entry
in /etc/shorewall/routes to route all HTTP requests from
2005 Sep 20
0
Fwd: [PATCH] Another iptables-save buglet
FYI
This bug will prevent ''shorewall restore'' from working if you have "!<single
IP address>" in the ORIGINAL DEST column.
-Tom
---------- Forwarded Message ----------
Subject: [PATCH] Another iptables-save buglet
Date: Wednesday 14 September 2005 15:09
From: Tom Eastep <teastep@shorewall.net>
To: netfilter-devel@lists.netfilter.org
The conntrack
2004 Sep 29
0
Re: Shorewall-users Digest, Vol 22, Issue 65
Hi
I have 2nic firewall . I had to open some ranges of udp and tcp ports . I
faced a problem that although all the ports are open Some functionality was
not working . Any body used shorewall with H323 Voip traffic DNATed . Any
help is appretiated .
Thanks
----- Original Message -----
From: <shorewall-users-request@lists.shorewall.net>
To: <shorewall-users@lists.shorewall.net>
Sent:
2004 Nov 02
0
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2004 Sep 27
1
Re: routing between networks on same
Hi Tom,
Thank you for your quick reply.
I aplied changes as you suppose, and now users can
comunicate each with others. - thank you very much.
I have just one aditional question regarding
PKTTYPE=No variable.
I didnt find it in shorewall.conf so I simply add it
at the end of conf file (above #Last line :-) ) So
question is it is standard feature of shorewall, and
from which version it is
2004 Nov 02
3
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2005 May 26
1
Sourceforge CVS
The Shorewall CVS repository is now safely ensconced at Sourceforge.
http://sourceforge.net/cvs/?group_id=22587
Please note that unlike with the old repository here at shorewall.net,
at Sourceforge there is a delay in updating the ViewCVS (web) copy of
the repository. As a consequence, developer commits are not immediately
available for browsing with ViewCVS
2005 May 26
0
Shorewall CVS is now at Sourceforge
The Shorewall CVS repository is now hosted on Sourceforge at
http://sourceforge.net/cvs/?group_id=22587. Please note that unlike with
the old repository here at shorewall.net, at Sourceforge there is a
delay in updating the ViewCVS (web) copy of the repository. As a
consequence, developer commits are not immediately available for
browsing with ViewCVS
2003 Dec 03
0
New in CVS
In the Shorewall/ CVS project:
Problems Corrected:
1) There has been a low continuing level of confusion over the terms
"Source NAT" (SNAT) and "Static NAT". To avoid future confusion, all
instances of "Static NAT" have been replaced with "One-to-one NAT"
in the documentation and configuration files.
2) The description of NEWNOTSYN in
2004 Feb 03
0
Shorewall 2.0 and Routing
There have been a number of questions recently about Shorewall 2.0 and
routing. In earlier posts, I said that Shorewall 2.0 would no longer alter
the routing table as part of setting up Proxy ARP.
I have been persuaded to take a different approach.
In Shorewall 2.0.0-Alpha2, the HAVEROUTE column has been restored to the
proxyarp file and a new PERSISTENT column has been added. If the
2004 Nov 06
3
shorewall.net Down Time
Tomorrow morning, the following systems will be unavailable while I
upgrade the OS on my firewall:
a) shorewall.net
b) lists.shorewall.net
c) cvs.shorewall.net
d) rsync.shorewall.net
The upgrade will begin around 0700 PST (-0800) and will like take two
hours or so.
Sorry for the inconvenience.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \
2004 May 20
0
Script to build Shorewall Release from CVS
In case any of you are interested, I''ve placed my script for building an
entire Shorewall release from CVS into
ftp://shorewall.net/pub/shorewall/contrib/makeshorewall.sh.
The script assumes that the appropriate CVS project has already been
updated with the current version number.
There is currently no mechanism for re-building old releases.
-Tom
--
Tom Eastep \ Nothing is
2007 May 16
1
www.shorewall.net/ftp.shorewall.net is down
The administrator of the main web/ftp site has informed me that the site
is currently down. Until service is restored, you can use:
http://www1.shorewall.net
ftp://ftp1.shorewall.net
Sorry for the inconvenience.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \
2007 Nov 28
2
[Fwd: Re: Port 3001 still have problem]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
As I pointed out to Wilson in a private message, this appears to show
that no other connection requests (other than port 3000) are being sent
from the client to the server (or at least no other connection requests
are being received by the Shorewall box).
Wilson: Are you sure that the client is supposed to open port 3001 on
the server and not the
2003 Dec 04
0
Re: CVS write access request.
On Thu, 2003-12-04 at 14:14, Alex Martin wrote:
>
> I will start posting this type of discussion to shorewall-devel, so that others
> might help.
>
> Just let me know what you think.
>
I just checked in a few minor changes to the Docs -- I''ll try to keep my
hands off of them while others are working on them.
-Tom
--
Tom Eastep \ Nothing is foolproof to a
2003 Dec 29
1
New CVS Project
I''ve moved the remaining HTML files (including those that Mike and Paul
are working on) to a new project named Shorewall-Website. This will
segregate the Docbook documentation from the Website-only HTML files.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2004 Nov 11
0
Shorewall.net downtime again this weekend
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Saturday, I will be rebuilding my server. I expect the project to
take most of the day. I will begin around 7AM PST (-0800).
The server hosts the following sites:
www1.shorewall.net (a.k.a. shorewall.net)
ftp1.shorewall.net
lists.shorewall.net
rsync.shorewall.net
Sorry for the inconvenience.
- -Tom
- --
Tom Eastep \ Nothing is foolproof
2004 Dec 31
0
Change in Shorewall Mailing Lists
Because certain large European ISPs can''t get their act together WRT
SPF, I''ve turned on masquerading of lists.shorewall.net. This means that
list postings will now have "shorewall.net" sender addresses rather than
"lists.shorewall.net". Sorry for the inconvenience but a lot of email is
currently bouncing.
-Tom
--
Tom Eastep \ Nothing is foolproof to a
2005 May 17
1
Support for inbound traffic from multiple ISPs in CVS
The Shorewall2/ project in CVS contains my initial attempt to establish
correct routing for traffic forwarded from two different ISPs to
internal servers.
>From the release notes:
Shorewall 2.3.2 includes support for multiple Internet interfaces to
different ISPs. This feature is enabled by setting the "default"
option for each Internet interface in