Displaying 20 results from an estimated 50000 matches similar to: "What is going on now?"
2003 Jul 25
16
"shorewall stop"
Although Shorewall provides safeguards against it, people seem to
regularly shoot themselves in the foot when doing remote system
administration. I''ve been thinking about this problem and wonder if a
change to the way that "shorewall stop" behaves might help.
Today, "shorewall stop" stops all traffic except to/from those
destinations listed in
2005 May 24
4
Programming Languages?
Greetings,
What programming languages besides shell scripting are used in shorewall?
What knowledge is needed to help in shorewall development? I figure iptables is a goood
bet but is there anything else as well?
Thank you for your time.
Regards,
Jason
2004 Feb 11
4
Shorewall, ipp2p and ipt_CONNTRACK
Hi!
Taking into consideration the great speed with which the use of P2P
filesharing systems is expanding, is there any plan of including ipp2p
and ipt_CONNTRACK support into shorewall? I''m sure that many admins
managing gateways would be very happy about it...
Thanx,
--
Mario R. Pizzolanti <mario@zavood.ee>
Zavood O?
2004 Jan 20
6
[PATCH] Marking packets according to user in tcrules
Hi,
First of all, thanks to all shorewall developers. Shorewall is really
great.
Here is a patch to add the following feature :
This patch allows you to mark packets according to the user name under
which the program generating output is running.
To do so, the patch will allow you to write rules in the tcrules file
looking like that :
#MARK SOURCE DEST PROTO PORT(S) CLIENT USER
#
2004 Jul 02
7
Shorewall Release Model
The current Shorewall release model has the following characteristics:
a) The last two major releases are supported.
b) Only the latest major release is actively developed.
c) Bug fixes are available for the prior major release but only against
the last minor release.
d) The last major release is advertised as the "Current Release".
I''m thinking of switching to a model that
2005 Jan 05
22
Shorewall and IPV6
As 2.2.0 is nearing release, I''ve begun to think about what I''ll do for
2.3 and I think that it is time for Shorewall to add support for IPV6.
Because of parsing ambiguities, the need to maintain upward
compatibility with both Shorewall and 6Wall, and different available
functionality in IPV4 and IPV6 Netfilter, I believe that it is going to
be necessary for some files to be
2003 Dec 07
27
Re: Shorewall-devel Digest, Vol 11, Issue 4
Hiya,
> Ok with me -- if I get too frustrated with DocBook, I''ll just start
> editing the HTML again.
>
> -Tom
>
Well the fact that VIM is supported by Docbook is a plus .. But I still
think the Wiki idea is well .. Lets get the doc at a CVS and Docbook
stage .. Walking before running .. plz plz ..
Francesca
PS: I have thrown Windoze out the Window here (Pardon The
2004 Sep 19
2
Time-based rules
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi!, I''d like to know how to set up shorewall to deny a user-defined
action in a time-based basis, for example, I have a group of users
using MSN, AOL, www and https, in a defined action called
action.BasicAccess now, I want this access to be enabled only on
lunch time from Monday through Friday and weekends from noon to
6pm... I know
2005 Jun 03
4
New Document for People Helping with Shorewall Support
The Shorewall support page advocates including the output of "shorewall
status" with problem reports that involve some sort of connection
problem. I suspect that the number of people who feel comfortable
analyzing problems through use this output is small.
To help, I''ve created http://shorewall.net/AnalyzingShorewallStatus.html
I suspect that the document isn''t
2003 Dec 04
31
Shorewall Documentation Updates, Request for Input
Hello,
I have the go ahead to fix documentation. For starters I will clean all
extraneous crap from the markup. Then fix any errors and typos.
If anyone sees any gramatical errors or typos or needed clarifications or
expansions or whatever, please post them here.
Or additional FAQ entries, etc, all will be considered.
I hope to keep most of this conversation on the shorewall-devel list.
Any
2005 Sep 29
20
maclist problem on a firewall/bridge/router system with masquerading
Hy,
sorry for my poor english
i think i''m having a very unusual problem and very dificult to track,
but i''ll try to explain it as best as i can.
here is my scenario:
a firewall/bridge composed of 3 ethernet devices and 1 virtual one.
my bridge (br0 ) is composed of eth0, eth1 and tap0
br0:eth0 is my connection to my router (200.244.92.1)
br0:eth1 is my connection to my
2005 May 27
10
Help wanted notices
Hi folks,
I''ve added a couple of ''help wanted'' ads to our SourceForge project.
You can see them at
http://sourceforge.net/people/?group_id=22587
I''ll add more as i have the opportunity. If you can think of other jobs
we need to assign, please let me know.
--
Paul
<http://paulgear.webhop.net>
--
Did you know? Using accepted quoting conventions makes
2004 Aug 10
11
who gives access? was: why ADD_DNAT_ALIASES missing?
hi,
there was some email problems and i repeat my question too fast, but
this is the second part of my questions.
- only the rules and policy files give access right? ie. rules in the
FORWARD chain of the filter table in iptables ?
- is a line in masq file automaticaly add an accept rule too? eg. in
msaq file
eth0 <internal ip>
allow connection from <internal ip> (local zona) to the
2004 Oct 09
9
fxp initiated behind shorewall
Okay, no one had any idea concerning my Radmin question, which I still
haven''t figured out. However, I am now trying to figure out an FXP problem.
All of the needed details are listed below the description problem.
Problem:
I have a local windows XP pro computer running FlashFXP behind shorewall
2.0.9 (unpatched) with only two interfaces (ppp0 and eth1) as
loc:192.168.1.5. The server
2005 Feb 13
15
Fedora Core 3 / 2.6.9-1.667
I just installed Fedora Core 3
uname -r
2.6.9-1.667
I got the latest shorewall''s rpm:
http://www.shorewall.net/pub/shorewall/2.2/shorewall-2.2.0/shorewall-2.2.0-1
.noarch.rpm
Made my changes
Attempted to run shorewall and got:
[root@demo shorewall]# shorewall start
ERROR: Can''t find iptables executable
I haven''t seen this before.
I tried to go through all the
2004 Dec 05
28
state INVALID
Having moved from a "cascading LANs" configuration to two independent LANs
on eth0 and eth1, I still get some "state INVALID" for which I am not sure
what the cause is. Can somebody help me understand its probable origin?
Thanks,
Costantino
[see attachment]
2004 Dec 18
14
SuSe 9.1 startup issue
Tom,
I am NOT subscribed (yet). I dropped SuSeFirewall2 in favor of
shorewall to get past the configuration hurdles I as experiencing.
At the moment, when my SuSe 9.1 starts up, I can see shorewall processing
the rules, policies, etc. and I see no errors and then moves on with the
rest of the SuSe boot process .
However, no traffic passes through using the rules.
I run an iptables -L and I
2004 Nov 24
14
traffic shaping on ftp server don''t work
Having study a number of documents on linux traffic shaper, I started
to setup my shaping rules in my network.
My linux box is running RH AS3 U3, shorewall 2.0.9.
It is using PPPoE connected to the Internet
firewall:
eth0: connect to the adsl modem
eth1: private net
ppp0: virtual dial up interface for pppoe
There is a ftp server on the private net
It is listen for port 21 and configured
2005 May 12
12
New Article at Shorewall.net
This article describes how to implement "Port Knocking" in Shorewall.
http://shorewall.net/PortKnocking.html
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
2003 Feb 21
2
Shorewall 1.4 will require the iproute package
Subject says it all...
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://www.shorewall.net
Washington USA \ teastep@shorewall.net