similar to: The future of Shorewall

The basic functionality of Shorewall 2.2.2 works fine with the soon-to-be-released SuSE 9.3 (I have an early copy). I''ll be trying it over the weekend with more complex configurations involving IPSEC and OpenVPN. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \

Hello, With reference to the problems listed below. I too am having incredibly long start up times. I''m talking minutes here (around 5 minutes). My configuration is not complex I don''t think. We are you using ldap too and the settings are bellow. The network is up as I''m restarting shorewall whilst the machine is running. Any suggestions? Is there no way to

http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 Problems Corrected: 1. The "shorewall check" command results in the (harmless) error message: /usr/share/shorewall/firewall: line 2753: check_dupliate_zones: command not found 2. The

Hy shorewall users :)) I have the following config in my shorewall: DNAT net:200.137.193.2 loc:192.168.0.55 udp 135,445 - 200.137.193.38 DNAT net:200.137.193.2 loc:192.168.0.55 udp 137:139 - 200.137.193.38 DNAT net:200.137.193.2 loc:192.168.0.55 tcp 135,139,445 - 200.137.193.38 The IP

It is with regret that I announce that Shorewall development and support is officially ended. Sean''s post has finally driven it home to me that in the long term, trying to support a project like Shorewall is impossible for a person of my personality and age. Sean -- please believe that this isn''t about you or your post -- your post was just the proverbial straw on this old

Hello, I have forwarded this to the shorewall-users list. You will find better support for this obscure problem there. Regards, Alex Martin http://www.rettc.com Cristian Valentin Barean wrote: > Hello ! > My name is Barean Cristian, and I have a network of 35 users, on a > Linux Mandrake 9.2 server. > As I was adding more users in my network, I found a problem with

I am using debian sarge. I want to block all incoming requests except DNS (port 53) and allow all outgoing traffic. I did a apt-get shorewall. When I start shorewall, I cannot even ping to any external site. I am a newbie and difficult to follow the online guide. Can anyone please help me. Thanks !

Hi folks, Last night and this morning i''ve hacked up a quick web site for coordinating our development work based on Drupal (http://drupal.org). You can find it at: http://shorewall.dyndns.org I''ve put a few ideas in there - feel free to use the comments or sign up for an account and create your own pages (particularly in the two books about development and web site work).

Hi to all. I recently upgraded to shorewall ver 2.3 from 2.0 so I could explore the multiple ISP/dual default route setup feature of version 2.3, I also upgraded iptables from 1.2 to 1.3 (rpm-based install) but when I tried to start shorewall it terminates and I noticed it''s giving me this error iptables: No chain/target/match by that name ERROR: Command "/sbin/iptables -t mangle -A

Anyone else seeing this?? Thanks, -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key

There was a lengthy power failure here in Shoreline this morning and my firewall did not come back up when power was restored. The firewall is now up and service to the server has been restored. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \

Hi all, (not sure that this is the right places where send this. sorry) I think that http://www.shorewall.net/Shorewall_Squid_Usage.html must be updated. The current SQUID version (2.6) don''t support anymore the ''httpd_accel'' directives. So anyone that would follow this guide for configure a transparent proxy will receive an error 400. Please modify the guide as

Hello all gurus, I have a question, and I do not know if it has every been asked. I am wondering if shorewall has the capablility to use GEOip. I have an extensive blacklist that keeps growing and growing by the month. I was wondering if there was any capablility of using GEOip or any plans in the future. Thanks Shorewall Administrator.

Dear All, I think I have a useful idea for how shorewall startup could be speeded up in a more automatic manner. Apologies if this is daft, but I think it might work.... Motivation: not all users understand the intricacies of shoreall beyond using the distro setup tool. [And on this particular laptop, shorewall takes 15 seconds during boot.] I have already read this (about shorewall

Hi Folks, Can i transform my firewall into a bridge (Mean Nic to Nic), in the ethernet level (Not protocal, Ip''s etc) and also use shorewall ? Than make a Layer 2 Switch with netfilter rules to all Ip''s in my network ? I have 4 whole real classes and want to protect the people inside. With proxyarp works but sometimes fail (People loose connection etc) Just with switchs and my

Skipped content of type multipart/mixed-------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.shorewall.net/pipermail/shorewall-devel/attachments/20041014/45aef157/attachment-0001.bin

Hello All, I am trying to implement OpenVPN on Fedora core Linux 3 with the latest pathces installed. This server is used only as firewall/internet gateway/proxy/VPN server, with kernel 2.6.1-1.27.FC3 and kernel 2.6.1-1.27.FC3 SMP It has two NIC''s eth0 (10.0.0.150) connected to ADSL, eth1 (192.168.3.12) connected to the local network. I use shorewall 2.4 on this machine. I like to test

Hi folks, I''m conducting a straw poll for your opinions on whether we should send CVS commit logs (probably with diffs) to the shorewall-devel list, or to another (new) list? I can see advantages to both ways: separate lists mean that people who aren''t contributing code don''t get flooded with code noise, but a single list will help keep everyone involved in the

Hi All, i am trying to install Shorewall 2.0 on debian 3.0. But when i try apt-get i am getting older version i.e. 1.2. Can someone send me a pointer on how to install shorewall latest version on Debian 3.0 please. i searched google and on this site but could find any. i am not in this list, pl include me in ur replies. Appreciate ur help, -Balaji

I''m using shorewall 2.0.x at home as an Internet gateway for family. However my brother always plays online games overnight, so my parents asked whether I can do something on the gateway to control the time of accessing the Internet. I planned to put a script on crontab to schedule which it will execute say at 12:00 night daily, the script will execute a command will deny my brother