similar to: shorewall-2.1.11 / iptables -N net_frwd iptables: Chain already exists

http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 Problems Corrected: 1. The "shorewall check" command results in the (harmless) error message: /usr/share/shorewall/firewall: line 2753: check_dupliate_zones: command not found 2. The

hi, i have a strange situtation. i try to connect to my machine with ssh and the packets are dropped but i have at the top of my rules an accept. the configuration looks like: rules-file: ----------- ACCEPT net fw tcp 22 - TCPDUMP-log: ------------ 12:16:08.153934 84.153.98.30.1322 > [my-destination-machine].ssh: S 3717288415:3717288415(0) win 64240 <mss

There was a lengthy power failure here in Shoreline this morning and my firewall did not come back up when power was restored. The firewall is now up and service to the server has been restored. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \

The basic functionality of Shorewall 2.2.2 works fine with the soon-to-be-released SuSE 9.3 (I have an early copy). I''ll be trying it over the weekend with more complex configurations involving IPSEC and OpenVPN. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \

Hi List, I am new at this and trying to set up shorewall. I was using mnf-en to do it but it was using an old version of shorewall (shorewall-2.0.8-2mdk) and didn''t have the features I wanted. So I''ve installed shorewall-2.4.0-1mdk. Other bits of interest: iproute2-2.6.10-1mdk iptables-1.2.9-8mdk I''m trying to get the providers feature working. show capabilities:

Hello, You will find in attachment the layout of my current physical configuration. For now, the Cable ISP is not used. Since it is a dynamic ISP, my mailserver is rejected and my domain name registers on blacklists like ORDB and al. I want it to be used as a default gateway except for my mail server that would be seen as coming from my "honest" ADSL ISP. Here is

Hello, I am not able to open the webmin web interface on my server. Shorewall is blocking it. How to allow it on the server. Thanks Varun

I''m using shorewall 2.0.x at home as an Internet gateway for family. However my brother always plays online games overnight, so my parents asked whether I can do something on the gateway to control the time of accessing the Internet. I planned to put a script on crontab to schedule which it will execute say at 12:00 night daily, the script will execute a command will deny my brother

I have been using shorewall and freeswan successfully for 3 or more years now. But they have all been using the Linux 2.4 kernel. My current configuration is (as the title suggests) using SuSE 9.1 which has a 2.6.5 kernel and freeswan 2.0.4 built-in. After much reading and a lot of trial and error, I did get this combination to work with Shorewall 2.0.9. It is happily talking to an older Mandrake

hi all, my linux internet gateway has one fixed public ip and there are several servers on the local net. how to config shorewall such that it can forward a port on the external int. to another port on to a server in local net. Simply speaking, external port http 8000 forward to internal port http 80 I used the DNAT to specify the source port as 8000 and dest port to 80 but it

Hello, After I''ve switched from 2.1.6 to 2.1.11 I could not run Xserver (TCP 6000) over ipsec anymore, so I''ve reinstalled 2.1.6. Is it a bug or configuration issue? The error is: Shorewall:net2all:DROP: IN=eth0 OUT=eth1 MAC=00:50:da:2d:c1:6c:00:0c:31:f6:c4:8d:08:00 SRC=192.168.123.150 DST=192.168.1.2 LEN=48 TOS=00 PREC=0x00 TTL=62 ID=36507 CE PROTO=TCP SPT=35069 DPT=6000

It is with regret that I announce that Shorewall development and support is officially ended. Sean''s post has finally driven it home to me that in the long term, trying to support a project like Shorewall is impossible for a person of my personality and age. Sean -- please believe that this isn''t about you or your post -- your post was just the proverbial straw on this old

Hi! I''m new here! I downloaded shorewall because I want to set up a firewall and Webmin already has a module for it. (I love Webmin!) When I went to start shorewall I got the message that it needs ip. I''m running Slackware and apparently ip is not included with it. Would somone please help me out and let me know where I can download ip from? Thanks. Jim

Is it possible to filter HTTP signatures/headers with SHOREWALL ? or is there addon for it ? take care *º¤., ¸¸,.¤º*¨¨¨*¤ Stingray *º¤., ¸¸,.¤º*¨¨*¤ __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ------------------------------------------------------- This SF.Net email

Hi Alex, and thanks for your time. Probably not. The servers are only configured like they where when they where parallel to the fw. Just the default gateway, same as for the external interface on the fw. That''s what the documentation instructed to configure the servers using arp. But is it required with extra configuration on the server connected via proxy arp? Or is it some parameter

I am making a new box to test with and was trying to install shorewall via rpm. So I download the shorewall 2.2.5 rpm and issue a rpm -ivh shorewall-2.2.5-1.noarch.rpm. I then get an error: error: Failed dependencies: which is needed by shorewall-2.2.5-1.noarch So as you can see there are no dependency issues. I thought I saw this on the mailing list a while ago but I just searched for it I did

Hello everyone, First things first. * shorewall version: 2.2.1 * ip addr show: 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: sit0: <NOARP> mtu 1480 qdisc noop link/sit 0.0.0.0 brd 0.0.0.0 3: eth0:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://shorewall.net/pub/shorewall/2.1/shorewall-2.1.11 ftp://shorewall.net/pub/shorewall/2.1/shorewall-2.1.11 In addition to correcting several bugs, this version adds the following features: 1) The default Drop and Reject actions now invoke the new standard action ''AllowICMPs''. This new action accepts critical ICMP types:

Hey, recently I was asked, how mailman handles bounces and after digging around I also noticed that the current version is 2.1.14 with a lot of bug fixes. So I'd like to ask if there is a (src)rpm out there with the recent version working on centos 5.5. Thanks and best regadrs . G?tz -- G?tz Reinicke IT-Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail goetz.reinicke at

Hi to all. I recently upgraded to shorewall ver 2.3 from 2.0 so I could explore the multiple ISP/dual default route setup feature of version 2.3, I also upgraded iptables from 1.2 to 1.3 (rpm-based install) but when I tried to start shorewall it terminates and I noticed it''s giving me this error iptables: No chain/target/match by that name ERROR: Command "/sbin/iptables -t mangle -A