similar to: shorewall restart failure recovery option?

Hi, I created a modification (more like a hack) to shorewall that backups a configuration after succesfully (re)starting it. In case a future (re)start fails it will use this backup configuration. (instead of stopping the firewall and generating a massive ammount phonecalls ;) I didn''t pay too much attention to the ramifications of this patch, so let me know if i screwed anything up.

Hi, As a gentoo-user i frequently run the emerge sync command, which in turn does a rsync with the mainserver. The 'problem' is that the portage directory tree contains about 19.000 directories and 96.000 files. So building the filelist takes a pretty long time, because of the many disk accesses that are neccesary. On the server side the disk-io problem is probably less worse since

I just updated my webmin on my server and noticed that the module for Shorewall looked different. It looks like someone really cleaned it up and had it added to the Standard Webmin Module list. Woohoo. -- Joe *** I can only please one person a day. Today is not your day and tomorrow doesn''t look good either. ***

I just updated my webmin on my server and noticed that the module for Shorewall looked different. It looks like someone really cleaned it up and had it added to the Standard Webmin Module list. Woohoo. -- Joe *** I can only please one person a day. Today is not your day and tomorrow doesn''t look good either. ***

My description of the incorrect use of the term ''SNAT'' on the Static NAT Webmin page was apparently misunderstood. Attached is a patch against the Webmin-1.070 Shorewall module that corrects this problem and also adds the ''DNAT-'' action for rules. To apply the patch, you will need the ''patch'' utility: cd <webmin shorewall directory - on

Greetings; My syslog is getting 100s of thousands of messages like the following (these are just a sample); (BTW I am running Debian/lenny) > May 11 12:41:31 gatekeeper kernel: BANDWIDTH_IN:IN=eth1 OUT=eth0 SRC=192.168.0.4 DST=64.15.118.171 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=37901 DF PROTO=TCP SPT=1307 DPT=80 WINDOW=17640 RES=0x00 ACK URGP=0 > May 11 12:41:31 gatekeeper kernel:

Hi Guys, I need some help. I''ve been using shorewall for a while now and it''s been running beautifully, but I''m now experiencing some problems. It seems that connections are getting dropped much like the behavior described by the NEWNOTSYN=no option in the shorewall.conf file, but I have NEWNOTSYN=Yes in my file. The messages I see in my logs are things like:

I attached a copy of my rules file and I was wonndiering if there is some commands that I don''t need. I am running a webserver,email server,samba server. Thanks --------------------------------- Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now-------------- next part -------------- ############################################################################## #ACTION

Hi boys & girls : Probably my Subject is crazy, but due I haven''t tryed this, I prefer to ask. Is it possible to run snort in a fw box (using shorewall, of course). Your feedback will be very well appreciate. Thanks Benito.-

[newbie question] Before using Shorewall I used to manually write some very short iptables rules which where probably much poorer than what this Shorewall gem does but I could "follow" them very easily. Now reading the output of iptable -L gives me a terrible headache. Is there some tool that graphs the rules in order to "see" them better ? For instance I was experiencing

Hi, I have a install of shorewall I have 2 interfaces(I think) ppp0[connection device] and eth0 [LAN device], I want to allow all traffic from the the internet in or aleast port 80 and CVS and webmin and mail and everything normal to the main machine with shorewall on it. I changed to policy file but it just gave me errors as to double interfaces. I also what still to alow connection sharing

I''m having problems using shorewall webmin module and Redirect rules. Webmin module does NOT accept the symbol ! in the field "Destination address for DNAT or REDIRECT". So the example that comes in rule file to redirect www from local zone to 3128 port can only be included manualy. The example suggest to exclude the fw ip addres " !192.168.2.2 " Shorewall version:

Hello , i have 2 questions 1 - how to use shorewall GUI using webming , i found nothing in the doc. 2 - after starting shorewall , is there a way to see the user connections status? Thanks Wahid

Joshua Schmidlkofer wrote: > Tom Eastep wrote: > >> Joshua Schmidlkofer wrote: >> >>> Tom, >>> >>> Here is the setup method w/ Bridging on Gentoo. >>> >> >> Thanks, Joshua >> >> -Tom > > > Off topic - Has anyone cooked up a good web front end? I am messing w/ > IPCop, because one of my clients uses it.

I have registered a project with Sourceforge to produced a Webmin module for Shorewall. http://sourceforge.net/projects/webmin-shorewal/ Anyone interested in participating please email me at enemyofthestate at users.sourceforge.net I am still learning the interface but I think I need your Sourceforge Nym to add you as a developer. -- Stephen Carville Unix and Network Adminstrator

Although the parameterized samples have allowed people to get a firewall up and running quickly, they have unfortunately set the wrong level of expectation among those who have used them. I am therefore withdrawing support for the samples and I am recommending that they not be used in new Shorewall installations. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \

What about Webmin Module compatbility ? If I do not create any rule violating any of that new features, it will work ? Or the module is unusable until someone make necessary modifications ? F?bio Rabelo

--On Monday, February 24, 2003 11:55:48 AM -0700 Mike Robinson <miker@sundialservices.com> wrote: > > I''ll stick with my original suggestion, and consider it very important. > Even though users might say "why isn''t blah-blah in the services-file," > once the data was supplied in the file and distributed, no one would > have to repeat the

--

Hi! I''m new here! I downloaded shorewall because I want to set up a firewall and Webmin already has a module for it. (I love Webmin!) When I went to start shorewall I got the message that it needs ip. I''m running Slackware and apparently ip is not included with it. Would somone please help me out and let me know where I can download ip from? Thanks. Jim