Displaying 20 results from an estimated 40000 matches similar to: "Renaming Interfaces on Boot"
2003 Jul 01
6
Shell Requirements for Shorewall 1.4.6
The 1.4.6 version of Shorewall makes additional demands on the shell. I
have found that both the RH9.0 version of ash and the version of ash
that has long been available from the Shorewall download sites are *not*
suitable for use with Shorewall 1.4.6. The LEAF Bering version of ash on
the other hand works fine.
Attached is a small shell program that will allow you to test your shell
for
2003 Jan 09
19
New on the Web Site
While I''m in temporary retirement, I''ve decided spend a little time
experimenting with new things and making some updates to the web site. The
biggest result of this effort to date has been:
http://shorewall.sf.net/Shorewall_Squid_Usage.html
This outlines how to use Squid as a transparent proxy running on the
firewall, in the DMZ or in the local network. In the latter two
2004 Dec 06
12
Interface Configuration
Hello,
You may recall some of My Dmz question around Thanksgiving.
While I have configured a Proxy arp Dmz. I would like to practice
with the routed setup you suggested Tom as your network was
simular.
Here is one of your quotes "The configuration of eth2 is largely
irrelevant but you certainly don''t
want to confuse things by assigning any default gateway out of that
2004 Nov 25
9
Practice Dmz
Hey Tom,
This is my T-1 slash 27 network btw.
How does this look??? for---- net eth0 66.224.62.120
----dmz eth1 66.224.62.120
This box is for practice Dmz we talked about.
with the pratice Dmz server''s Ip 66.224.62.121
routing and interface''s below
[root@66-224-62-120 root]# ifconfig
eth0 Link encap:Ethernet HWaddr
2005 Mar 03
20
Network config and troubleshooting wih Ping
Network Configuration issues
I''ve been working on this for 2 days PLEASE HELP!
I am having the following issues with network configuration and I cannot
ping the external interface to begin troubleshooting the network
configuration.
I know that the ISP''s router is configured correctly since I have
attached it to a small Linksys firewall and was able to ping the
66.240.207.226
2003 Jan 06
5
SMTP traffic gets blocked
Hi,
I am trying to configure the SMTP service on DMZ host. Added the rule:
ACCEPT wan dmz:66.58.99.84 tcp pop3 -
ACCEPT wan dmz:66.58.99.84 tcp 25 -
ACCEPT dmz:66.58.99.84 wan tcp 25 -
ACCEPT dmz:66.58.99.84 wan tcp pop3 -
issued shorewall clear, shorewall restart, but still couldn''t telnet to
the mail server
2004 Dec 07
16
Dmz
Hey Tom,
I have successfully set up to servers on a Dmz practice network woohoo
:).
If I take out the proxyarp option in /etc/shorewall/interfaces
Then Dmz can ping outside ip''s on the net but not and of my servers
on network 66.224.62.96/27 (Other than its own gateway server 66.224.62.120)
The reason I ask is to learn. I thought I would not need the proxyarp
option for this to
2005 Feb 02
8
Routing all connections through a OpenVPN tunnel
Hi all,
I have set up a working OpenVPN2 connection between my Server and my
gateway at home.
Now I want all traffic to be routed through this VPN connection.
Currently everything is going through eth1 to the internet (to the gateway
of the University which forwards it to the internet :-).
We must use a prox-server and because of this I am not abel to watch the
real-Media streams on
2006 Apr 04
4
Multi ISP, multi address, masq file
I''m planning a multi isp setup and cafully read the
documentation. One thing that bothers me is the masq
file. The example uses a single ip address on each
public interface. I have multiple addresses on both
public interfaces (16 on one and 64 on the other).
I''m a bit confused about what to put in the masq file
in this situation. Any insights would be appreciated.
Ronald
--
2004 Nov 19
14
FAQ 32
What changes would I need to make if there is a 4th interface that is going
to a DMZ
Thanks
Gene
2004 Oct 13
4
Connection tracking on non-masqueraded interfaces.
I don''t think this has anything to do with Shorewall but I am not too
familiar with iptables stuff yet so I''m not sure.
Running Shorewall shorewall-1.4.9 on Mandrake Linux release 9.2 (FiveStar)
for i586 Kernel 2.4.22-37mdk.
Run "nmap -sP 192.168.x.x/24" (for example), where 192.168.x.x/24 is the LAN.
You can do this from a firewall/router, or even from a
2004 Dec 10
9
parallel zone: loc2 is composition of loc1
i have no idea how to definie for a parallel zone the host file if the
second zone (net) should be the composition of the first zone (dmz).
i tried all the following combinations in the interface and host files:
interface:
- eth0 - (variante 1)
- eth0 192.168.0.255,255,255,255,255 (variante 2)
- eth0 192.168.0.255,!192.168.0.255 (variante 3)
2005 Apr 12
8
SMTP / DMZ
Hi Guys,
I have been trying to configure shorewall
1) Internet Access to internal users
2) Have a DMZ that will house atleast 6 mail / web / ftp servers that
will server our existing group companies outside our physical location.
3) Setup openvpn between our location and our group companies .
What i have done so far is :
- Created the 3 zones with the IP ranges as below.
DMZ:172.16.10.x
2005 Apr 08
10
ProxyARP in a Routed environment
Hi,
In a routed network setup , is it possible to use ProxyARP given the condition that the shorewall
external interface and the DMZ interface are in a completely different network . That means the gateway of the External interface and the hosts in ProxyARPed DMZ zones are in different network.
eth0 ---in 220.227.X.Y/30 -- shorewall external interface
eth1 ---in 220.227.A.B/27 -- shorewall
2005 Mar 20
25
Client Behind Router can''t get internet & cannot do fowarding...
i ask here after give up reading and following all the
documentation..
i got 3 nic
eth0:222.222.222.222
netmask:255.255.255.252
gateway:222.222.222.221
eth1:10.10.10.254
netmask:255.255.255.0
gateway:blank
eth2:10.10.11.254
netmask:255.255.255.0
gateway: blank
i''m running redhat9, and shorewall2.2.2
eth0 connected to dsl modem ( static ip )
eth1 connected to d-link router ( for
2005 Mar 10
8
rules - access by mac address
Hi,
At the moment I am controlling my LAN client access to
the Inet by their MAC address. Currently I am putting
their MAC address in the rules file - now the number
of the PC that I want to manage is getting more and
more and it is not practicle to do this way anymore.
My question is, how can I have their MAC address in
other separate file?
Regards
http://www.debian.org/consultants/#Malaysia
2005 Jan 18
4
DMZ Recommendations
From reading the documentation, I understand that it is recommended to
put servers that may be at risk in a DMZ served via proxy-arp. In this
case, the local clients that are behind a NAT would have their
connections to the DMZ masqueraded, yes?
Is there any way around this that would still be considered secure?
Just looking for advice.
Thanks,
A.
2003 Nov 21
7
FORWARD:REJECT
I have a 3 nic setup with shorewall 1.4.8-1 running on redhat 9. My eth2
(dmz zone)has 7 secondary address attached to it. I can ping a machine in
each subnet, dmz to net rules seem to be working fine on all machines.. I
have my policy set as dmz to dmz accept. If I try to ping between subnets I
get
Nov 21 12:18:45 kbeewall kernel: Shorewall:FORWARD:REJECT:IN=eth2 OUT=eth2
SRC=172.17.0.2
2004 Dec 01
5
Running SNMPD at Shorewall 1.4.x
Hi,
I need to running snmpd at shorewall gateway (1.4.10g).
How to make the rules necessary to do it ?
I have 3 interfaces, eth0 (public), eth1 (private) and eth2 (dmz).
When I runnig mrtg, I have this message:
---
cfgmaker gw-host@localhost > ~netbox-sp/eth0.cfg
--base: Get Device Info on gw-host@localhost:
SNMP Error:
no response received
SNMPv1_Session (remote host:
2003 Sep 15
7
shorewall 1.2.12
Hi!
Can I use the old version shorewall 1.2.12 configure as SNAT and DMZ ?
Because Debian Linux came with the default shorewall 1.2.12 .
Best Regards,
Support