Displaying 20 results from an estimated 9000 matches similar to: "Shorewall 2.2.0 RC1"
2004 Aug 06
9
how to define a dozens of interface as one zone
hi,
we use openvpn as for our vpn endpoints and we''ve got about 70-80 vpn
connections which means we have tun0 - tun80 interface. i''d like to
define one zone for all of our vpn connections how can I do that?
actualy our local zone is 192.168.0.0/17 (not 16) and all of the vpn''s
are in 192.168.128.0/17. our should i define somehow the local zone as
192.168.0.0/16? but in
2004 Sep 13
17
Problem with openvpn tunnel
Hello,
I have the following situation :
Server with 2 nics
1 nics connected to the internet, 1 connected to the LAN
I have OpenVPN running on the system and the following setting in the
tunnels file :
===================================
openvpn:2000 net 62.58.0.226
openvpn:2001 net 62.58.0.226
openvpn:2002 net 62.58.0.226
===================================
All tunnels ran for weeks
2004 Dec 22
15
OpenVPN and DNAT
Hello Tom and all,
Quick question: Is it possible to operate an OpenVPN server from behind
a firewall?
Is it as simple as setting it up and placing:
DNAT net loc:192.168.10.20 udp 5000 - ipaddress
--
Paul Slinski -o)
Network Administrator /\
Global IQX, Inc. _\_v
Global IQX is the leader in integrated e-business automation solutions
for the group life and health insurance
2003 Nov 06
4
ip_conntrack_ftp & ip_nat_ftp not loading automatically
For some reason, ip_conntrack_ftp & ip_nat_ftp aren''t loading
automatically. If I load them manually with modprobe FTP works.
Both ip_conntrack_ftp & ip_nat_ftp are listed in the modules file - I
haven''t mucked with the order at all, so I assume it''s right.
I''m using Mandrake 9.2 but, as recommended, I uninstalled the Mandrake
version of shorewall and
2005 Mar 18
3
Openvpn Connection Reset
Hello I''m hoping you guys can help me figure this out. When I use
shorewall clear my windows openvpn client connects perfectly every
time. But when I have the shorewall up 90% (not every time) it will
connect for about a second and then the connection will reset and that
will repeat over and over so i never don''t really get a steady
connection at all. I can tell you that
2004 Dec 19
6
IPSEC vs OpenVPN
While I have concentrated on support for 2.6 native IPSEC in release
2.2.0, I am still of the opinion that unless you absolutely need IPSEC
compatibility that OpenVPN is a much easier (and in the case of
roadwarriors, a much better) solution.
Having already generated all of the required X.509 certificates, it took
me less than 1/2 hr to replace my IPSEC testbed with an OpenVPN one
using the new
2005 Feb 02
8
Routing all connections through a OpenVPN tunnel
Hi all,
I have set up a working OpenVPN2 connection between my Server and my
gateway at home.
Now I want all traffic to be routed through this VPN connection.
Currently everything is going through eth1 to the internet (to the gateway
of the University which forwards it to the internet :-).
We must use a prox-server and because of this I am not abel to watch the
real-Media streams on
2004 Sep 17
8
can I write such an action?
hi,
i create rule such action.AllowPostGrey:
-----------------------------------------------
######################################################################################
#TARGET SOURCE DEST PROTO DEST SOURCE
RATE USER/
# PORT PORT(S)
LIMIT GROUP
ACCEPT $A_IP $PORTAL_IP tcp 10023
ACCEPT
2004 Dec 01
2
Blocked traffic
Hello,
I was helping a friend to extend his Shorewall firewall and noticed
something strange in the syslog
Shorewall:all2all:REJECT:IN= OUT=eth1 SRC=192.168.0.1 DST=192.168.0.2
LEN=39 TOS=0x00 PREC=0x00 TTL=64 ID=3021 DF PROTO=UDP SPT=44337 DPT=1503
LEN=19
Anybody got an idea what this can be?
--
Groeten,
Peter
Device response received when none expected.
-
- Heb je een Dreambox 7000S ?
2004 Oct 25
2
Strange problem
Hello,
My workstation should synchronize its clock on my server but from some
reason this is not allowed
This is what I get in the log when the client tries to sync with NTP
Oct 25 08:25:47 server kernel: Shorewall:all2all:REJECT:IN= OUT=eth1
SRC=192.168.0.5 DST=192.168.0.4 LEN=76 TOS=0x10 PREC=0x00 TTL=64 ID=0 DF
PROTO=UDP SPT=123 DPT=1031 LEN=56
My internal network is eth1 , external is
2006 Dec 07
1
a few more notes
hi,
while all files is owned by nsd user and nsd run as nsd the nsd.db is
still owned by root user (because the compiler run as root and create
this file as root, ok i know just it'd be better if this file is owned
by nsd too).
another strange thing is that on the slave nsd i've got such messages:
-----------------------------------------
zonec: reading zone "lfarkas.org".
2004 Oct 18
11
how can i log everything?
hi,
it''d be very useful to add some kind of "log everything" option to
shorewall. currently the logging is useful if you know what you would
like to log. but if you don''t know than it''s a problem...
another problem that currently it''s not possible to log the nat table.
at least i can''t find any way (can''t add logging into masq and
2007 Jun 13
4
network raid file system/server
hi,
we've a few 10-20 server in a lan each has 4-8 hdd. we'd like to create
one big file server on these server hard disks and we'd like to create
it in a redundant way ie:
- if one (or more) of the hdd or server fails the whole filesystem still
usable and consistent.
- any server in this farm can see the same storage/filesystem.
it's someting a big network raid5-6... storage where
2008 Jun 25
2
[Fwd: Re: [CentOS-announce] Release for CentOS-5.2 i386 and x86_64]
may here someone can answer me...
-------- Original Message --------
Subject: Re: [CentOS-announce] Release for CentOS-5.2 i386 and x86_64
Date: Tue, 24 Jun 2008 18:31:20 +0200
From: Farkas Levente <lfarkas at lfarkas.org>
To: The CentOS developers mailing list. <centos-devel at centos.org>
References: <4860E6EB.5000906 at centos.org>
Karanbir Singh wrote:
>
> We are
2004 Oct 06
4
SNAT is less expensive than MASQ
hi,
in the masq file''s documentation, there is a sentence:
"If you have a static IP on that interface, listing it here makes
processing of output packets a little less expensive for the firewall."
this realy means that SNAT to the primary address is less expensive than
a MASQ rules in the netfilter? is this documented anywhere in
iptables/netfilter?
thanks.
--
Levente
2015 Aug 07
4
6.7
On 08/07/2015 01:04 PM, Johnny Hughes wrote:
> 6.7 is there most places ... since we have more than 500 external
> mirrors (right now 593) not all of them are updated. (looks like
> 4% still are not completely updated)
what about the src.rpms? it seems http://vault.centos.org/6.7/os/ and
http://vault.centos.org/6.7/cr/Source/ is empty and while
2014 Aug 03
4
don't use centos 7 as a developer workstation
Hi,
May be it's not clear to everyone.. so this's just a quick notice to
everyone.
Don't use CentOS 7 as a developer workstation since currently there is
not included any developer IDE. As eclipse was pulled out from the main
distro and put into Red Hat Developer Toolset (which is imho a good idea
not to use a 7 years old IDE). But Red Hat Developer Toolset is still
not supported on
2006 Dec 10
5
which is the vaild a format?
hi,
after i test nsd i find the following. if i use this in a zone file:
$ORIGIN example.com.
CNAME www
www CNAME x
x A 1.2.3.4
then it's excepted by nsd what's more give the proper result. if the
slave is nsd than there is no problem, while if the slave is bind i've
got the following error:
2005 Jun 03
3
The Kolab Storage Format, supported?
hi,
is dovecot are support all required feature for kolab imap server? the
requirements can be found here:
http://www.kolab.org/doc/kolabformat-2.0rc3-html/index.html
ie. can i replace cyrus-imap with dovecot in a kolab server?
thanks in advance.
yours.
--
Levente "Si vis pacem para bellum!"
2005 Jan 02
1
connect msn ?
Hello,
My server is on Mandrake 10.1 off.
eth0 is WAN with static IP connected 512 DSL
eth1 is LAN.
I am using shorewall.
I have NAT on eth0.
I have squid running.
I am not able to connect to MSN.
What are the rules to allow MSN ?
Thanks
Varun