similar to: shorewall.net Down Time

On the firewall, what is the rationale for giving eth1 an IP address that is also assigned eto eth0? (Rather than a private one.) -- Taso Hatzi caesar 17 <<-salad cjbx jc vdwwjar jc xi jc jd salad

There has been a low continuing level of confusion over the terms "Source NAT" (SNAT) and "Static NAT". To avoid future confusion, all instances of "Static NAT" have been replaced with "One-to-one NAT" on the web site and in the CVS configuration files (Shorewall/ project). The documentation in 1.4.9 will also contain this change. -Tom -- Tom Eastep \

This is some ramblings on why using proxy ARP (on a host in a DMZ) is a good or bad thing. The good is that a computer X retains a public IP address which makes it easy to connect it directly to the net if the firewall has to be taken down for extended periods. Thus, if computer X is a mail server for example, it can still function in a reduced capacity until the firewall is restored. The bad

Are there any scenarios that require traffic from a zone to itself to be blocked? If not, Shorewall should possibly allow it as a matter of course. It seems strange having to explicitly create such a policy & it''s not immediately obvious when it is required. -- Taso Hatzi caesar 17 <<-salad cjbx jc vdwwjar jc xi jc jd salad

The problem scenario I describe was reported previously in the Shorewall lists but its resolution does not seem to have made it into the lists. Scenario: Windows XP client seeking to establish a VPN connection to a Windows 2003 Server located behind a Shorewall firewall (running on Mandrake kernel 2.4.22-37mdk). The connection cannot be made, the client reports error code 721. Discussion:

Do these programs still exist? They don't seem to be part of the samba3x package on RHEL5.

Environment is Samba as a PDC, OpenLDAP backend, with smbldap-tools providing the scripts to manipulate the data. What are the recommended/mandated organizational units (OU=) for user, computer, group info. I'm pretty sure that groups go in ou=Groups, but I am confused about where user and computer data goes. I have seen ou=People, ou=Computers, and ou=Users in various places. Which is it

Hi, especially John H. T :) I'm yet again plodding through chapter 14 of the Samba-HOWTO-Collection.pdf. Not because I can't make what's in it work for me, I did that long ago, I found out for myself, because a great deal of what's in it is wrong. I just got fed up with trying to get Nagios to work - I gave up, for various reasons and started on the Samba doco. At the risk of

Is there a trick to being able to access shares via \\domain\dfsroot\.. rather than \\computer\dfsroot\... ? Only the latter works for me - samba 3.0.22

Scenario: a) Samba with an ldap backend. b) The ldap database becomes irretrievably corrupted. c) I roll in a new ldap database from a known good copy. d) Problem is the passwords for the machine accounts are out of date. e) Is it possible to coax Samba & the clients (mostly XP) to resynch their passwords? f) I want to preserve the client computers SIDs & names. g) I really

I have been having a problem with 'net getdomainsid' on a machine that I set up to be a BDC. # net getdomainsid Could not fetch local SID tdbdump shows that there is no machine SID in secrets.db, so I'm thinking that I overlooked the step that creates a machine SID. What creates the machine SID and when? Also, is it the hostname or the netbios name that samba uses as the machine

I don''t think this has anything to do with Shorewall but I am not too familiar with iptables stuff yet so I''m not sure. Running Shorewall shorewall-1.4.9 on Mandrake Linux release 9.2 (FiveStar) for i586 Kernel 2.4.22-37mdk. Run "nmap -sP 192.168.x.x/24" (for example), where 192.168.x.x/24 is the LAN. You can do this from a firewall/router, or even from a

In the docs at http://www.shorewall.net/Shorewall-perl.html, "Your ipsets must be loaded before Shorewall starts. You are free to try to do that with the following code in /etc/shorewall/start" implies that code in /etc/shorewall/start is executed BEFORE Shorewall starts. In the default /etc/shorewall/start # /etc/shorewall/start # # Add commands below that you want to be

i want to tag categories to its menuname. i have a csv containing menu item name and in other csv i have a column containing some strings, i want to pick that strings from categories and look into menu items if any menu item containing that string i want to create a new column next to menu item name flagged as 1 otherwise 0 and the only condition is once a menu item flagged as 1 i don't need

Hi, Installed Caesar 3 this morning under wine-20041019. C3 has worked for a long time, but doesn't work under this version due to, of all things, time zone information that's missing??? caesar@flash caesar $ wine .wine/drive_c/SIERRA/Caesar3/c3.exe fixme:ntdll:TIME_GetTZAsStr Can't match system time zone name "PST" to an entry in TZ_INFO fixme:ntdll:TIME_GetTZAsStr

If you look at the PLS file for SomaFM's "Goove Salad" channel you'll see : ------------------------------------------------ [playlist] numberofentries=3 File1=http://64.236.34.97:80/stream/1018 Title1=SomaFM Presents: Groove Salad 128k (Feed #1) Length1=-1 File2=http://205.188.245.133:8076 Title2=SomaFM Presents: Groove Salad 128k (Feed #2) Length2=-1

I've tried to install the game "Caesar 3" on my Linux-box. It worked fine during the installation. The problem appeared when I wanted to play it. Caesar 3 needed the file DDRAW.DLL I found out that it was one of DirectX's .dll-files. Isn't Wine supposed to work with DirectX without installing it? Doesn't Wine have its own "DirectX-clone"? What should I

Thanks to both of you - exactly the piece I was missing. -----Original Message----- From: tms3 at tms3.com [mailto:tms3 at tms3.com] Sent: Monday, January 10, 2011 12:52 PM To: Christ Schlacta Cc: samba at lists.samba.org Subject: Re: [Samba] Reestablishing trust with PDC > > > you haven't tried experimenting with backing up and restoring the > samba password cache. look in

Greetings, Rowland Penny! >>>> server services = s3fs, rpc, nbt, wrepl, ldap, cldap, kdc, >>>> drepl, winbindd, ntp_signd, kcc, dnsupdate >> >> Since "winbindd" is included in this line, shouldn't also "-winbind" >> be there? I think that when you use the normal winbind you must >> disable the internal one. >>

hi, ive been reading up on ferret, acts_as_ferret, and other search plugins for rails. after reading about ferret, i found out about the acts_as_ferrt plugin. my first question about acts_as_ferret: 1. from reading about ferret, do i still need to manually save the IDX and add a IDX column field to my model table for acts_as_ferret to work? they say that acts_as_ferret handles everything,