similar to: Shorewall 2.0.10

(anonymous post) I have a simple 2 interface firewall setup and all is good, almost. I am hosting virtual websites and DNS behind shorewall no problem. However I am trying to use SFTP via a different port number and have no luck even though Putty works well. Is there anything weird to sftp and shorewall? My lab uses a different firewall (firestarter) and it works OK. I am using; DNAT net

Hello All, I am trying to implement OpenVPN on Fedora core Linux 3 with the latest pathces installed. This server is used only as firewall/internet gateway/proxy/VPN server, with kernel 2.6.1-1.27.FC3 and kernel 2.6.1-1.27.FC3 SMP It has two NIC''s eth0 (10.0.0.150) connected to ADSL, eth1 (192.168.3.12) connected to the local network. I use shorewall 2.4 on this machine. I like to test

Currently I have shorewal 2.2 installed om my debian 2.6.8 kernel. The firewall machine can access the internet via a ethernet modem fine. The firewall can ping the local network. The local network can ping the firewall server, see the samba files. Howeven teh local network cannot access the internet through the firewall Any suggestions? Rob van Overbruggen Settings and stats: Server: Eth1 :

Hi Tom Here is the output of shorewall status Thanks Lars [H[2JShorewall-2.0.13 Status at - Thu Dec 30 21:43:44 CET 2004 Counters reset Thu Dec 30 15:38:17 CET 2004 Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 38383 11M ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 DROP !icmp --

(Sorry, my previous post was sent in HTML format) I am having a hell of a time with shorewall... I have a Dlink DCM202 Cable modem with the Ethernet connected directly to eth0 on the linux box. Then I have a second nic on the linux box connected to a hub for the internal network. I am trying to allow traffic from the internet connect to my FTP and WEB servers on my Winbloze box on the lan.

Hello All, I have a question about setting up the shorewall firewall for squid, I followed the instructions on "Using Shorewall with Squid" --> "Squid Running in the DMZ" section. For some reason I am unable to get the program to work. I am able to have the squid work properly by using squidclient program, but once I setup the firewall to use the redirect I am unable to

Hello, LARTC mailing readers, I hope u can help with this mysterious issue i''m having with my linux box acting as a router. Scenario: Linux running 2.6.8.1 /w julians patches Latest iproute (iproute2-ss040702) 4 NICS ----------------- | x eth0 (63.43.x.x) network mask (255.255.240.0) | | x eth1 (63.43.x.x)

Hello, LARTC mailing readers, I hope u can help with this mysterious issue i''m having with my linux box acting as a router. Scenario: Linux running 2.6.8.1 /w julians patches /w support for multipath routing Latest iproute (iproute2-ss040702) 4 NICS ----------------- | x eth0 (63.43.x.x) network mask (255.255.240.0) | |

Believe me: Read the FAQ Checked over and over This might be toooooo stupid to be documented. Please bear with me. Any help ? Situation: single card standalone "firewall" (used like a "personal firewall"). Have sshd running on the FW. Want the sshd daemon to be accessible only from 2 LANs: 1) My other home LAN machine 2) IBM intranet machines (9.0.0.0) Whatever I have

Hi all, I''m new to shorewall and have been struggling with several problems for several days now. Most of them are solved, but one still persists. The firewall is running on my server under Debian Sarge (Kernel 2.6) I''ve got three network interfaces: ppp0 (DSL Internet) eth1 (lan) ath0 (wlan) eth1 and ath0 are bridged together to br0. The problem is, that Samba (also running

In kernel 2.6.31, the handling of the rp_filter interface option was changed incompatibly. Previously, the effective value was determined by the setting of net.ipv4.config.dev.proxy_arp logically ANDed with the setting of net.ipv4.config.all.proxy_arp. Beginning with kernel 2.6.31, the value is the arithmetic MAX of those two values. Additionally, a ''loose'' routefiltering

Hi all, i have a xen 4.3 installation and would like to have a bridge bond szenario: *** eth0 eth1 | | bond0 | br0 | vif = [ ''bridge=br0,mac=xx:xx:xx:xx:xx:xx'' ] *** With the network script in debian wheezy *** /etc/network/interfaces auto bond0 iface bond0 inet manual slaves eth0 eth1

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=40 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Additional Comments From laforge@netfilter.org 2003-02-03 16:49 ------- We haven't seen this

Hi all: I have some kvm host(rhel 6.4, 2.6.32-358.0.1.el6.x86_64), I ran several windows guest on it(more than 10 guest on one host and the guest os are win7-32/win7-64/win2k8), but the guest network kept down automatically, lost package. I tried virtio drive and e1000 drive,but it didn't work. However, when I run cmd.exe ping some other subnet ip it worked. The host and guest are connected by

I''m very new to shorewall. My setup is IP Gateway (CentOS 4 + Shorewall) with 3 NIC cards. Shorewall works great on the firewall machine. Bind also works (local net machines get IPs fine). Under firestarter, all works great. With shorewall, the loc machines can not route past the firewall. They can connect to the firewall, but not past it. Exactly what information should I post to get

Hi I am having a weird problem which I cant figure out - so I was hoping someone here could give me a hand. First off the end goal is that a specific server in my network runs an IPSEC connection to another company and I want all other servers to route traffic for the IP on that network through this single server. Server 1 in this example is the server that runs the IPSEC connection. (CentOS

Woops - my fat fingers hit the send key before I could put in a subject a minute ago. Hello - I am using kernel 2.4.27 and running into behavior I don''t know how to explain. I have 2 relevant interfaces. eth0 is external, eth1 is internal. My internal LAN is 10.10.10.0/24. My External range is 1.2.3.0/27 (dummied up). I have an H.323 videoconference device inside my internal

Hello! I am using shorewall shorewall-2.0.11-1 on fedora core2 (iptables-1.2.9-95.7). My box has 2 physical nic´s plus one virt. ipsec interface for a freeswan-vpn connection. A few days ago, portsentry spit out a lot of connections from windows clients (port 135, 445). Ooops. I review my shorewall settings but could not find a mistake. So I took a win-client and established a second

Hello! I configured a pptpserver on my firewall and followed the pptp-manual from Shorewall. Login via VPN to firewall (internal ip: 192.168.10.2) is ok and I can ping this server via internal ip (and use it: add samba-shares, etc.). Unfortunately I can''t connect to other hosts in my intranet (LOC). Ping from vpn-client to clients in intranet fails, although Shorewall-Log shows an

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 David Macklem wrote: | Tom, | | As I said in a previous mail, these rules file changes work. Thanks. | | However, I''m not sure that your firewall changes to handle the GATEWAY column in the tunnels file does work. I downloaded the most recent STABLE2 release from CVS and replaced my copy of the firewall script with the updated version