Displaying 20 results from an estimated 10000 matches similar to: "Shorewall 1.4.10 RC1"
2003 Feb 27
6
Shorewall 1.4.0 Beta 2
The second Beta is now available at:
http://www.shorewall.net/pub/shorewall/Beta
ftp://ftp.shorewall.net/pub/shorewall/Beta
Function from 1.3 that has been omitted from this version includes:
1) The ''check'' command is no longer supported.
2) The MERGE_HOSTS variable in shorewall.conf is no longer
supported. Shorewall 1.4 behavior is the same as 1.3 with
MERGE_HOSTS=Yes.
2004 May 13
2
Shorewall 2.0.2
Shorewall 2.0.2 is now available at:
http://shorewall.net/pub/shorewall/shorewall-2.0.2
ftp://shorewall.net/pub/shorewall/shorewall.2.0.2
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2009 Aug 12
6
Shorewall (Openswan) IPSEC VPN MASQ Problem
Hi,
I have setup a IPSEC VPN using Openswan to connect a Draytek router to a
CentOS 5.2/Shorewall 4.2.9 firewall. The VPN establishes OK but I''m
getting a problem with packets from the left hand subnet getting
masqueraded rather than routed down the IPSEC VPN as though they were
going out onto the net. I''ve spent the last day searching Google and so
far I''ve hit a
2001 May 15
8
CloneCD ?
Anyone have succefully run clonecd or know how to burn cloneCD files under
linux ?
I can run CloneCD but it tell me that it cant load device driver and
shutdown immedialty
wine tell me that it dont know the VXD ElbyCDIO
any ideas ?
thx
2009 Oct 23
9
sip/iax problem - udp conntrack entries not getting destroyed
Hello all,
I have an asterisk sip/iax peer behind a linux gateway doing nat. I''m using
pppoe with a dynamic ip that changes frequently.
The problem is when the line drops the sip/iax registrations drop as well,
and they don''t register thereafter. When I check the conntrack entries, I
noticed the entries still have the old wan ip address and because of
keepalive (i''m
2003 Mar 22
22
SecuRemote and Shorewall Problem
Sat Mar 22 14:16:55 CST 2003
This post is a bit long, but I want to make sure
I am providing the information up front that can
help in others helping me solve this mystery.
I am having a bit of difficulty getting Shorewall
to work with SecuRemote and its FW-1 server. I
have attached the "rules" file I am using and the
output of "shorewall show nat". The diagram below
2005 Apr 29
2
cannot write xls file after saving
Hello,
I am using 3.0.15pre2. Share definitions:
[Grupes]
path = /home/Grupes
writeable = yes
admin users = DOMAIN+administrator
valid users = @"DOMAIN+domain users"
store dos attributes = yes
map hidden = no
map system = no
map archive = no
dos filemode = yes
File ACLs before opening:
# file: Pazymejimai-forma2.xls
# owner: root
# group:
2005 Jan 23
15
Idea: permit /etc/shorewall/masq to contain zones, as well as interfaces
Dear All,
Firstly, thank you very much - shorewall is great. I''m not a member of
this list, and please forgive me if I am suggesting something stupid, but
the following occurs to me, and I thought it might be useful.
Why no make it possible to specify zones as well as interfaces in the
/etc/shorewall/masq file ?
Eg: instead of:
eth0 eth1
one might write:
net loc (or masq in
2015 Oct 20
2
Re: failed to pivot job for disk vdc
Hello,
it happened with another VM:
# virsh snapshot-create-as --domain rasa sn1 --diskspec
vda,file=/var/lib/libvirt/images/rasa-sn1.qcow2 --disk-only
--atomic --no-metadata
# virsh blockcommit rasa vda --active --verbose --pivot
Block commit: [100 %]error: failed to pivot job for disk vda
error: block copy still active: disk 'vda' not ready for pivot yet
# virsh domblklist rasa
2005 Apr 26
2
groups DOMAIN+user doesn't work
Hello,
I am using winbind (samba 3.0.11).
A command "groups DOMAIN+user" doesn't work for some users:
# groups DOMAIN+user1
id: cannot find name for group ID 10073
# groups DOMAIN+user2
DOMAIN+user2 : DOMAIN+domain users DOMAIN+apskaita
# getent passwd DOMAIN+user1
DOMAIN+user1:*:10042:10000:xxx:/home/DOMAIN/user1:/bin/false
# getent passwd DOMAIN+user2
2004 Nov 27
3
/etc/shorewall/masq
In /etc/shorewall/masq I have:
eth0 eth1
eth0 vmnet1
eth0 vmnet8
-------------
eth0 is my default route to the Linksys
router connected to the cable modem.
eth1 is my connection to 192.168.1 subnet
and it is the gateway for all other machines
on this subnet.
My routing table is:
# netstat -nr
Kernel IP routing table
Destination
2005 May 04
2
winbind cache time?
Hello,
according to 'man smb.conf': Default: winbind cache time = 300
I have not changed it in smb.conf, but when I remove some user
from some group, command "groups DOMAIN+user" still shows
that user belongs to the group even after a few hours after removing
the user from that group. Any ideas why?
samba 3.0.15pre2.
Regards,
Nerijus
2006 Mar 14
9
firewall problem
snat not working
my local ip is aaa.aaa.aaa.aaa
asterisk sitting on the internet at ip bbb.bbb.bbb.bbb
my firewall''s internal ip is 192.168.0.254
i did snat:
iptables -t nat -A POSTROUTING -o ppp0 -j SNAT --to aaa.aaa.aaa
iptables -t nat -L -v gives:
Chain POSTROUTING (policy ACCEPT 23663 packets, 2182K bytes)
pkts bytes target prot opt in out source
destination
33056
2004 Aug 24
11
Shorewall-Linux and Vonage VOIP rules setting+
Hello - I am not a subscriber to the mailing, please
email me with help at mfabache@yahoo.com
My shorewall (v2.0.1) has been working wonderful for
the past year. I just added my Vonage and cannot get
the Phone Adapter to sync up (2 blinks (looking for
IP))
All I have done is run an ethernet cable from the WAN
outlet on the phone adapter to a lan port on the
router.
After googling, I found
2005 Nov 21
2
shorewall status
Hi
I wonder if you can help... I have setup shorewall(2.2.3) under debian on a
machine that has 4 network ports... the idea is that there is 1 WAN port, 1
DMZ port, and 2 LAN ports, 1 LAN port has static NAT setup for selected
incoming connection from trusted sources, and the second LAN port I am
trying to setup using masq NAT as it only requires outgoing connections, no
incoming.
the static NAT
2010 May 10
4
Port Masquerading
Hi,
I am wondering if it is possible to do the following with shorewall.
I operate a network with some additional IP''s that are SNAT''d to various server machines on my network.
One of my machines is a Terminal server.
I need to be able to RDP to various servers for clients, that are IP locked for RDP on my PtP address, not the SNAT address of my Terminal server.
Can I
2005 May 08
4
not logging some ports?
Hello,
I want not to log some dropped packets going from net to fw, i.e. to
exclude some ports. For example, I get lots of denied SPT=4672 DPT=7476
packets in /var/log/messages. I know I can probably do this by using ulog
or some other logging system and writing some rules to exclude "SPT=4672",
but is it possible for shorewall not to log some ports? Sorry if it is obvious,
but I
2018 May 15
2
centos-qemu-ev repository not work for x86_64 arch on CentOS 7.5
On Tue, 15 May 2018 14:45:23 +0300 Gena Makhomed <gmm at csdoc.com> wrote:
> >> Something wrong with $contentdir variable,
> >> it points to altarch for x86_64 $basearch.
> >
> > can't reproduce on a fresh x86_64 installation. Adding Brian in case he has
> > a clue for this.
>
> I use fresh installed x86_64 CentOS 7.5 via VNC
> with
2006 May 03
5
SNAT on IPSEC tunnel with kernel 2.6/KAME tools?
Hi,
Could not conceive an working set-up for an IPSEC VPN made with racoon/setkey
on which I have one address on my side acting as an SNAT router for all
traffic from my network to a network segment on the far side.
my network --- my gateway ---------------------- remote network
10.0.0.0/24 - 10.0.0.1 (10.253.0.2) -- tunnel - 192.168.0.0/22
All traffic starts on my side, so if I can
2004 Dec 30
12
Multi-Hop VPN Issue looking for Solutions
I''ve just discovered that I do not have access to the remote gateways
for a set of IPsec tunnels to remote networks. This prevents me from
changing the routing table on those gateways.
I need "roadwarrior" systems connecting to me local network using
OpenVPN (tun) to be able to access those systems. Since the remote
gateways don''t know about 10.100.1.0/24, where my