Displaying 20 results from an estimated 10000 matches similar to: "Snapshot 20030629"
2003 Jul 04
3
Shorewall 1.4.6 Beta 1
Beta 1 is now available at:
http://shorewall.net/pub/shorewall/testing
ftp://shorewall.net/pub/shorewall/testing
This is a minor release of Shorewall.
Problems Corrected:
1) A problem seen on RH7.3 systems where Shorewall encountered start
errors when started using the "service" mechanism has been worked
around.
2) Where a list of IP addresses appears in the DEST column of a
2003 Jun 27
0
Snapshot 20030637
Problems Corrected:
1) A problem seen on RH7.3 systems where Shorewall encountered start
errors when started using the "service" mechanism has been worked
around.
2) A problem introduced in earlier snapshots has been corrected. This
problem caused incorrect netfilter rules to be created when the
destination zone in a rule was qualified by an address in CIDR
format.
2003 Jul 21
0
Shorewall 1.4.6
Shorewall 1.4.6 is now available. Thanks to Francesca Smith, the 1.4.6
Sample configurations are also available.
The release is currently available at:
http://shorewall.net/pub/shorewall
ftp://shorewall.net/pub/shorewall
It will be available at the other mirrors shortly.
This is a minor release of Shorewall.
Problems Corrected:
1) A problem seen on RH7.3 systems where Shorewall encountered
2005 Apr 19
14
allow ssh access from net to fw?
Hi,
I''m trying to enable ssh (when that works, want to add:pop3s,smtp,web) from
the internet to the firewall but it does not work.
I managed to DNAT ftp to a host in the loc network (192.168.0.50) successful
but I don''t know why SSH:
Does not work for me:
ACCEPT net fw tcp 22
Works from the loc network:
ACCEPT loc fw tcp 22
I have tried also with (no success):
AllowSSH
2003 Mar 23
12
Shorewall 1.4.1
This is a minor release of Shorewall.
WARNING: This release introduces incompatibilities with prior releases.
See http://www.shorewall.net/upgrade_issues.htm.
Changes are:
a) There is now a new NONE policy specifiable in
/etc/shorewall/policy. This policy will cause Shorewall to assume that
there will never be any traffic between the source and destination
zones.
b) Shorewall no longer
2003 Mar 21
1
Shorewall config format
Hi,
I''m a long time shorewall user and I like it very much. There is only
one thing were I''m not always happy with: the config files.
There has been discussion on the list about the comments in the files.
My concern is that I loose overview over my configuration because of the
many config files. Of course there are advantages too but I thinking
wether another config format would
2005 Mar 10
7
norfc1918 not working in SW 2.2.1?
Hello all,
Yesterday I noticed that my system was "leaking" traffic towards the
10/8 network, I have shorewall installed on multiple machines ranging
from single interface devices to ones with 10+ interfaces. I tested all
the boxes and they are showing the same behavior.
All systems are CentOS 3.4, 2.4.21-27.0.2.ELsmp.
Shorewall version: 2.2.1
For the host mentioned is a single
2004 Jan 13
7
Shorewall 1.4.9
Shorewall 1.4.9 is now available.
http://shorewall.net/pub/shorewall/shorewall-1.4.9
ftp://shorewall.net/pub/shorewall/shorewall-1.4.9
Unless something urgent comes up, this will be the last release of Shorewall
1.x.
Release notes are attached.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \
2004 Sep 10
1
Is ProxyARP or NAT entries really neccesary for DNAT to work?
I have been trying to get DNAT to work and I actually have succeeded
too, however, not how I thought it would work when reading through the
documentation.
1. No matter what I do I cannot get DNAT to work unless I have an entry
in eiter the nat or the proxyarp file. Is that really how it''s supposed
to be? I can''t find anything about it in the documentation.
2. Also, in the
2005 May 06
8
Port forwarding on Shorewall box behind NAT ADSL router
Hi,
Before I go any further, I''m no networking expert, and the sheer volume
of documentation on the Shorewall website makes my brain hurt..
Some time ago I moved from an area with cable internet to an ADSL only
area. While on cable, I''d set up an old P3 box running Gentoo as a
firewall/gateway/file server, running shorewall (currently v2.2.3) and
dnsmasq. I''d
2009 Jun 18
9
Redirect port 80 away from Shorewall?
Hi There,
Due to shortage computer, I need to install Apache to my Shorewall box (192.168.1.1)
But the real web server is on another box (192.168.1.2)
I tried to put rule:
DNAT net loc:192.168.168.1 tcp 80
But everytime www connection coming in, it will hit my shorewall
Any solution?
Cheer
Access Yahoo!7 Mail on your mobile. Anytime. Anywhere.
Show me how:
2006 Aug 18
3
DNAT Security Hole?
# shorewall version
3.2.1
SNAT is enabled. Setting up DNAT to do port forwarding -- this example
looked exactly like what I wanted:
(FAQ 1c) From the internet, I want to connect to port 1022 on my firewall
and have the firewall forward the connection to port 22 on local system
192.168.1.3. How do I do that?
In /etc/shorewall/rules:
#ACTION SOURCE DEST PROTO DEST PORT
2004 Sep 15
15
re: start error
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The original post was over 300,000kb so I didn''t spam the list with it -TE.
|
|
| Thank you for your quick and helpful response.
|
| I didn''t understand that the virtual interface eth0:1 doesn''t count as
a separate instance from eth0.
| I am sorry to ask for further assistance and would appreciate any
help. The error
2004 Oct 04
6
Appreciate help with Shorewall and VPN
Hello all,
I had setup shorewall before succesfully with a normal LAN to internet
connection. Now I''m connected to the internet via VPN and I got problems
with configuring Shorewall. Any help is appreciated.
This is my setup:
- Gentoo Linux laptop (kernel gentoo-dev-sources-2.6.8.1) with Shorewall
2.0.4 (setup for Standalone one interface) and iptables 1.2.11
- VPN client is
2012 Sep 27
3
vsFTP and shorewall
Dear all,
Dear support and users:
Sorry to trouble you! I configure the shorewall firewall to forward ftp and ssh port to another server, but failed. Can you help me check?
I cannot login both SSH 2222 and ftp!
Below is my environment: (attachment is shorewall dump)
1. Gateway (FC6)
1.1) eth0: lan static IP: 192.168.1.20
1.2) eth1: external public static IP:
2002 Jun 04
3
Port forwarding...
Hi all
Is it possible to just forward port to local computer
but not give open access for that port?
If I''ve understood right that this rule does give
ACCESS from net to loc too:
DNAT net loc:192.168.1.5 udp 7777
What I''m trying to say is that it would work so that
everything that''s coming from net to that local
computers port is DROPed or REJECTed if it''s
2004 Sep 22
3
Strange DNAT problems with shorewall 1.4.8
I''ve had some issues with my network, and I''ve had to reconfigure my
Gibraltar CD. It runs shorewall 1.4.8, and I have a 2-interface setup, so
I downloaded the relevant files from the install page.
Masq and such works, but I''m having a problem with my port forwarding. It
works for port 22, but it doesn''t seem to work for any other port.
I''ve turned
2003 Mar 25
7
DNAT not working after changing BIND to use views
Hello all:
I''ve got a confusing issue. I had a working shorewall configuration
(based on the two interface model) using DNAT for redirection to my HTTP
server. The HTTP server is on my inside network (I know - bad juju, but
one thing at a time). I changed my configuration this morning to use
views in my BIND (named) configuration. Everyone outside the firewall
is able to get in
2003 Mar 28
9
Squid
I''m attempting to setup Squid as shown on:
http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ
The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat
7.2 on the server in the DMZ. I''m not seeing the requests come in to the
server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the
firewall, the local traffic I''m trying to
2002 May 14
3
[Shorewall-users] Redirect loc::80 to fw::3128 not work (fwd)
I''m beginning to believe that the use of the last column in the rules file
to designate redirection/forwarding is too subtle for many users. For 1.3,
I think I''ll do something like the following:
Current rule:
ACCEPT net loc:192.168.1.3 tcp 80 - all
New rule:
FORWARD net loc:192.168.1.3 tcp 80
Current rule:
ACCEPT net fw::3128 tcp 80 - all
New rule:
REDIRECT net