similar to: Shorewall Support

Displaying 20 results from an estimated 30000 matches similar to: "Shorewall Support"

2003 Aug 05
4
Shorewall 1.4.6b
This is a bug-fix roll-up. Problems corrected since 1.4.6: 1) Corrected problem in 1.4.6 where the MANGLE_ENABLED variable was being tested before it was set. 2) Corrected handling of MAC addresses in the SOURCE column of the tcrules file. Previously, these addresses resulted in an invalid iptables command. 3) The "shorewall stop" command is now disabled when
2003 Jul 25
3
New Shorewall user trying to get ulogd setup
quick background: RH9 (2.4.20-19.9) Shorewall 1.4.6a-1 ulogd 1.00 Shorewall is working properly. I''ve followed the FAQ instructions and everything appears to be setup correctly. The problem is that I''m trying to get ulog going...but I''m getting: # service ulogd status ulogd dead but subsys locked I''m not sure if I was suppose to, but I also manually created
2004 Feb 17
12
Metalog and Shorewall
Hi Tom and list, Still trying to set up Shorewall logging. I understand that Shorewall require syslog to get logging working, however I have metalog. Is this possible to use metalog as logging facility for Shorewall? I was reading http://www.shorewall.net/shorewall_logging.html and it describes other method ( ULOG ). I understand that I have to compile ULOG support in the kernel... where do I
2003 Jul 15
12
Sanity, Manners and Shorewall Support
Hello Everyone, This morning I received a personal email from a recent poster asking "Why is Mr. Eastep so mean?". The post went on to explain that I had responded abruptly to the person''s request for help and asked why I wasn''t more helpful to people attempting to understand something new. Good question. Over the last nine months, I have been struggling to deal with
2005 May 18
102
I quit.
It is with regret that I announce that Shorewall development and support is officially ended. Sean''s post has finally driven it home to me that in the long term, trying to support a project like Shorewall is impossible for a person of my personality and age. Sean -- please believe that this isn''t about you or your post -- your post was just the proverbial straw on this old
2002 Jun 15
4
Serious Bug found in Shorewall 1.3.x
Rafa³ Dutko has just discovered a potentially serious bug in version 1.3.0 and 1.3.1. In both versions, where an interface option appears on multiple interfaces, the option may only be applied to the first interface on which it appears. A corrected firewall script for 1.3.1 is available at: http://www.shorewall.net/pub/shorewall/errata/1.3.1/firewall and
2004 Aug 24
11
Shorewall-Linux and Vonage VOIP rules setting+
Hello - I am not a subscriber to the mailing, please email me with help at mfabache@yahoo.com My shorewall (v2.0.1) has been working wonderful for the past year. I just added my Vonage and cannot get the Phone Adapter to sync up (2 blinks (looking for IP)) All I have done is run an ethernet cable from the WAN outlet on the phone adapter to a lan port on the router. After googling, I found
2002 Apr 08
22
Parameterized Samples Withdrawn
Although the parameterized samples have allowed people to get a firewall up and running quickly, they have unfortunately set the wrong level of expectation among those who have used them. I am therefore withdrawing support for the samples and I am recommending that they not be used in new Shorewall installations. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \
2005 May 27
2
Sample Files Improvement
2005/5/27, Paul Gear <paul@gear.dyndns.org>: > > I think a champion for the samples is just what we need right now. Tom > carried so much of shorewall completely on his own, but we can''t afford > to do that. We need each person to take responsibility in one > particular area, and then get in and *do* it. The samples are there in > CVS now
2003 Apr 26
4
lists.shorewall.net is back up
That could have gone smoother. I had many problems with the NFS install on my firewall then once I got the server back up, mail delivery was broken :- ( I still haven''t gotten ulogd to run under RH9.0 but everything else seems to be working ok... -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
2005 Jan 23
15
Idea: permit /etc/shorewall/masq to contain zones, as well as interfaces
Dear All, Firstly, thank you very much - shorewall is great. I''m not a member of this list, and please forgive me if I am suggesting something stupid, but the following occurs to me, and I thought it might be useful. Why no make it possible to specify zones as well as interfaces in the /etc/shorewall/masq file ? Eg: instead of: eth0 eth1 one might write: net loc (or masq in
2003 Aug 06
10
wormHunter.sh and friends
Evening all, First: Obligatory thanks to Tom. Shorewall is GREAT! I''ve got it on 3 machines now and love it. (Just because they are obligatory does not mean they are not heart-felt.) On my main web server, I am constantly scanning my log files for worm-signs. Requests for default.ida, any .exe, there are several others, you probably have your favorite. I got tired of doing it by hand
2008 Apr 14
1
Per VLAN Bandwidth allocation by Shorewall
Hi, 1. We have 20+ VLANs behind shorewall firewall. We would like to distribute the Internet bandwidth to different VLANs having minimumm, typical and maximum values based on IP ranges after NAT e.g., 172.17.4.0/24. What rules need to be created to do so? 2. We also would like to time the access of internet of some of the VLANs, i.e., 172.17.4.0/24 should be allowed to access the internet only
2003 Nov 04
2
Log ?
Hi! Shorewall Users May I know ..what does it means ? Nov 5 12:43:34 netgw kernel: Shorewall:newnotsyn:DROP:IN=eth0 OUT= MAC=00:05:5d:4e:fc:62:00:d0:95:7a:d5:f1:08:00 SRC=210.59.230.239 DST=211.24.146.50 LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=36787 PROTO=TCP SPT=80 DPT=20291 WINDOW=65160 RES=0x00 ACK FIN URGP=0 Best Regards, Support
2005 Apr 08
10
ProxyARP in a Routed environment
Hi, In a routed network setup , is it possible to use ProxyARP given the condition that the shorewall external interface and the DMZ interface are in a completely different network . That means the gateway of the External interface and the hosts in ProxyARPed DMZ zones are in different network. eth0 ---in 220.227.X.Y/30 -- shorewall external interface eth1 ---in 220.227.A.B/27 -- shorewall
2005 Jan 13
6
Shorewall Web Site mirrored in Italy
Lorenzo Martignoni at Univesita` degli Studi di Milano in Milan has established a mirror of the Shorewall web site. http://italy.shorewall.net http://cert-it.dico.unimi.it/shorewall Thanks Lorenzo! -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \
2005 Mar 09
13
Ways to get around DNS names in rules
I''m re-reading the section on dns names in the shorewall docs: "I personally recommend strongly against using DNS names in Shorewall configuration files. If you use DNS names and you are called out of bed at 2:00AM because Shorewall won''t start as a result of DNS problems then don''t say that you were not forewarned." Having been stung by this a few times
2004 Sep 06
10
bug in shorewall shorewall-2.1.7-1 rpm??
Hi! I installed shorewall shorewall-2.1.7-1 on a newly installed box. When using 1.4 versions I could enable shorewall in ntsysv, now shorewall doesn''t show up in ntsysv? I am running shorewall on a RedHat Enterprise Linux rebuild (www.taolinux.org). Is this a bug or a feature?
2003 Jul 21
4
shorewall 1.4.6 question
why say: Shorewall has detected the following iptables/netfilter capabilities: NAT: Available Packet Mangling: Available Multi-port Match: Available Connection Tracking Match: Not available not available ? modules is loaded. or for rule = 0 ? TC_ENABLE=Yes say Error: Traffic Control requires Mangle
2004 Nov 02
3
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 Problems Corrected: 1. The "shorewall check" command results in the (harmless) error message: /usr/share/shorewall/firewall: line 2753: check_dupliate_zones: command not found 2. The