Displaying 20 results from an estimated 40000 matches similar to: "Problem with Shorewall 1.4.1"
2003 Apr 10
2
Shorewall 1.4.2
This is a minor release of Shorewall.
Problems Corrected:
1) TCP connection requests rejected out of the common chain are now
properly rejected with TCP RST; previously, some of these requests
were rejeced with an ICMP port-unreachable response.
2) ''traceroute -I'' from behind the firewall previously timed out on the
first hop (e.g., to the firewall). This has been
2006 Mar 28
0
Shorewall 3.0.6
http://www1.shorewall.net/pub/shorewall/3.0/shorewall-3.0.6/
ftp://ftp1.shorewall.net/pub/shorewall/3.0/shorewall-3.0.6/
Coming soon to a Mirror near you.
Problems corrected in 3.0.6
1) A typo in the output of "help drop" has been corrected.
2) Previously, ''shorewall start'' would fail in the presence of a network
interface named ''inet''.
3)
2003 Nov 07
0
Shorewall 1.4.8
Currently at:
http://shorewall.net/pub/shorewall/shorewall-1.4.8
ftp://shorewall.net/pub/shorewall/shorewall-1.4.8
Coming soon to a mirror near you.
This is a minor release of Shorewall.
Problems Corrected since version 1.4.7:
1) Tuomo Soini has supplied a correction to a problem that occurs using
some versions of ''ash''. The symptom is that "shorewall start"
2004 Nov 04
0
Preparing for Shorewall 2.2
Shorewall 2.2.0 is expected to be released in the February/March
timeframe so it is now time to begin thinking about preparing to
upgrade. This is particularly important for those of you still running
Shorewall 1.4 since support for that version will end with the release
of 2.2.
For those of you still running Shorewall 1.4, here are some things that
you can do ahead of time to ease the upgrade to
2004 Oct 04
1
Shorewall-users Digest, Vol 23, Issue 4
Sorry some email problem, i have change it for more reliable one.
I have try this morning to netmasq 192.168.11.0 (eth1) to 192.168.1.0
(eth0), but it is a mistake.
Yes thank you for answering so fast !
I have corrected it, here the new diagram and the new routing table. But it
still doesn''t work. From the router i can access to 192.168.11.254 I have
add the rules :
DNAT loc
2004 Oct 03
1
RE: Shorewall-users Digest, Vol 23, Issue 4
Yes thank you for answering so fast !
I have corrected it, here the new diagram and the new routing table. But it
still doesn''t work.
>From the router i can access to 192.168.11.254
I have add the rules :
DNAT loc priv:192.168.11.254:22 tcp 22
But i can''t connect to 192.168.11.254 from LAN
The DNAT fonction doesn''t work, but i can DROP packet arriving on eth0 (loc)
2004 Dec 26
1
Preparing for Shorewall 2.2 -- End of Support for Shorewall 1.4 is near!
Shorewall 2.2.0 is expected to be released in the February/March
timeframe so it is now time to begin thinking about preparing to
upgrade. This is particularly important for those of you still running
Shorewall 1.4 since support for that version will end with the release
of 2.2.
For those of you still running Shorewall 1.4, here are some things that
you can do ahead of time to ease the upgrade to
2004 Apr 01
0
Shorewall 2.0.1 RC4
This is a one-line change to the ''firewall'' script to restore the
''routeback'' interface option to health.
http://shorewall.net/pub/shorewall/Beta
ftp://shorewall.net/pub/shorewall/Beta
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2004 Jul 24
0
Re: [Fwd: Re: Shorewall and VPN]
Nathan Gehman wrote:
> The reason I asked is I am unable to remote desktop over the VPN. With the
> rules as you sent them.
>
> Nothing shows up in the firewall logs however, until I close the dialup
> connection.
There is a potential routing problem when you try to use the remote
desktop -- is the workstation that you are trying to connect to via
remote desktop routing
2004 Apr 02
0
Shorewall 2.0.1-RC5
And the bugs just keep appearing...
FWIW, the changes from 2.0.0 to 2.0.1 are more extensive and more
complex than those between 1.4.10 and 2.0.0.
This RC corrects two problems:
a) The ''routeback'' option in the /etc/shorewall/hosts file had been broken.
b) When two bridge ports were assigned to the same zone, Shorewall did
not create a rule to allow traffic between the
2004 Sep 23
0
Fwd: RE: 2.6 kernel ipsec and shorewall
FYI...
---------- Forwarded Message ----------
Subject: RE: [Shorewall-users] 2.6 kernel ipsec and shorewall
Date: Thursday 23 September 2004 07:44
From: "Jonathan Schneider" <jon@clearconcepts.ca>
To: "''Tom Eastep''" <teastep@shorewall.net>
I must have been up too late working on this, looking at it the next day I
noticed I completely forgot
2004 Sep 27
1
Re: routing between networks on same
Hi Tom,
Thank you for your quick reply.
I aplied changes as you suppose, and now users can
comunicate each with others. - thank you very much.
I have just one aditional question regarding
PKTTYPE=No variable.
I didnt find it in shorewall.conf so I simply add it
at the end of conf file (above #Last line :-) ) So
question is it is standard feature of shorewall, and
from which version it is
2003 Mar 21
0
Shorewall 1.4.1 is currently in CVS
It''s in the /Shorewall and /Shorewall-docs projects. I plan to run it over
the weekend and release it Sunday night.
-Tom
PS: Francesca - no need to upgrade the Samples this time since none of the
changes affect the sample configurations (other than the config file
comments).
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://shorewall.sf.net
Washington USA \
2004 Nov 02
3
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2004 Nov 02
0
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2013 Jun 10
0
Shorewall 4.5.18 Beta 2
Beta 2 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) This release includes all defect repair from Shorewall 4.5.17.1.
2) The following warning message could be emitted
2004 Sep 29
0
Re: Shorewall-users Digest, Vol 22, Issue 65
Hi
I have 2nic firewall . I had to open some ranges of udp and tcp ports . I
faced a problem that although all the ports are open Some functionality was
not working . Any body used shorewall with H323 Voip traffic DNATed . Any
help is appretiated .
Thanks
----- Original Message -----
From: <shorewall-users-request@lists.shorewall.net>
To: <shorewall-users@lists.shorewall.net>
Sent:
2006 Oct 17
1
Re: Tc rules Help with multiISP + squid& squidguard...
I have delete "lo" Zones And Interface and rebuild all the firewall
>From Local I ping www.google.fr with DNS resolution
DNSMASK installed on the firewall.
POSTFIX and Squid+SquidGuard Installed on firewall
All clients machines have the IP of Firewall for Dns resolution
New Dump joint
Without Squid : I surf and all works perfectly
With Squid And REDIRECT rule : surf Is VERY TOO
2004 Oct 06
1
Re: VPN/ipsec naming of interfaces
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
claas@rootdir.de wrote:
> Hello!
>
>
> Machine A
> WAN IP: 123.123.123.111
> LAN IP: 192.168.177.1
>
>
> Machine A wants to connect through an IPsec tunnel to 192.168.176.2
tcp 110 (pop3).
>
> kernel: Shorewall:all2all:REJECT:
> IN= OUT=ppp0 SRC=123.123.123.111 DST=192.168.176.2
> LEN=60 TOS=0x10
2003 Mar 11
2
Shorewall 1.4.0 RC3
I anticipate that this will be the last RC unless problems are discovered.
Changes since RC2 include:
* The default route is now ignored when Shorewall is detecting masqueraded
networks. A warning message is issued if the default route goes through the
source interface (normally, the destination interface is the firewall''s
external interface and therefore, the default route would go