similar to: Typo in "Upgrade Issues #7"

On Wed, 2003-07-09 at 08:53, Jonas Anderson wrote: > Hi! > > I''ve been searching for information about using Shorewall as a > bridging firewall. I wonder if you have any documentation regarding > this subject. > Shorewall doesn''t work with bridging. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As I pointed out to Wilson in a private message, this appears to show that no other connection requests (other than port 3000) are being sent from the client to the server (or at least no other connection requests are being received by the Shorewall box). Wilson: Are you sure that the client is supposed to open port 3001 on the server and not the

The Shorewall project at sourceforge has been upgraded to Allura. If you have a copy of the git repository, you need to check out a fresh copy from the new locations: git clone ssh://teastep@git.code.sf.net/p/shorewall/code shorewall git clone ssh://teastep@git.code.sf.net/p/shorewall/release release git clone ssh://teastep@git.code.sf.net/p/shorewall/tools tools git clone

FYI... ---------- Forwarded Message ---------- Subject: RE: [Shorewall-users] 2.6 kernel ipsec and shorewall Date: Thursday 23 September 2004 07:44 From: "Jonathan Schneider" <jon@clearconcepts.ca> To: "''Tom Eastep''" <teastep@shorewall.net> I must have been up too late working on this, looking at it the next day I noticed I completely forgot

Hi I have 2nic firewall . I had to open some ranges of udp and tcp ports . I faced a problem that although all the ports are open Some functionality was not working . Any body used shorewall with H323 Voip traffic DNATed . Any help is appretiated . Thanks ----- Original Message ----- From: <shorewall-users-request@lists.shorewall.net> To: <shorewall-users@lists.shorewall.net> Sent:

FYI This bug will prevent ''shorewall restore'' from working if you have "!<single IP address>" in the ORIGINAL DEST column. -Tom ---------- Forwarded Message ---------- Subject: [PATCH] Another iptables-save buglet Date: Wednesday 14 September 2005 15:09 From: Tom Eastep <teastep@shorewall.net> To: netfilter-devel@lists.netfilter.org The conntrack

http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 Problems Corrected: 1. The "shorewall check" command results in the (harmless) error message: /usr/share/shorewall/firewall: line 2753: check_dupliate_zones: command not found 2. The

Why ping google ??? you should either ping your assigned external ip address ( make your config dhcp for your external ip address even if it is static ) ( If your dsl link is up you sould have an address if not you should not ) If for some reson you cannot do that, ping your isp''s default gw or someone closer. With google you never know what is going on. I do something similar with -m

http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 Problems Corrected: 1. The "shorewall check" command results in the (harmless) error message: /usr/share/shorewall/firewall: line 2753: check_dupliate_zones: command not found 2. The

And Andrew -- PLEASE don''t reply off-list. I''m not a private help desk... -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net ---------- Forwarded message ---------- Date: Mon, 25 Aug 2003 19:01:34 -0700 (Pacific Daylight Time) From: Tom Eastep <teastep@shorewall.net> To: andrew

Opps! After reading the email below I noticed something in ''ifconfig''. The wireless interface is ''wlan0'' not ''wan0''. I modified the wireless interface in /etc/shorewall/interface to wlan0 started shorewall I can connect eo the INTERNET with shorewall running Horace From: Horace Franklin Jr

I´ve figured out the following. I am able to sftp from shorewall 2.4.2 left vpn gateway x.x.x.14 (DMZ) to shorewall 2.4.1 fw x.x.x.11 with /etc/shorewall/proxyarp x.x.x.14 eth2 eth0 No very well. That´s not through a tunnel (of course a ssh tunnel, but no vpn) but with public ip x.x.x.14 to x.x.x.11 If I try to sftp through the fw to the public internet I have the same

Hiya, My two cents here .. I use a locked down Linux Sendmail relay (use sendmail null-client feature on any spare old server or PC) in my DMZ to relay Mail to the exchange server in my local zone. Its sort of the moat you have to cross over to get at the castle walls and the hot oil dumped on your head approach. Francesca C. Smith Lady Linux Internet Services 1801 Bolton Street # 1 Baltimore,

On the upgrade issues page (http://www.shorewall.net/upgrade_issues.htm) you will find a number of sections with names like "Version >= 1.4.0", "Version >= 1.3.14", etc. The section entitled "Version >= 1.4.0" presents the considerations if you are upgrading from version 1.3.14 only. So If you are upgrading from version 1.3.10, you should also read the

Yes thank you for answering so fast ! I have corrected it, here the new diagram and the new routing table. But it still doesn''t work. >From the router i can access to 192.168.11.254 I have add the rules : DNAT loc priv:192.168.11.254:22 tcp 22 But i can''t connect to 192.168.11.254 from LAN The DNAT fonction doesn''t work, but i can DROP packet arriving on eth0 (loc)

The ''detectnets'' interface option has always been a rather silly feature. For incoming packets, it duplicates the function of the ''routefilter'' option. It provides no value on output since it enforces the same thing that the routing table does. In other words, if you set ''routefilter'' and ''log_martians'' you get the same

The administrator of the main web/ftp site has informed me that the site is currently down. Until service is restored, you can use: http://www1.shorewall.net ftp://ftp1.shorewall.net Sorry for the inconvenience. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \

The first 1.4.0 Beta is now available at: http://www.shorewall.net/pub/shorewall/Beta ftp://ftp.shorewall.net/pub/shorewall/Beta Function from 1.3 that has been omitted from this version includes: 1) The MERGE_HOSTS variable in shorewall.conf is no longer supported. Shorewall 1.4 behavior is the same as 1.3 with MERGE_HOSTS=Yes. 2. Interface names of the form

David wrote: In the future, please send your problem report to the Shorewall Users list. If you are paranoid about posting your configuration to the list, you can send the dump OUTPUT to support@shorewall.net. > I recently installed Engarde Secure Linux, version 3.0.18.i868, on an HP > Pavilion 523n desktop PC. Has an AMD Athlon 2200+ processor. Nothing > else is installed on the

Here is the proposed content -- I''m looking for a Beta to start in the next week or so with release around the middle of next month. The main focus of 1.4 will be to provide external behavior similar to the upcoming 2.0 release. Function from 1.3 that has been omitted from this version includes: 1) The MERGE_HOSTS variable in shorewall.conf is no longer supported. Shorewall 1.4