Displaying 20 results from an estimated 5000 matches similar to: "Shorewall 1.3.8"
2005 Apr 19
14
allow ssh access from net to fw?
Hi,
I''m trying to enable ssh (when that works, want to add:pop3s,smtp,web) from
the internet to the firewall but it does not work.
I managed to DNAT ftp to a host in the loc network (192.168.0.50) successful
but I don''t know why SSH:
Does not work for me:
ACCEPT net fw tcp 22
Works from the loc network:
ACCEPT loc fw tcp 22
I have tried also with (no success):
AllowSSH
2005 Jun 06
23
Multi-ISP in 2.4.0
Hello Shorewall list,
I''m a happy Shorewall user since a few years now and everything works fine
for me except one thing that I try to implement since a week, the multi-isp.
I''ve downloaded the 2.4.0 Stable release yesterday and tried the RC2 since a
week.
My config is a Debian running a kernel 2.4.27 home made with the
CONNMARK.diff patch applied
I''m using 2 ISP,
2005 Jan 23
15
Idea: permit /etc/shorewall/masq to contain zones, as well as interfaces
Dear All,
Firstly, thank you very much - shorewall is great. I''m not a member of
this list, and please forgive me if I am suggesting something stupid, but
the following occurs to me, and I thought it might be useful.
Why no make it possible to specify zones as well as interfaces in the
/etc/shorewall/masq file ?
Eg: instead of:
eth0 eth1
one might write:
net loc (or masq in
2010 May 10
4
Port Masquerading
Hi,
I am wondering if it is possible to do the following with shorewall.
I operate a network with some additional IP''s that are SNAT''d to various server machines on my network.
One of my machines is a Terminal server.
I need to be able to RDP to various servers for clients, that are IP locked for RDP on my PtP address, not the SNAT address of my Terminal server.
Can I
2012 Dec 29
10
How could I open Port 1701 for VPN l2tp/ipsec
Hello Mailinglist,
please excuse my bad english - but I am not a native speaker.
My Network looks like this:
Internet --- dyn. IP --- Firewall (shorewall) --- LAN (192.168.X.X)
No I try to connect my iphone (from mobile Internet G3) over VPN
(l2tp/ipsec) with the firewall.
But I canĀ“t open the necessary Port 1701.
/var/log/syslog
...
Dec 30 00:24:29 router kernel: [226128.293757]
2006 Mar 25
2
Multiple uplink problems
I''ve installed Shorewall 3.0.5 on a Debian Sarge box, and I''m
attempting to route internet traffic through a couple of ISPs, and I''ve
come up against some problems.
The first is that one of my links is a pppoe connection to a wireless
modem, and I can''t configure it to have a static IP address...
therefore I can''t see how I can set up the two
2004 Oct 22
6
Bluetooth, palm, ppp and shorewall
Hi Folks!
I''m new to shorewall (in the process of switching from Bastille), and I
have a question as to how to address using Bluetooth enabled Palms with
a BT dongle on a linux box protected by shorewall.
Basically I followed the directions located at
http://www.metacon.ca/bcs/view.php?page=bluetooth
to get things working strictly with iptables, specifically:
echo
2009 Oct 23
9
sip/iax problem - udp conntrack entries not getting destroyed
Hello all,
I have an asterisk sip/iax peer behind a linux gateway doing nat. I''m using
pppoe with a dynamic ip that changes frequently.
The problem is when the line drops the sip/iax registrations drop as well,
and they don''t register thereafter. When I check the conntrack entries, I
noticed the entries still have the old wan ip address and because of
keepalive (i''m
2000 Dec 04
4
Load Sharing PPP Connections on an Masqed LAN
Hi, can anyone help me with this problem i''ve got!
I have a problem with routing on my Mandrake 7.2 Linux Box i was wondering if you could help me with. I live
in Australia and as broadband access isn''t very available at the moment, i have 2 modems to dialup to my isp
(dynamic ips assigned) to increase my bandwidth at an affordable level. What currently happens is i have a
2006 Mar 14
9
firewall problem
snat not working
my local ip is aaa.aaa.aaa.aaa
asterisk sitting on the internet at ip bbb.bbb.bbb.bbb
my firewall''s internal ip is 192.168.0.254
i did snat:
iptables -t nat -A POSTROUTING -o ppp0 -j SNAT --to aaa.aaa.aaa
iptables -t nat -L -v gives:
Chain POSTROUTING (policy ACCEPT 23663 packets, 2182K bytes)
pkts bytes target prot opt in out source
destination
33056
2005 Mar 01
11
Can''t connect to Modem
Shorewall version 2.2.1
2 Interface setup.
eth1: 10.10.1.3
eth0: 192.168.1.2
modem is 192.168.1.1
I need to be able to connect to my adsl modem, but when shorewall is up I
get connection rejected.
I have added "192.168.1.1 RETURN" above the line "192.168.0.0/16 logdrop #
RFC 1918" in "/etc/shorewall/rfc1918" but still getting connection
rejected
Is there
2003 Jan 08
14
prerouting newbie question/mistake :)
Hola and thanks for any help in advance
I installed mandrake 9 a few days ago and wanted to set up some
additional rules to shorewall, bu i failed :)
What i want to do is basicly route any incomming udp and tcp packets on
port 4665 to a workstation behind the router.
router with mandrake 9, eth0 (192.168.0.1) internal net, eth1(10.0.0.0)
connected to dsl modem and gets a dynamic ip
2006 Mar 24
10
Multi-ISP with one Dynamic IP
I have two feeds, one with a static IP and one with a dynamic IP. How
can I configure a Multi-ISP setup with the dynamic IP, or can I? I don''t
think the gateway will change, just the interface IP.
--
Chris Mason
NetConcepts
(264) 497-5670 Fax: (264) 497-8463
Int: (305) 704-7249 Fax: (815)301-9759 UK 44.207.183.0271
Cell: 264-235-5670
Yahoo IM: netconcepts_anguilla@yahoo.com
--
2007 Feb 09
26
transient "martian source ..." errors
Hi All,
As you probably all know :-) I''m trying to do the multi-isp thing. I''ve
resolved my last issue with the route_rules as suggested by Tom and
Jerry suggested.
Lately I have been seeing "transient" (I say transient because the
problem will persist for a while and then magically clear itself up some
number of minutes later) situations where my gateway will log:
2013 Apr 19
1
Can't connect to DSL modem on em1
Shorewall 4.5.15
3 Interface setup
em1
p3p1
p4p4
ppp0
Hi,
Since changing to NetworkManger on Fedora 18 I can no longer connect to the
DSL Modem, which is connected to Interface em1.
When the NetworkManger brings up the interfaces and ppp0, it no longer
assigns an IP to em1.
If I have ppp0 disabled and NetworkManger brings up the interfaces, em1
gets an IP of 192.168.1.2.
Then when I get
2005 May 11
2
Multiple Internet links - routing traffic to the correct one.
Hi all,
I have the following configuration:
_______
+------------+ /
diginet link | | |
+-------------+ Provider 1 +-------
__ | | | /
___/ \_
2002 Aug 20
5
how to limit connections from certains inet subnet the best way?
Hello all,
i am new to shorewall and i already have a question ;)
i am running a mailserver in my dmz (or actually this will be when =
evertything will be working fine with shorewall) with public ip =
addresses.. i have a subnet of 8 ip addresses (255.255.255.248 mask) and =
i was planning of the classic 3 nic (eth0-2) setup... the dmz should =
work with proxy-arping...=20
now my quesion is
2013 Nov 21
14
openvpn restart fails with dual entry in conntrack and wrong sourceport
the establishment of an openvpn link sometimes fails.
I tracked it down to network traffic with wrong Sourceport in the answer
packet (should be 1300 not 1024):
2 1.119309000 aaa.185.165 bbb.162.192 UDP 58 Source port: 1300
Destination port: 1300
3 1.119446000 bbb.162.192 aaa.185.165 UDP 66 Source port: 1024
Destination port: 1300
and a collateral entry in the connection tracking table
2005 Mar 06
1
3 Interface problem
Having a problem with the 3 interface setup. I can get DMZ hosts, and
FW to see internet, but anything on LOC interface is unable to get
out. My first post to the list didn''t have the information needed,
sorry for that, but thank you for pointing me to more resources. I''ve
looked at the problem myself some more, but am still stuck.
Shorewall Version: 2.2.1
ip addr show
1:
2005 May 21
3
IP Masquerading trouble
Hi all,
I have a problem to get my Linux machine to masquerade for other computers
on the network. My main machine is connect to the ADSL modem on eth0. The
machine also has another network card, eth1 which connects directly to the
other computer. Both machines can ping each other fine, but I can''t access
the net from the other (Windows) system.
IP Configuration on the linux