similar to: Multiple subnets

Hi! This is another thread of "setting gateway in interfaces file" and while i dont want to create any confusion here, i have decided to open a new thread.(which mean Diamond King no longer a subscriber to shorewall-users) Actually, i turned out not to be the MARK issues. Something is missing and i got this error instead :- Setting up Accounting... Creating Interface Chains...

Last question, I promise, I am running PopTop for PPTP on the same box as my firewall. I can connect to the box fine, but nothing will route between the VPN tunnel and the local hosts. I read the Some Hosts have Special Firewalling Requirements article and though it was what I needed, but either I don''t get it, or it doesn''t apply to me. Here is my config: Zones: #ZONE

Hi All, I just joined this list because I am setting up a firewall for my office and decided to use this great piece of software. I am having a problem understanding the documentation in the following areas: 1) shorewall seems to rewrite my routing table removing all my configurations. I have the following setup: at our webserver colo facility Inet --> eth0 (12 M ethernet) local -->

Hi, I have 2 internet nic''s with differents ISPs. eth0 = isp1 eth3 = isp2 My internal network is eth1 # /etc/interfaces net eth0 detect routefilter,norfc1918,blacklist net eth3 detect routefilter,norfc1918,blacklist loc eth1 detect # /etc/policy loc net ACCEPT net net DROP

Shorewall 4.5.15 3 Interface setup em1 p3p1 p4p4 ppp0 Hi, Since changing to NetworkManger on Fedora 18 I can no longer connect to the DSL Modem, which is connected to Interface em1. When the NetworkManger brings up the interfaces and ppp0, it no longer assigns an IP to em1. If I have ppp0 disabled and NetworkManger brings up the interfaces, em1 gets an IP of 192.168.1.2. Then when I get

Although 1.4 is now released, there is one aspect of Shorewall''s design that I''m still quite unhappy with. It involves two areas: a) when and when not to create rules to allow inbound traffic on an interface to be routed back out that same interface. b) intrazone traffic. I''m currently running 1.4.0 plus a change that: a) Allows intrazone traffic unconditionally --

While the subject is new features, here''s something I''d like to see. I''d like to have a way for shorewall to be able to monitor a log file and take an action when a condition is met. For instance, if Shorewall could monitor /var/log/httpd/access_log for entries which I have defined (and know to be an attack), and then take an action such as blacklisting a host or domain

I am considering replacing my old checkpoint and watchguard firewalls witha single Linux box using iptables and shorewall. I have two ISP''s (with separate routing tables), two DMZ''s, at least one VPN to a remote office, and a local trusted network. The configuration will look like: +----------------+ | | net0 ----------+ eth1

On Fri, 2008-08-01 at 03:37 -0700, shorewall-users-request@lists.sourceforge.net wrote: > Re: How to block forwarding by port 25? (John Morris) Thanks, that helped to find out the infected pc in private network, also to stop sending spam without our knowledge. is there a good tutorial how to block p2p sharing and messengers with shorewall? i read some topics and posts in forums, but

Hi, I need some help with a routing/shaping setup that is a bit beyond my current linux routing knowledge. I''ve read the how-to and most of the related mailing list topics, but I still need some help to solve this problem. I''ve been asking questions on various lists, but it seems like the answers just add additional confusion. I decided to just describe what I''m trying

I''m using shorewall 2.0.x at home as an Internet gateway for family. However my brother always plays online games overnight, so my parents asked whether I can do something on the gateway to control the time of accessing the Internet. I planned to put a script on crontab to schedule which it will execute say at 12:00 night daily, the script will execute a command will deny my brother

Hi I''m currently setting up a game server and have opened all ports needed to run it. What other options do I have regarding protecting the open ports? I''m worried about people attacking the open ports to render the server useless. Any help or advice would be appreciated. Thank you. Recoil UK

Hello, I need some help with this problem that i have. I want to accept connection from 1 ip address to my linux box, but i cannot telnet the port 139. I added the rule in rules: ACCEPT net:xxx.xxx.xxx.xxx fw tcp 139 but still i cannot see this port from outside. >From inside the netowork everything is ok. Can someone tell me what i am doing worng? or what i need to do to be able to

Hi! Running chkrootkit on newly installed FreeBSD 5.0 got: -cut- Checking `basename'... not infected Checking `biff'... not infected Checking `chfn'... INFECTED Checking `chsh'... INFECTED Checking `cron'... not infected Checking `date'... INFECTED -cut- Checking `ls'... INFECTED -cut- Checking `ps'... INFECTED Checking `pstree'... not found -cut- What does it

Hi, I have a 4.9-STABLE FreeBSD box apparently hacked! Yesterday I ran chkrootkit-0.41 and I don't like some of the outputs. Those are: chfn ... INFECTED chsh ... INFECTED date ... INFECTED ls ... INFECTED ps ... INFECTED But all the rest is NOT PROMISC, NOT INFECTED, NOTHING FOUND, NOTHING DELETED, or NOTHING DETECTED. I know by the FreeBSD-Security archives that

My machine got hacked a few days ago through the samba bug. I reinstalled everything cvsuped src-all, and ran chkrootkit. No more LKM but still... Can anyone please advise ? bash-2.05b# chkrootkit | grep INFECTED Checking `chfn'... INFECTED Checking `chsh'... INFECTED Checking `date'... INFECTED Checking `ls'... INFECTED Checking `ps'... INFECTED -- Jay -------------- next

Hi everyone, I know there have been several requests regarding subsetting before, but none of them really helps with my problem: I'm trying to subset only infected individuals from the REC2 data.frame: > str(REC2) 'data.frame': 362 obs. of 7 variables: $ RINGNO : Factor w/ 370 levels "BL17546","BL17577",..: 78 81 67 41 58 66 17 $ year : Factor w/ 8

Hi I have data from 12 subjects. The measurement is log(expression) of a particular gene and can be assumed to be normally distributed. The 12 subjects are divided into the following groups: Infected, Vaccinated, Lesions - 3 measurements Infected, Vaccintaed, No Lesions - 2 measurements Infected, Not Vaccinated, Lesions - 4 measurements Uninfected, Not Vaccinated, No Lesions - 3 measurements

I ran chkrootkit ( v. chkrootkit-0.43 ) earlier and noticed that chfn, date, and chsh showed as being infected. I remember reading post from the past that right now chkrootkit is giving alot of false positives, so I suspected that these 3 binaries are not bad. However, to be on the safe side, I deleted the 3 binaries, removed /usr/src and did a 'make world' to 4.10-STABLE. But, chfn,

Hello I''ve got a problem with my shorewall. It still wont route the ICQ file-transfers through the fw box. I''ve put those 2 lines into the rules-file DNAT net loc:192.168.0.1 tcp 3001:3020 DNAT net loc:192.168.0.1 udp 3001:3020 and set up my client to use 3001:3020 for file transfers, but i cant get anything