similar to: proxy_arp: Permission denied

Hello everyone, I''m using shorewall successfully on many servers withount any problems and I''m really happy with this great piece of software. But now I ran into a problem with shorewall 3.0.4 on Ubuntu 6.06 running on a vServer. The provider uses virtual interfaces like eth0:vs01 for the customers. The interface eth0 cannot be touched. I''ve read the instructions

(Sorry, my previous post was sent in HTML format) I am having a hell of a time with shorewall... I have a Dlink DCM202 Cable modem with the Ethernet connected directly to eth0 on the linux box. Then I have a second nic on the linux box connected to a hub for the internal network. I am trying to allow traffic from the internet connect to my FTP and WEB servers on my Winbloze box on the lan.

(anonymous post) I have a simple 2 interface firewall setup and all is good, almost. I am hosting virtual websites and DNS behind shorewall no problem. However I am trying to use SFTP via a different port number and have no luck even though Putty works well. Is there anything weird to sftp and shorewall? My lab uses a different firewall (firestarter) and it works OK. I am using; DNAT net

Hello All, I am trying to implement OpenVPN on Fedora core Linux 3 with the latest pathces installed. This server is used only as firewall/internet gateway/proxy/VPN server, with kernel 2.6.1-1.27.FC3 and kernel 2.6.1-1.27.FC3 SMP It has two NIC''s eth0 (10.0.0.150) connected to ADSL, eth1 (192.168.3.12) connected to the local network. I use shorewall 2.4 on this machine. I like to test

Hi, I have a question: What are the limitations of routing between several IP addresses belonging to one interface? I have a box with one network interface, configured to three different IP addresses. It looks something like this: eth0 xxx.xxx.xxx.11 eth0:01 xxx.xxx.xxx.12 eth0:02 xxx.xxx.xxx.13 What I would like to do is allow eth0''s address to accept and open connections to any

I must have something configured wrong somewhere. I''ve enabled proxy-arp on my shorewall 2.0.7 firewall. Works fine for what its supposed to do, I can see all the machines through it great. However, whenever its enabled, the network on the DMZ goes screwy. I''ve narrowed it down to this: when proxy arp is enabled for that interface, like such: echo 1 >

Hello All, I have a question about setting up the shorewall firewall for squid, I followed the instructions on "Using Shorewall with Squid" --> "Squid Running in the DMZ" section. For some reason I am unable to get the program to work. I am able to have the squid work properly by using squidclient program, but once I setup the firewall to use the redirect I am unable to

Clients: Some sites just show the top area not the full page. Some sites cant be reached at all. I think it 90% may be the MTU/MSS problem. But I already have set the shorewall.conf CLAMPMSS=1400 or CLAMPMSS=Yes, but it doest make things good. I would be mad. Anybody helps me would so appreciated! If you want know more info. to diag my problem, I would be please to.

We switched over from a bordermanager firewall to a shorewall firewall. Some stuff is not working now. I realized that I had not created the route for the network that is not working however once I created it, it still didn''t work. Most of our network is fine however some pieces are not working. [Net] - [Shorewall] - [LAN] - [Cisco] - [Clients and servers not working] The firewall

I''m having a problem with the Shorewall firewall and CUPS printing interfering with each other. My Linux firewall machine is acting as both a CUPS server and client for all of my tests. Shorewall 2.0.13 CUPS 1.1.22-2 Linux kernel 2.6.9 CUPS was working fine to print to my Epson C84 (network connected via a Netgear PS101 print server using lpd://PS101.IP.address/raw ) until I

[ sorry for cross-posting this to newbies and users, but I''m a bit desperate to get this resolved ] This is strange... I had this working before without any problems, and recently we started to have some odd issues. I can''t be sure exactly what has changed as I''m unfortunately not the only person with access to the server. {sigh} The problem is that I pretty much

Hello Tom, I''ve been using Shorewall for years without problems. My previous version of shorewall was 1.4.6b-1. Everything worked just fine. Today I upgraded using rpm to 2.0.8-1. After update no one can connect to any interface from net. Server can connect to outside world fine and those described in routestopped have no problem connecting. Any help correcting this problem would be

Hi, I have been a shorewall user for a long time now, and it has been working flawlessly. I have now changed ISP and my new DSL connection is PPPoE. My setup is as follows: internet <--------> 3com812 Officeconnect (bridge mode) <----> eth0 <-------> linux box <----> eth1, eth2, eth3, eth4 <---> other internal networks Things are working fine, but the link is

I am not a member of the mailing list. Shorewall version 2.0.9 ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 4: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000

Hello, I cannot establish Xserver connection via wireless subnet, while telnet is working fine. There was a similar problem before in Shorewall over IPSEC that Tom had fixed. Also, ping is working, but traceroute is not. Finally, PuTTY gets a connectivity error after couple minutes of inactivity over wireless when connected to the firewall/gateway. Wireless is configured per instructions in

Hi, after migrating to shorewall firewall from my own iptables rule set (to utilise freeswan vpn tunnels) I have successfully configured a 3 interface firewall with net2net vpn tunnels, with the help of the shorewall documentation. However I cannot seem to configure my final step which is to masq another subnet attached to my LAN (LANB, via Cisco 1603 router) to get internet access via the

Hi!, I have Fedora 2 installed (Kernel 2.6), 3 interfaces (eth0,eth1,eth2), in the eth1 i have my local network and eth0 the Internet conection, when i do masquerading (eth1 out by eth0) only works for a few minutes. I dont know what i?m doing wrong, or only is an incompability or error between the OS Fedora 2 and the shorewall 2.0.7...i restart the shorewall service ones works anothers doesnt.

Hello I''m new to the list. I installed a vserver (http://www.linux-vserver.org/) on my gentoo server As network interface is used an alias (eth1:0) eth1 is the card of my "loc" zone. eth1:0 has an address from the same subnet from the vserver I can connect to eth0 but not to the internet. From my local net everything works fine. I have an entry in "mask" for eth1

I have a setup with two Internet providers. One circuit (net0 == eth1) is used primarily for employees and tunnels to other sites. The other (net1 == eth2) is for the production machines that customers access. Everythung works in teh sense that packets get to where they are sent (mostly) but I recently I had a sniffer on the system and noticed a problem I cannot solve. traffic coming in

Believe me: Read the FAQ Checked over and over This might be toooooo stupid to be documented. Please bear with me. Any help ? Situation: single card standalone "firewall" (used like a "personal firewall"). Have sshd running on the FW. Want the sshd daemon to be accessible only from 2 LANs: 1) My other home LAN machine 2) IBM intranet machines (9.0.0.0) Whatever I have