Displaying 20 results from an estimated 10000 matches similar to: "proxy_arp: Permission denied"
2006 Oct 21
1
Problem with virtual interface
Hello everyone,
I''m using shorewall successfully on many servers withount any problems and I''m
really happy with this great piece of software.
But now I ran into a problem with shorewall 3.0.4 on Ubuntu 6.06 running on a
vServer.
The provider uses virtual interfaces like eth0:vs01 for the customers. The
interface eth0 cannot be touched. I''ve read the instructions
2005 Dec 08
3
trouble with shorewall on Mandriva 2006 (2nd)
(Sorry, my previous post was sent in HTML format)
I am having a hell of a time with shorewall...
I have a Dlink DCM202 Cable modem with the Ethernet connected directly to
eth0 on the linux box. Then I have a second nic on the linux box connected
to a hub for
the internal network.
I am trying to allow traffic from the internet connect to my FTP and WEB
servers on my Winbloze box on the lan.
2004 Nov 29
2
SFTP
(anonymous post) I have a simple 2 interface firewall setup and all is
good, almost. I am hosting virtual websites and DNS behind shorewall no
problem. However I am trying to use SFTP via a different port number and
have no luck even though Putty works well. Is there anything weird to
sftp and shorewall? My lab uses a different firewall (firestarter) and
it works OK.
I am using;
DNAT net
2005 Jun 27
5
Bridging problem with Shorewall and OpenVpn
Hello All,
I am trying to implement OpenVPN on Fedora core Linux 3 with the latest
pathces
installed. This server is used only as firewall/internet gateway/proxy/VPN
server, with kernel 2.6.1-1.27.FC3 and kernel 2.6.1-1.27.FC3 SMP
It has two NIC''s eth0 (10.0.0.150) connected to ADSL, eth1 (192.168.3.12)
connected to the local network.
I use shorewall 2.4 on this machine.
I like to test
2003 Jan 14
1
Multiple IPs on single interface
Hi,
I have a question: What are the limitations of routing between several
IP addresses belonging to one interface?
I have a box with one network interface, configured to three different
IP addresses. It looks something like this:
eth0 xxx.xxx.xxx.11
eth0:01 xxx.xxx.xxx.12
eth0:02 xxx.xxx.xxx.13
What I would like to do is allow eth0''s address to accept and open
connections to any
2004 Aug 27
3
Proxy Arp Ip Conflicts
I must have something configured wrong somewhere. I''ve enabled proxy-arp on my
shorewall 2.0.7 firewall. Works fine for what its supposed to do, I can see
all the machines through it great. However, whenever its enabled, the network
on the DMZ goes screwy. I''ve narrowed it down to this:
when proxy arp is enabled for that interface, like such:
echo 1 >
2005 Jan 11
1
Squid and DMZ (ProxyARP)
Hello All,
I have a question about setting up the shorewall firewall for squid, I
followed the instructions on "Using Shorewall with Squid" --> "Squid Running
in the DMZ" section. For some reason I am unable to get the program to work.
I am able to have the squid work properly by using squidclient program, but
once I setup the firewall to use the redirect I am unable to
2004 Nov 11
5
URGENT!! some large websites cant be surfered
Clients: Some sites just show the top area not the full page. Some sites
cant be reached at all.
I think it 90% may be the MTU/MSS problem. But I already have set the
shorewall.conf CLAMPMSS=1400 or CLAMPMSS=Yes, but it doest make things
good.
I would be mad. Anybody helps me would so appreciated!
If you want know more info. to diag my problem, I would be please to.
2004 May 17
3
Yikes! Routing issues!
We switched over from a bordermanager firewall to a shorewall firewall.
Some stuff is not working now.
I realized that I had not created the route for the network that is not
working however once I created it, it still didn''t work.
Most of our network is fine however some pieces are not working.
[Net] - [Shorewall] - [LAN] - [Cisco] - [Clients and servers not
working]
The firewall
2005 Jan 09
19
Shorewall and CUPS printing interference
I''m having a problem with the Shorewall firewall and CUPS printing
interfering with each other. My Linux firewall machine is acting as both
a CUPS server and client for all of my tests.
Shorewall 2.0.13
CUPS 1.1.22-2
Linux kernel 2.6.9
CUPS was working fine to print to my Epson C84 (network connected via a
Netgear PS101 print server using lpd://PS101.IP.address/raw ) until I
2004 Feb 26
4
Help! Martians invading through IPSec. :-)
[ sorry for cross-posting this to newbies and users, but I''m a bit
desperate to get this resolved ]
This is strange... I had this working before without any problems, and
recently we started to have some odd issues. I can''t be sure exactly
what has changed as I''m unfortunately not the only person with access
to the server. {sigh}
The problem is that I pretty much
2004 Sep 20
2
After upgrade people can no longer connect
Hello Tom,
I''ve been using Shorewall for years without problems. My previous version of
shorewall was 1.4.6b-1. Everything worked just fine. Today I upgraded using
rpm to 2.0.8-1. After update no one can connect to any interface from net.
Server can connect to outside world fine and those described in routestopped
have no problem connecting. Any help correcting this problem would be
2004 Nov 03
2
PPPoE + Masquedate + Shorewall
Hi,
I have been a shorewall user for a long time now, and it has been
working flawlessly. I have now changed ISP and my new DSL connection is
PPPoE.
My setup is as follows:
internet <--------> 3com812 Officeconnect (bridge mode) <----> eth0
<-------> linux box <----> eth1, eth2, eth3, eth4 <---> other internal
networks
Things are working fine, but the link is
2004 Oct 19
1
Problem with Internal accessing internal via web
I am not a member of the mailing list.
Shorewall version 2.0.9
ip addr show
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
4: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
2005 Feb 05
4
Wireless connectivity issues
Hello,
I cannot establish Xserver connection via wireless subnet, while telnet is
working fine. There was a similar problem before in Shorewall over IPSEC
that Tom had fixed. Also, ping is working, but traceroute is not. Finally,
PuTTY gets a connectivity error after couple minutes of inactivity over
wireless when connected to the firewall/gateway.
Wireless is configured per instructions in
2003 Jul 09
2
router in a subnet again :)
Hi,
after migrating to shorewall firewall from my own iptables rule set (to
utilise freeswan vpn tunnels) I have successfully configured a 3 interface
firewall with net2net vpn tunnels, with the help of the shorewall
documentation. However I cannot seem to configure my final step which is to
masq another subnet attached to my LAN (LANB, via Cisco 1603 router) to get
internet access via the
2004 Aug 21
2
Problems with Version 2.0.7 and Fedora 2
Hi!, I have Fedora 2 installed (Kernel 2.6), 3 interfaces (eth0,eth1,eth2), in the eth1 i have my local network and eth0 the Internet conection, when i do masquerading (eth1 out by eth0) only works for a few minutes. I dont know what i?m doing wrong, or only is an incompability or error between the OS Fedora 2 and the shorewall 2.0.7...i restart the shorewall service ones works anothers doesnt.
2004 Dec 22
2
vserver openvpn
Hello
I''m new to the list.
I installed a vserver (http://www.linux-vserver.org/) on my gentoo server
As network interface is used an alias (eth1:0)
eth1 is the card of my "loc" zone. eth1:0 has an address from the same
subnet
from the vserver I can connect to eth0 but not to the internet. From my
local net everything works fine.
I have an entry in "mask" for eth1
2005 Mar 01
3
Problem with multiple ISP''s
I have a setup with two Internet providers. One circuit (net0 == eth1) is
used primarily for employees and tunnels to other sites. The other (net1 ==
eth2) is for the production machines that customers access. Everythung works
in teh sense that packets get to where they are sent (mostly) but I recently
I had a sniffer on the system and noticed a problem I cannot solve. traffic
coming in
2005 May 25
9
Newbie going through a probably stupid thing
Believe me:
Read the FAQ
Checked over and over
This might be toooooo stupid to be documented.
Please bear with me. Any help ?
Situation: single card standalone "firewall" (used like a "personal
firewall"). Have sshd running on the FW. Want the sshd daemon to be
accessible only from 2 LANs:
1) My other home LAN machine
2) IBM intranet machines (9.0.0.0)
Whatever I have