similar to: Problem with samba broadcast

Currently I have shorewal 2.2 installed om my debian 2.6.8 kernel. The firewall machine can access the internet via a ethernet modem fine. The firewall can ping the local network. The local network can ping the firewall server, see the samba files. Howeven teh local network cannot access the internet through the firewall Any suggestions? Rob van Overbruggen Settings and stats: Server: Eth1 :

I wonder if someone can tell me what these ''unknown'' remarks mean in my status file. They are only in the last portion of the file and are listed below. If they mean nothing, I will rest easy. But if not it means I need to fix something. Your thoughts would be appreciated. ---------------- udp 17 92 src=24.224.173.220 dst=24.222.0.75 sport=1027 dport=53 src=24.222.0.75

https://bugzilla.netfilter.org/show_bug.cgi?id=1203 Bug ID: 1203 Summary: 'DisableExternalCache On' seems to be broken Product: conntrack-tools Version: unspecified Hardware: All OS: Ubuntu Status: NEW Severity: normal Priority: P5 Component: conntrack-daemon Assignee:

Unreplied message when i try to connect to an internal system I''ve set up a shorewall 3.0.5 system on Fedora core 4 When i want to connect from an external computer to one in my network it does not reply. I connect from 212.19.195.160 to 212.178.64.74 trough port 8080 The rule i made is: DNAT  net   loc:192.168.0.20:80  tcp  8080 - 212.178.64.74 (and 192.168.0.20 can be reached

I am having a problem with connections from a server behind a shorewall firewall. Both machines are running redhat 8.0 with a custom 2.4.20 kernel. The problem lies with a mail server I am configuring which has been able to send mail to all hosts, except this one. The connection starts with the SYN_SENT, and then just hangs there. (telnet to remote server on port 25 just hangs trying to

(Sorry, my previous post was sent in HTML format) I am having a hell of a time with shorewall... I have a Dlink DCM202 Cable modem with the Ethernet connected directly to eth0 on the linux box. Then I have a second nic on the linux box connected to a hub for the internal network. I am trying to allow traffic from the internet connect to my FTP and WEB servers on my Winbloze box on the lan.

---------- Original Message ---------------------------------- From: "Jim Van Eeckhoutte" <jim@vaneeckhoutte.com> Reply-To: <jim@vaneeckhoutte.com> Date: Mon, 8 Jul 2002 15:27:14 -0700 this is shorewall status output: tcp 6 431899 ESTABLISHED src=192.168.20.5 dst=64.4.12.45 sport=2185 dport=1863 src=64.4.12.45 dst=63.25.123.58 sport=1863 dport=2185 [ASSURED] use=1

I must have something configured wrong somewhere. I''ve enabled proxy-arp on my shorewall 2.0.7 firewall. Works fine for what its supposed to do, I can see all the machines through it great. However, whenever its enabled, the network on the DMZ goes screwy. I''ve narrowed it down to this: when proxy arp is enabled for that interface, like such: echo 1 >

sorry, i''m confuse where to post my problem.. i was post to shorewall-users, but must read to support.html this''s my problem ----------- i have squid running on DMZ zone and my network using ProxyARP on eth1 and eth2 mylinuxbox slackware 9.2 my network can access to internet normal, but can''t redirect to squid server from firewall. sometimes my network can connect

Hi Tom Here is the output of shorewall status Thanks Lars [H[2JShorewall-2.0.13 Status at - Thu Dec 30 21:43:44 CET 2004 Counters reset Thu Dec 30 15:38:17 CET 2004 Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 38383 11M ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 DROP !icmp --

I have what strikes me as an odd problem with shorewall. Let me describe my setup. My desktop (alfred) is connected to the network through an ADSL modem. I am running rp-pppoe, and this works perfectly. I have a small home network, with two LANs; an Ethernet LAN (including a machine running Windows XP), and a WiFi LAN, including the laptop (william) I am using now. All the computers except for

Hi, Trying to figure out why I cannot get access to dell.com Their site is up because I can browse using a different firewall. Trying to find out where the logs are located and what log files it would write to if it were to deny browsing to a website. I can see the [UNREPLIED] when using the shorewall status. Was hoping to know what logfile it is writing it to. Thanks in advance, Elmer

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=70 Summary: udp connection(snmp) not being tracked. Product: netfilter/iptables Version: patch-o-matic Platform: All OS/Version: Debian GNU/Linux Status: NEW Severity: major Priority: P2 Component: connection tracking AssignedTo:

Hi, I have a proxy/firewall, I want to dnat requests for 193.205.140.106 on port 443 towards 10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389 towards 10.2.15.25, these rules must apply from internet, loc and fw (some client use a proxy on fw to reach these servers) I have tried with the following rules: DNAT net dmz:10.2.15.23 tcp 443 -

Hi, I''m really new to traffic shaping and try to implement the wshaper.htb script. I have a linux box that serves as vdr, mldonkey, samba, apache and mailserver (imap), connected to my LAN with 100mbit. I''m connected to the inet via adsl with a hardware router/firewall, got 384k downlink 64k uplink. When I have mldonkey running, imap (via Outlook) gets *very* slow (mails with

I have problem getting answer on http request from all my local subnets but not from local subnet. Ping and requests on ports 21 22 23 25 110 works fine. I logged port 80 in rules files and I got accept entry same for local subnet and other subnets. Local subnet is 192.168.6 Dec 29 09:52:40 zinfsrv2 kernel: Shorewall:loc2fw:ACCEPT:IN=eth0 OUT= MAC=00:09:6b:07:ca:cc:00:10:b5:fa:bd:71:08:00

Typically (or at least somewhat occasionally) after a reboot of my shorewall[-lite] machine I find that I end up with conntrack table entries for unNATted connections such as: # conntrack -L -p udp --dport 5060 -d 99.232.11.14 udp 17 59 src=10.75.22.8 dst=99.232.11.14 sport=5060 dport=5060 packets=5472 bytes=3031488 [UNREPLIED] src=99.232.11.14 dst=10.75.22.8 sport=5060 dport=5060 packets=0

#!/bin/sh PPP=(ppp0 ppp1) IP=(`ifconfig ${PPP[0]}|sed -n 2p|column -s ":" -t|awk ''{print $3}''` `ifconfig ${PPP[1]}|sed -n 2p|column -s ":" -t|awk ''{print $3}''`) GATEWAY=(`ifconfig ${PPP[0]}|sed -n 2p|column -s ":" -t|awk ''{print $5}''` `ifconfig ${PPP[1]}|sed -n 2p|column -s ":" -t|awk ''{print

Hi I''m looking for a quick recipe for a newbie to control http traffic in my linux gw. My internet is overloaded already and vpn external clients are experiencing troubles (disconnecting in peak hours). Any suggestions ? Regards Guillermo Caracas/Venezuela On Thu, 2004-05-06 at 14:40, lartc-request@mailman.ds9a.nl wrote: > Send LARTC mailing list submissions to >

the establishment of an openvpn link sometimes fails. I tracked it down to network traffic with wrong Sourceport in the answer packet (should be 1300 not 1024): 2 1.119309000 aaa.185.165 bbb.162.192 UDP 58 Source port: 1300 Destination port: 1300 3 1.119446000 bbb.162.192 aaa.185.165 UDP 66 Source port: 1024 Destination port: 1300 and a collateral entry in the connection tracking table