similar to: OT: Why slow mail-check on wireless?

Hi, I am trying to redirect my subnet thru squid and it seems to be working. However I decided tu exclude two hosts from the redirect (ie acces the net directly) and can''t manage to achieve that. I am using the following rule: REDIRECT loc:!192.168.13.48,!192.168.13.200 3128 tcp 80 - With this rule everything gets redirected thru squid. I also tried:

I have some hosts in a DMZ zone with proxyarp. In my local zone I have a host to which I DNAT. I have discovered that I can reach the host in the local zone by attempting to connect to the fw (As expected) or ANY proxyarped host in my dmz zone (as not expected). Is this normal ? (I''ve just discovered that actually the dnated host answers to requests sent to any IP routed to my host!)

Hi, I have shorewall 2.0.8 installed on a linux box. Recently I moved to a setup with a front/back firewall With shorewall acting as a front firewall and M$ ISA Server 2004 acting as a back firewall. I turned all ''intrusion alerts'' On at the ISA server expecting not to get any since shorewall should block everything. Now to the problem: I am getting quite a few alerts

Hi, I wrote a mail a few days ago concerning my setup with a front/back firewall, shorewall being front and ISA server 2004 acting as back firewall. I said that ISA server is logging some "intrusion attempts" namely requests coming from external interface to the internal network. As this shouldn''t happen (all intrusion attempts should be stopped by shorewall) I begun to

I''ve set up shorewall with the two-interface mode. pc #1 eth1 ---> ppp0 ---> Internet eth1: 10.10.10.254 eth0: 10.10.10.1 > via a crossover cable pc #2 eth0: 10.10.10.2 (gateway=10.10.10.254) I am able to surf the net with pc #1, but pc #2 is completely cut off from pc #1 and the net. I am also unable to ping from and to pc #2.

Hello, Which port Smb4K uses? I am not able to use Smb4K on my server for the local network. Thanks Varun

Hello, I''m a very happy user of shorewall but I have found a problem or maybe a misconfiguration I made which I can not resolve. I use a fairly large blacklist based on probes, nimda & codered attacks, proxy & relay probes etc. The only problem is that I want to block incoming trafic on all ports FROM a block but it does also block a httpd, ping etc TO a ip in a block what I do

Since you''ve started signing your email, Tom, my machine can''t verify your sig. Where are you publishing your key? -- John Andersen - NORCOM http://www.norcomsoftware.com/

Good point Stijn, I am sorry to post without subject and such it must be the early morning. The relevant entries in my rules file: ACCEPT net fw tcp 25 ACCEPT net fw tcp 80 ACCEPT net fw tcp 22 ACCEPT net fw tcp 21 ACCEPT net fw udp 21 REJECT loc

How does one interpret the mac addresses in the log which seem to have 14 segments... Example, this appears in the log... 00:40:c7:2e:09:c0:00:01:64:4a:70:00:08:00 Yet I can''t find that in the arp table norcomix:~ # arp -an ? (192.168.2.148) at 00:10:4B:6A:AE:E7 [ether] on eth1 ? (192.168.2.149) at 00:D0:B7:1D:F2:F2 [ether] on eth1 ? (24.237.19.16) at 00:10:DC:67:BA:80 [ether] on eth0 ?

First of all, My apologies for this maybe slight OT post, but I have so much confidence and read so much good replies on this list, that I am still asking my question. I''m looking for a linux distribution to use on our school''s homemade routers. The routers are small miniITX based systems with 2 network interfaces. I added a 4 port D-Link network card in some cases, when I

Hello, I want VNC Server,which is outside my network ,add my VNC Client, which is behide shorewall box. How should I config the rule? TIA Thongchai

Whilst configuring another shorewall firewall router for another site, I must have made some totally newbie error.... While directly on the cable modem, it works great. But when placed on the LAN side of my existing Shorewall box, the NEW shorwall box could not ping, or look up dns or anything else. If I shutdown shorewall (clear) in the NEW box then it could surf the net and ping etc. When

Hola and thanks for any help in advance I installed mandrake 9 a few days ago and wanted to set up some additional rules to shorewall, bu i failed :) What i want to do is basicly route any incomming udp and tcp packets on port 4665 to a workstation behind the router. router with mandrake 9, eth0 (192.168.0.1) internal net, eth1(10.0.0.0) connected to dsl modem and gets a dynamic ip

I''m using shorewall 2.0.x at home as an Internet gateway for family. However my brother always plays online games overnight, so my parents asked whether I can do something on the gateway to control the time of accessing the Internet. I planned to put a script on crontab to schedule which it will execute say at 12:00 night daily, the script will execute a command will deny my brother

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 DeveloperCube is a new project started by veterans of the web development industry. We are proud to announce that we are now the Official Shorewall Support Forum. We are an online community offering discussion geared towards web developers, designers, and administrators of all skill levels. There are topics ranging from how to market your website,

Hi, I''m a home user who doesn''t understand the workings of the Shorewall firewall (or the linux OS on which I''ve just installed it) very well. Having just installed Shorewall 1.4.6c with a default "home user" configuration I gave it a run against the online ShieldsUp scan. Main surprise was that the ICMP echo was enabled. I''ve since gone into

Happy New Year to everyone: I have followed the instructions at shorewall.net/samba.htm. I''ve restarted the samba server, shorewall, rebooted, everything. And from my network I cannot browse available shares on the firewall (192.168.1.1) telnet 192.168.1.1 138 fails with connection refused, which I don''t understand. All other open ports respond with a string. -- Philip

A violent wind storm is expected in western Washington state later today and such storms often produce power/communications outages. I''ll do what I can to keep things running here. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net

I am making a new box to test with and was trying to install shorewall via rpm. So I download the shorewall 2.2.5 rpm and issue a rpm -ivh shorewall-2.2.5-1.noarch.rpm. I then get an error: error: Failed dependencies: which is needed by shorewall-2.2.5-1.noarch So as you can see there are no dependency issues. I thought I saw this on the mailing list a while ago but I just searched for it I did