similar to: Re: I Quit

Hi, I''m trying to get RAdmin [uses tcp 4889] access to my Windows machine which is behind my firewall. I have zones: gbl : the world loc : my lan fw : firewall I placed the following in my rules file DNAT gbl loc:192.168.0.2 tcp 4889 - When trying to RAdmin I get a cannot conect to server error. 192.168.0.2 is my Windows Machines IP address. Can anyone help me? Shorewall 1.3.9b

Hi folks, I know this isn''t a shorewall question, but i''m hoping someone can point me to the right place to look for answers on this (since, as Tom suggests, search engines are useless for some things): Here is my firewall setup: ADSL1 ADSL2 dialup \ | / firewall | DMZ It''s a fairly simple setup. ADSL1 has a static IP, ADSL2 is

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have a machine that is running Shorewall 1.3.11a. Last night it quit all logging. The "messages" file just ends at 4:20 PM, no entries since. I was vim''n into that file about that time.... Any ideas how to start logging without a reboot? Thanks for your time, Steve Postma Sys Admin Travizon -----BEGIN PGP SIGNATURE----- Version:

Greetings Running Fedora Core 3 and dovecot-0.99.13-3.FC3 as a production mail server for around 30+ accounts. A couple of times a day dovecot just stops. Nothing in the mail log except for Apr 26 00:48:19 sydsrv05 imap-login: Can't connect to auth process at default: Connection refused It's got to the point that I have put a script into cron.hourly to restart the dovecot service

Using Shorewall v1.2, and testing the firewall using scan.sygate.com, I am informed that several ports (web (80), ident (113) and DCE locator (135) are ''closed'' rather than ''blocked''. All other ports show as blocked or ''stealthed''. I haven''t set up any rules or policies that have anything to do with 80, 113 or 135. Is this

Dear Tom Thank you for the incredible personal effort you have put in over the years. Shorewall is an incredible achievement. It has helped me enormously in setting up my new business and securing my data centre ( at a price that I could afford!) Contrary to your opinion, it is also one of the best documented open source projects in existance, you are very talented at explaining complex

Hi folks, A while back we had some discussions about integrating heartbeat and shorewall. Thanks to your help and the excellent state of Linux failover clustering, i''ve managed to install my high-availability firewall. I know there''s already a howto for it at http://www.xenos.net/library/hafirewall.html, but i thought i would document my setup for others, since it''s

Greetings We just updated two RH9 servers to 3.0.14a-1 and are still seeing a lot of errors in the logs. They're not stopping us working but I would _really_ like to understand what is causing them. On the first server, in the logwatch, we get a whole swag of: samba: Unknown Entries: session opened for user janicer by (uid=0): 6 Time(s) session opened for user sonjap by

The kernel module loading fix included in Shorewall 2.0.2d fails to load modules when MODULE_SUFFIX is not set in shorewall.conf. There are three possible ways to avoid this problem: a) Set MODULE_SUFFIX="o gz ko o.gz ko.gz" is shorewall.conf. b) Install the ''firewall'' script from the 2.0.2 errata: http://shorewall.net/pub/shorewall/errata/2.0.2/firewall

Hello, I have had a lot of success installing/configuring shorewall on my own system using webmin. Recently, I have been contracted to do some remote admin on a isp co-lo box all through a webmin server index connection from my locally running webmin server connected to the remote server. I was able to download shorewall from: http://shorewall.infohiiway.com/pub/shorewall/LATEST.rpm but when

Ok -- I''m wearing the brown bag tonight (I''ve airmailed one to Tuomas as well :-) ). The IPTABLES patch had some problems when IPTABLES was not set in /etc/shorewall/shorewall.conf. Beta 6 fixes those (I hope) and also corrects a rather obscure problem with "shorewall add" when the "mss" option appears in /etc/shorewall/ipsec. -Tom -- Tom Eastep \

I''m going to start being rude with people if I don''t take a break from the list for a while. I''ll be back in a couple of days after I cool off..... --Tom -- Tom Eastep \ Off-list replies are cheerfully ignored Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key

Hi Folks! I''m new to shorewall (in the process of switching from Bastille), and I have a question as to how to address using Bluetooth enabled Palms with a BT dongle on a linux box protected by shorewall. Basically I followed the directions located at http://www.metacon.ca/bcs/view.php?page=bluetooth to get things working strictly with iptables, specifically: echo

Hello Shorewall gurus, as outlined on the shorewall site I have done the following after failure to install shorewall via the rpm: I have read all of the FAQ. I have read the quickstart guide with particular attention directed at the Mandrake solution. I have searched the mailing list archives (all old replies). I have studied the documentation index. I have previous experience using shorewall

Thanks Bradley, Yes, it works fine inside the firewall. And otherwise there is no proxy server. Its just the MS Small Business Server behind the firewall. Let me remove port 80 just to see what happens... bk -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of Bradey Honsinger Sent: January 3, 2005

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi: I have a small infrastructure of network of local area, that are based on a computer, with computer and with a Point Access, with Debian Etch 4.0r1. With Shorewall 3.2.6-2. Well. Since I have two cards of network, which of which, I have left like that: Internet --> Router (217.126.221.65) --> eth1 (217.126.221.117) --> eth0 (LAN

Thanks for such a quick reply Tom! Any suggestions then as to what I might do other than putting a second nic in the SBS and opening it up for web access? I don''t like the idea, but since MS SBS includes fireall that is actually what MS suggests. Boyd -----Original Message----- From: Tom Eastep [mailto:teastep@shorewall.net] Sent: January 3, 2005 3:05 PM To: Shorewall Users Cc: Boyd

Hello Shorewall gurus, I have a dilemma with a public server. I want to migrate the current public server over to a new machine behind the current server''s firewall (shorewall 1.4). I have included a diagram below to help explain the target network I am working toward. I have read the shorewall online documentation and though I have used Shorewall the past 4 years in the current

Hi folks, I''ve noticed in recent times on the list that we seem to be getting a low signal-to-noise ratio with a lot of posts (particularly those where people include their configuration). Once you have posted the appropriate information once, there is no need to keep quoting it unless it is central to the discussion. Trimming irrelevant material makes it easy for people who have been

Robin Lynn Frank wrote: > We have Shorewall 2.1.9 , squid and dansguardian (a filter for squid) on > the same box. I want to require one group of computers to connect their > browsers via squid on port 3128. The other group, I want to require to > use dansguardian on port 8080 and it , in turn hands off to squid on > 3128. I think I have this figured out, but I thought