Displaying 20 results from an estimated 20000 matches similar to: "Shorewall upgrade problem"
2004 Jan 18
1
1.4.9 rpm update warnings
Hello,
I just started updating my RH9 Linux servers with Shorewall 1.4.9. I had
Shorewall 1.4.8 installed on the server before I updated it. I installed it
using the following command:
rpm -Uvh Shorewall-1.4.9-1.noarch.rpm
I got the normal rpm "Preparing." message and then it displayed the
following message five times before listing expected warnings of creating
rpmnew
2002 Nov 09
2
Shorewall 1.3.10
In this version:
1) You may now define the contents of a zone dynamically with the
"shorewall add" and "shorewall delete" commands. These commands
are expected to be used primarily within FreeS/Wan updown scripts.
2) Shorewall can now do MAC verification on ethernet segments. You can
specify the set of allowed MAC addresses on the segment and you can
optionally
2002 Nov 09
2
Shorewall 1.3.10
In this version:
1) You may now define the contents of a zone dynamically with the
"shorewall add" and "shorewall delete" commands. These commands
are expected to be used primarily within FreeS/Wan updown scripts.
2) Shorewall can now do MAC verification on ethernet segments. You can
specify the set of allowed MAC addresses on the segment and you can
optionally
2005 Jul 05
14
issues in tcrules
Hi! This is another thread of "setting gateway in interfaces file" and
while i dont want to create any confusion here, i have decided to open
a new thread.(which mean Diamond King no longer a subscriber to
shorewall-users)
Actually, i turned out not to be the MARK issues. Something is missing
and i got this error instead :-
Setting up Accounting...
Creating Interface Chains...
2005 Mar 10
1
Shorewall performance issue
Hi to all. I have a shorewall ver 2.0.13 running in Fedora Core 3, the machine has dual cpu, 1gb of ram, and 40GB of hard disk space. The machine runs shorewall only and had tested it to openvpn but most of the time just shorewall.
The problem, there were instances when internet traffic coming from the local network just halts, I needed to restart shorewall in order the traffic to flow again.
2005 Jun 03
4
New Document for People Helping with Shorewall Support
The Shorewall support page advocates including the output of "shorewall
status" with problem reports that involve some sort of connection
problem. I suspect that the number of people who feel comfortable
analyzing problems through use this output is small.
To help, I''ve created http://shorewall.net/AnalyzingShorewallStatus.html
I suspect that the document isn''t
2005 May 25
1
Shorewall 2.3 problem (repost)
Hi to all. I recently upgraded to shorewall ver 2.3 from 2.0 so I could explore the multiple ISP/dual default route setup feature of version 2.3, I also upgraded iptables from 1.2 to 1.3 (rpm-based install) but when I tried to start shorewall it terminates and I noticed it''s giving me this error
iptables: No chain/target/match by that name
ERROR: Command "/sbin/iptables -t mangle -A
2004 Sep 06
10
bug in shorewall shorewall-2.1.7-1 rpm??
Hi!
I installed shorewall shorewall-2.1.7-1 on a newly installed box.
When using 1.4 versions I could enable shorewall in ntsysv, now shorewall
doesn''t show up in ntsysv?
I am running shorewall on a RedHat Enterprise Linux rebuild
(www.taolinux.org).
Is this a bug or a feature?
2004 Mar 25
2
Shorewall 2.0.1 RC1
Release candidate 1 is available at:
http://shorewall.net/pub/shorewall/Beta
ftp://shorewall.net/pub/shorewall/Beta
The ''releasenotes.txt'' file tells you about the release.
-Tom
PS to those of you on the Shorewall Announcement List:
Feedback to this point is overwelmingly in favor of keeping Beta and
Release Candidate announcements on this list.
I have configured the list
2004 Nov 30
5
RE: [Shorewall-devel] SFTP
On Tue, 2004-11-30 at 12:17 +0700, Matthew Hodgett wrote:
>
> As for the 169.254 issue I tried to search the archives but got nothing.
> I then tried to search on generic words, nothing. I then tried some
> really common words like ''help'', ''initiated'', ''masq'' - nothing. I think
> the index might be corrupt because I get no
2005 Jun 29
3
DHCP assigned gateway in /etc/shorewall/providers?
Is there a way to specify a variable for the gateway in
/etc/shorewall/providers? I have in my scenario:
eth0 dsl (static IP)
eth1 cable (dhcp assigned IP)
eth2 lan1
Is it possible to specify the gateway as a variable based on the current
DHCP lease (like $eth0_gw)? I''m following the documentation at
http://www.shorewall.net/Shorewall_and_Routing.html.
-Scott
2004 Aug 19
6
Re: Two Links and DNAT
----- Original Message -----
From: "Jerry Vonau" <jvonau@shaw.ca>
To: "Mailing List for Shorewall Users" <shorewall-users@lists.shorewall.net>
Sent: Thursday, August 19, 2004 08:06
Subject: Re: [Shorewall-users] Two Links and DNAT
>
>
> > Btw, by "shorewall show nat" I just noticed that I was doing snat only
> > for packets comming
2005 Feb 24
3
[Fwd: Re: 2.2 shorewall installation fails on suse 9.2]
Anyone else seeing this??
Thanks,
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
2003 Sep 18
9
OT: Bind-9.2.2-22 RPMS with "delegate-only" patch
I have produced RedHat 9.2.2-22 RPMS that include the ISC
"delegate-only" patch that helps thwart Verisign''s wildcard .com and
.net hijacking. These RPMs seem to run fine on RH9 (I''ve been running
them since yesterday on ns1.shorewall.net).
ftp://shorewall.net/pub/misc/
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://shorewall.net
2002 Mar 20
3
Shorewall 1.2.10
This is a minor release of Shorewall.
In this release:
1. A "shorewall try" command has been added. This command attempts to
restart Shorewall using an alternate configuration and if that
attempt fails, Shorewall is automatically started with the default
configuration. This is useful for remote administration where a
failed restart of Shorewall can leave you isolated from
2004 Dec 29
9
Shorewall rpm failed dependency: iproute (ip is working)
Hello Shorewall gurus, as outlined on the shorewall site I have done the
following after failure to install shorewall via the rpm:
I have read all of the FAQ.
I have read the quickstart guide with particular attention directed at
the Mandrake solution.
I have searched the mailing list archives (all old replies).
I have studied the documentation index.
I have previous experience using shorewall
2005 Jun 06
23
Multi-ISP in 2.4.0
Hello Shorewall list,
I''m a happy Shorewall user since a few years now and everything works fine
for me except one thing that I try to implement since a week, the multi-isp.
I''ve downloaded the 2.4.0 Stable release yesterday and tried the RC2 since a
week.
My config is a Debian running a kernel 2.4.27 home made with the
CONNMARK.diff patch applied
I''m using 2 ISP,
2006 Jan 17
12
Multiple ISPs: How to force $FW traffic to a specific ISP (reprise)
Hi!
I have reprise try to resolve this problem, suspended from 17 dec 2005
I have try to apply the suggest of Jerry (see above).
The problem still exist.
See attach shorewall config, dump and tcpdump when I check to exit whit
SSH from firewall...
In the masq file is reported the last my attempt in order to resolve my
problem, however I have test also the example reported in MultiISP.html,
but
2005 Jan 04
5
Shorewall and ChilliSpot
Has anybody on this managed to get ChilliSpot and Shorewall to work
together? I have managed to get it to work with the supplied firewall
script but if I wanted to do my firewall like that I would not be using
Shorewall.
At any rate, I am having all kinds of trouble translating the supplied
rules to something that Shorewall would understand. If anybody has already
done it I would love to see the
2005 Jun 24
7
tcp redirect questions
Hi there. Currently, our network design has two ISP
lines and 3 subnets for LAN. Below are some details :-
eth0 - isp1
eth1 - isp2
eth2 - subnet1
eth3 - subnet2
eth4 - subnet3
What i wanted to do is to assign incoming port 80 to
our local squid server running on the firewall itself
and assigned it to eth0(ISP1). I think it shouldnt be
a problem as /etc/shorewall/rules provides a sample of
the