Displaying 20 results from an estimated 3000 matches similar to: "Firewall design"
2008 Jan 06
0
[Bridge] Bridge with IP address -> unable to connect to bridge
Hi,
I tried sending this earlier, but it didn't come through.
Apologies if this appers twice on the list.
I'm running bridging using the brouter setup described on
this page:
http://ebtables.sourceforge.net/examples.html
"Making a brouter".
The setup described there is like this:
ifconfig br0 0.0.0.0
ifconfig eth0 172.16.1.1 netmask 255.255.255.0
ifconfig eth1 172.16.2.1
2003 Jan 19
8
Unable to have pc #2 connect
I''ve set up shorewall with the two-interface mode.
pc #1 eth1 ---> ppp0 ---> Internet eth1: 10.10.10.254
eth0: 10.10.10.1
> via a crossover cable
pc #2 eth0: 10.10.10.2 (gateway=10.10.10.254)
I am able to surf the net with pc #1, but pc #2 is completely cut off
from pc #1 and the net. I am also unable to ping from and to pc #2.
2005 Feb 11
1
xend HTTP protocol documentation?
Hi,
Is there documentation for the details of the xend HTTP protocol available?
Thanks,
Denis Bohm
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.8.7 - Release Date: 2/10/2005
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of
2005 Jun 06
5
Smb4K port
Hello,
Which port Smb4K uses?
I am not able to use Smb4K on my
server for the local network.
Thanks
Varun
2003 Jan 08
3
Shorewall blacklist does all
Hello,
I''m a very happy user of shorewall but I have found a problem
or maybe a misconfiguration I made which I can not resolve.
I use a fairly large blacklist based on probes, nimda & codered
attacks, proxy & relay probes etc.
The only problem is that I want to block incoming trafic on
all ports FROM a block but it does also block a httpd, ping
etc TO a ip in a block what I do
2003 Jan 27
7
Mac Addresses in the Log
How does one interpret the mac addresses in the log which
seem to have 14 segments...
Example, this appears in the log...
00:40:c7:2e:09:c0:00:01:64:4a:70:00:08:00
Yet I can''t find that in the arp table
norcomix:~ # arp -an
? (192.168.2.148) at 00:10:4B:6A:AE:E7 [ether] on eth1
? (192.168.2.149) at 00:D0:B7:1D:F2:F2 [ether] on eth1
? (24.237.19.16) at 00:10:DC:67:BA:80 [ether] on eth0
?
2004 Aug 22
12
Tom''s Key
Since you''ve started signing your email, Tom, my machine can''t
verify your sig. Where are you publishing your key?
--
John Andersen - NORCOM
http://www.norcomsoftware.com/
2004 Jun 03
5
shorewall VS Linux Firewall
I have a senario I hope one can help me out
with...
I have a range of Public IP Address
203,xxx.59.106-114
I have 4 internet servers that need to
communicate to internal servers/clients
172.16.x.x/24 using port 80. These are
Windows2000 servers (no software firewall
solution)
I have a 2nic shorewall device at present and
,as you know, I can only NAT 80 to one
internal server.
My immiediate
2006 Feb 26
0
Xen 3.0 and a virtual net (brouter with masq)
Hi All,
I am trying to create the following configuration:
dom0
|---eth2 Masquerading interface to OUTSIDE
|
|---eth0 LAN:10.0.1.1/24
|
|---eth1 WLAN:10.0.2.1/24
|
|---xenbr0 DMZ:10.0.3.1/24
|
|-- vifX.0 -- eth0 domU:10.0.3.2
I would like to do it this way because I will not be using xen all the time on this machine.
I created a network-virtual script which
2004 Jun 22
6
Linux choices ?
First of all, My apologies for this maybe slight OT post, but I have
so much confidence and read so much good replies on this list, that I
am still asking my question.
I''m looking for a linux distribution to use on our school''s homemade
routers. The routers are small miniITX based systems with 2 network
interfaces. I added a 4 port D-Link network card in some cases, when I
2003 Nov 24
3
VNC Problem
Hello,
I want VNC Server,which is outside my network ,add my VNC Client, which is
behide shorewall box. How should I config the rule? TIA
Thongchai
2007 Apr 18
1
[Bridge] Information needed about bridge c code
Hello,
i need to write a little personal patch in the bridge code.
For this patch, i need to know the original src and dst mac addresses
of the packet incoming to the bridge. As i work on a brouter (some
packets are bridged, some are routed based on ebtable rules), packets
that are routed have their mac addresses modified by the IP stack).
I put a software probe in br_input.c::br_handle_frame( ),
2004 Jan 27
1
Filter not listed for firewall filter - and not running!
Hello all,
I am having some trouble getting a firewall filter to work with TC. I am
actually setting the mark via EBTables (which is working as far as I can
tell, I am also logging the packet and my syslog reports lots of marks):
ebtables -t broute -A BROUTING -p ipv4 -i eth1 -s 08:00:46:60:B3:57 -j mark
--set-mark 7 --mark-target CONTINUE --log --log-level debug --log-prefix
"EBFW Mark
2005 May 06
3
OT: Why slow mail-check on wireless?
Ok this is admittedly OT, but when you want network advice you go to
where network gurus hang...
When popping mail from my primary mail server (Linux) from my linux
laptop a simple mail check takes 15 seconds to connect when using
a wireless nic (802.11g) and 1 second using the hardwired nic.
Popping my backup mailserver (also linux) which is sitting RIGHT BESIDE
the primary takes one second
2005 Nov 30
8
nested attributes with update_attributes()
Hi,
I am trying to use the update_attributes on object with nested
attributes and I am getting the following error:
ProductPrice expected, got HashWithIndifferentAccess
Here''s the situation (simplified):
class Product < ActiveRecord::Base
belongs_to :productPrice
end
class ProductPrice < ActiveRecord::Base
has_one :product,
:dependent => true
2003 Sep 27
8
ShieldsUp scan
Hi,
I''m a home user who doesn''t understand the workings of the Shorewall
firewall (or the linux OS on which I''ve just installed it) very well.
Having just installed Shorewall 1.4.6c with a default "home user"
configuration I gave it a run against the online ShieldsUp scan.
Main surprise was that the ICMP echo was enabled. I''ve since gone into
2003 Jan 08
14
prerouting newbie question/mistake :)
Hola and thanks for any help in advance
I installed mandrake 9 a few days ago and wanted to set up some
additional rules to shorewall, bu i failed :)
What i want to do is basicly route any incomming udp and tcp packets on
port 4665 to a workstation behind the router.
router with mandrake 9, eth0 (192.168.0.1) internal net, eth1(10.0.0.0)
connected to dsl modem and gets a dynamic ip
2005 May 24
6
RPM install issues
I am making a new box to test with and was trying to install shorewall
via rpm. So I download the shorewall 2.2.5 rpm and issue a rpm -ivh
shorewall-2.2.5-1.noarch.rpm. I then get an error:
error: Failed dependencies:
which is needed by shorewall-2.2.5-1.noarch
So as you can see there are no dependency issues. I thought I saw this
on the mailing list a while ago but I just searched for it I did
2005 May 29
12
access deny host (ip) to access the Internet
I''m using shorewall 2.0.x at home as an Internet gateway for family.
However my brother always plays online games overnight, so my parents
asked whether I can do something on the gateway to control the time of
accessing the Internet.
I planned to put a script on crontab to schedule which it will execute
say at 12:00 night daily, the script will execute a command will deny
my brother
2005 May 10
1
Help with PRIO qdisc and filters
Hi,
Sorry to bother you all. I have a typical problem sharing DSL upstream
bandwidth with users. I have 3 types of traffic high-priority,
medium-priority and low priority. My upstream rate is 960kbits. Traffic (any
priority) can vary in bandwidth from 0 to 960kbits. I have a test setup
where I can pump 600kbit of high priority sustained and I have 400kbit of
low priority traffic sustained. I