Displaying 20 results from an estimated 50000 matches similar to: "Problems with Shorewall 2.2 on Fedora FC3"
2004 Nov 27
12
New User on FC3
I am a new user of shorewall, and am having some difficulty getting it set up on a
new Fedora Core 3 system. When I run the shorewall script in the /etc/init.d the
following errror message is received.
tarting shorewall: ./shorewall: line 26: 10555 Terminated $exec start
>/dev/null 2>&1
[FAILED]
2004 Nov 08
5
Shorewall on FC3?
What version of shorewall do you suggest I try on a FC3 system?
TIA,
/ChJ
2005 Apr 03
3
Problem with fresh two nic installation on FC3
Hi,
I''m having problems with new Shorewall installation on Fedora Core 3 (had
same problem with Core 2 and upgrade did not help even iptables was
upgraded from 1.2.9 to 1.2.11). I''ve followed two nic example, but
starting Shorewall drops all connections and don''t permit any outgoing
requests, even with "all allowed" policy. Policy file is below. Current
setup
2004 Nov 13
13
shorewall.net is back
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The server rebuild was a complete failure. For some reason, neither FC3
nor SuSE 9.2 like the graphics card in the box.
I have reinstalled the old hard drive and the server is back on line.
- -Tom
- --
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2004 Dec 16
6
[OT] New (old) Firewall at shorewall.net
I''ve rebuilt my old P-II/233 with Debian Sarge and it is now serving as
my main firewall. It is running a home-built 2.6.9 kernel with the
ipsec-netfilter and policy match patches.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \
2005 Feb 13
15
Fedora Core 3 / 2.6.9-1.667
I just installed Fedora Core 3
uname -r
2.6.9-1.667
I got the latest shorewall''s rpm:
http://www.shorewall.net/pub/shorewall/2.2/shorewall-2.2.0/shorewall-2.2.0-1
.noarch.rpm
Made my changes
Attempted to run shorewall and got:
[root@demo shorewall]# shorewall start
ERROR: Can''t find iptables executable
I haven''t seen this before.
I tried to go through all the
2004 Aug 24
3
iptables-1.2.9 RPM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I''ve built a 1.2.9 iptables RPM that corrects the two iptables-save
problems that I know about. It is available at:
http://shorewall.net/pub/shorewall/iptables/iptables-1.2.9-95.7.i386.rpm
ftp://shorewall.net/pub/shorewall/iptables/iptables-1.2.9-95.7.i386.rpm
I''m using this on SuSe 9.1 -- for other distros, YYMV...
This RPM works
2004 Nov 27
16
bridge and dynamically adding hosts to zones
Hi,
I''ve set up a bridge which connects two parts of the same subnet with
each other.
I''ve set up everything as described in the Documentation and it works
very nicely.
However: I have a problem with adding hosts to zones dynamically.
The zone I want to add hosts to is called ''work''.
Since only the bridge br0 is defined in /etc/shorewall/interfaces
2004 Nov 22
6
Shorewall 2.0.11
No need to upgrade to this release if you already have the new bogons
file or don''t use that file. The primary change is a fix to the
install.sh script which previously gave an error on a new install.
http://shorewall.net/pub/shorewall/2.0/shorewall-2.0.11
ftp://shorewall.net/pub/shorewall/2.0/shorewall-2.0.11
Problems corrected in 2.0.11
1) The INSTALL file now include special
2005 Jan 30
11
Poor ipsec performance with policy match
Hello !
I have a performance issue with Kernel 2.6.X and policy match support as
suggested in http://shorewall.net/IPSEC-2.6.html. My IPSEC performance
doesn''t exeed about 30kbyte/sec even if my downlink is 1024kbit/sec and
should reach more than 100kbyte/sec.
No, its not the cpu''s performance (AMD Barton 2500+) and no it''s not the
gateway (CELERON 600 Mhz) on the
2005 Dec 14
10
Shorewall stops after about 36 hours
I don''t know what is happening, but every 36 hours or so I''ll go to ssh into
my server and find that I can''t connect on any of the outside services. I
then can connect into the box using a serial connection and find that
shorewall reports that it is not running and the iptables are in some kind
of default state which looks nothing like what I set it up with shorewall
2005 Mar 24
4
MAC address verification limitation
hi there. There are approx. 400-500 users in our
network and we plan to insert all their MAC addresses
into maclist and bind them together with IP address.
My question is whether shorewall is able to process
that much of MAC addresses without slowing the the
network speed performance? thanks for your time.
__________________________________
Do you Yahoo!?
Yahoo! Small Business - Try our new
2004 Nov 24
14
traffic shaping on ftp server don''t work
Having study a number of documents on linux traffic shaper, I started
to setup my shaping rules in my network.
My linux box is running RH AS3 U3, shorewall 2.0.9.
It is using PPPoE connected to the Internet
firewall:
eth0: connect to the adsl modem
eth1: private net
ppp0: virtual dial up interface for pppoe
There is a ftp server on the private net
It is listen for port 21 and configured
2004 Dec 18
14
SuSe 9.1 startup issue
Tom,
I am NOT subscribed (yet). I dropped SuSeFirewall2 in favor of
shorewall to get past the configuration hurdles I as experiencing.
At the moment, when my SuSe 9.1 starts up, I can see shorewall processing
the rules, policies, etc. and I see no errors and then moves on with the
rest of the SuSe boot process .
However, no traffic passes through using the rules.
I run an iptables -L and I
2005 Jan 11
5
Problem starting Shorewall using Bridge configuration
Hi
I have recently reconfigured my system to a Bridge based architecture on the
basis that I have an ADSL Modem/Router with a Public address on the Wan side
and a Private address on the Lan side.
I am running a Debian based system kernel 2.6.7 and the Bridging software is
installed and working correctly, including startup etc.
The problem that I have is in "shorewall start"
The
2004 Dec 08
9
Kernel/iptables question
As suggested here:
http://lists.shorewall.net/pipermail/shorewall-users/2004-October/015097.html
I''ve run:
adam@shrike:~$ /sbin/iptables -m policy --help
iptables v1.2.11
Usage: iptables -[AD] chain rule-specification [options]
iptables -[RI] chain rulenum rule-specification [options]
iptables -D chain rulenum [options]
--snip--
And:
adam@shrike:~$ sudo
2004 Mar 06
16
Bridging Update
The bridging documentation (http://shorewall.net/2.0/bridge.html) has been
expanded and there is a refresh of the bridging code
(ftp://shorewall.net/pub/shorewall/Bridging and
http://shorewall.net/pub/shorewall/Bridging).
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
2004 Oct 01
4
Re: Error: Your kernel and/or iptables does not not support policy match: ipsec
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
claas@rootdir.de wrote:
> Hello,
>
>
> I am trying to get ipsec with kernel 2.6.8.1 and shorewall 2.1.9 running,
> but I still have a problem:
>
> Validating hosts file...
> Error: Your kernel and/or iptables does not not support policy
match: ipsec
>
> I had a look for netfilter patch-o-matic, but I did not find the
2004 Dec 14
5
Dynamic blacklisting
Does anyone know of a script that can act as a
"helper" for Shorewall''s dynamic blacklist
capabilities?
Briefly said, I''d like to know if someone already
wrote a script/program that, e.g., parses log files
(/var/log/messages, etc) and picks up for example all
IP addresses that failed SSH login more than X times
and then executes a command such as
shorewall drop
2004 Feb 28
8
Looking for a Volunteer
The 2.6 kernel series includes Netfilter ''physdev'' match support. That support
makes it feasible for Shorewall to support bridge/firewall configurations.
I''m looking for early testers of such support.
Requirements:
a) Willing to run Shorewall 2.0.0-RC1 or later (RC1 will be released in a day
or so) plus private updates.
b) Running a 2.6 kernel or a 2.4 kernel with