similar to: Two Interface Setup + router problems II

Hello, I''m trying to configure my desktop as a bluetooth network access point for my ipaq (as explained in http://www.stolk.org/debian/bluetooth.html). I''m running shorewall version 2.2.1 on debian testing with a local network via eth0 and internet access via eth1. I''ve created a bridge br0 for eth0 and bnep0 and activated bridging in shorewall. dhcpd is listening

Hey all, I am using the two interface setup with Shorewall but cannot get it to work. Shorewall starts fine and runs fine. Here first is a small diagram of my setup: Inet DSL modem -> eth0 -> eth1 -> dlink DI-624 wireless/wired router -> Wireless and wired lan. The problem arises in the router, The setup config calls to set the gateway of the other computers to shorewalls internal

I have added a 4th NIC to my setup, and want to set up wireless. I have started at the configuration Tom has for the last week, and my eyes are crossing. eth0 "net" goes to my internet connected firewall with a 192.168 address eth1 "loc" goes to my switch connected to local switch also 192.168.x eth2 "work" goes to my office with a 172. address eth3 Trying to

Hello, I am not able to use ftp and ssh on the lan. Both the port are open. I have the lines on the rules file : # Accept SSH connections from the local network for administration # ACCEPT loc fw tcp 22 # # Accept ftp connections from the local network for administration # ACCEPT loc fw tcp 21 Thanks in advance Varun

Hi, thanks for a great piece of software! ...at the moment I have a commercial VPN box, which also acts as our firewall. I wish to replace this firewall functionality with a decicated Shorewall firewall, and use the VPN box only for VPN traffic. At the moment, this VPN/Firewall box is at an internet visible address, x.x.x.85 I wish to make the new Shorewall fireall x.x.x.85 and move the VPN to

Hi, I have a setup problem with Shorewall 4.0.6, which I can''t figure out why it is not working: I want to install a fireall with 2 extra interfaces : - My serv ("dmz") zone is a /28 subnet behind eth1, with a small number of SUN servers (IPs between ABC.DEF.75.1 and .13), one of which is a DHCP server for the 75 subnet. - The loc zone are PCs in the 75 subnet behind eth2

Hi! I don;t know what i am doing wrong because i have still Low ID on aMule. I have action.AllowaMule and accept tcp 4662:4771 and udp 4672. Thanks, Mitja

Is the Shorewall.net down ? Regardless of page I get a "connection refused" - Bill

Good day to all. I don''t like to Post unless I am really stuck. Guess what? Redhat with Shorewall. Been using this for years. I have a new client that we have setup with Redhat and Shorewall. The problem is that his outside address (ETH0 = NET) is dynamic (i.e. DHCP enabled). All the rules work fine when we use a STATIC address on Eth0, so we know the rules, filters, tos etc work fine

I''m very new to shorewall. My setup is IP Gateway (CentOS 4 + Shorewall) with 3 NIC cards. Shorewall works great on the firewall machine. Bind also works (local net machines get IPs fine). Under firestarter, all works great. With shorewall, the loc machines can not route past the firewall. They can connect to the firewall, but not past it. Exactly what information should I post to get

Hey folks; (and Tom) I just brought up a new two interface bridge and decided NOT to add an IP to it (for some strange reason that I am not quite sure of yet ;-)). While I was testing it I was able to use a different subnet bound to that interface without a problem but when I made the change to use an IP from the same subnet that is configured for the bridge (eth0, eth1) I saw that shorewall had

Hey folks; I have been happily using shorewall for quite some time so this problem _may_ not be easy to resolve but I am interested in any information regarding your experience with the same setup. I was using FC3 with shorewall 2.2.3 and two NICs setup as a bridge without any issue until I upgraded to FC4. My production system would pass traffic through the bridge but local usage would not

Hi there, Let me just start by saying that I am a bit of a Linux newbie, but that Shorewall seems an excellant product. The issue I''m reporting wont stop me from using it, it still does 99% of what I need. Anyway, I have a resonably simple two interface system. My server (HatMannz, P3-900MHz with a RAID-1 array of 80GB IDE drives running Red Hat 9.0) connects to a cable modem via eth1

Hi I am using Shorewall with a bridged Firewall using the "bridging utils" from Debian. eth0 is connected to the router and eth1 is connected to the local lan. eth0 and eth1 are both assigned zero addresses and br0 is assigned the Firewall server address of 192.168.0.1 I should point out that Shorewall is working fine in Bridge mode, but I have hit some problems while evaluating

Hi all, I have set up a working OpenVPN2 connection between my Server and my gateway at home. Now I want all traffic to be routed through this VPN connection. Currently everything is going through eth1 to the internet (to the gateway of the University which forwards it to the internet :-). We must use a prox-server and because of this I am not abel to watch the real-Media streams on

Attached is file "QSG-issues-1.0.txt" containing a numbered and commented list of issues collected from contributors and recent lists activity. It might be cool to have these issues in some spiffy issue tracking system like RT or something, but for a low tech start it''ll probably suffice. COMMENTS - IMHO (no particular order): I have searched the archives for additional

I''m noticing some weirdness in my ulog files with version 2.0.10. Here is a portion of the log: Jan 7 11:01:37 rancor Shorewall:loc2fw:AllowWOL: IN=eth1 OUT= MAC=ff:ff:ff:ff:ff:ff:00:0a:95:b2:11:4c:08:00 SRC=192.168.0.100 DST=192.168.0.255 LEN=97 TOS=00 PREC=0x00 TTL=64 ID=44155 CE PROTO=UDP SPT=631 DPT=631 LEN=77 Jan 7 11:01:39 rancor Shorewall:loc2fw:AllowWOL: IN=eth1 OUT=

Thanks for such a quick reply Tom! Any suggestions then as to what I might do other than putting a second nic in the SBS and opening it up for web access? I don''t like the idea, but since MS SBS includes fireall that is actually what MS suggests. Boyd -----Original Message----- From: Tom Eastep [mailto:teastep@shorewall.net] Sent: January 3, 2005 3:05 PM To: Shorewall Users Cc: Boyd

i am doing a clean install on fedora core 2 using the shorewall rpm and the Shorewall Setup Guide for multiple IP''s using a stock configuration except for AllowDNS and AllowWeb on the firewall (so i can post this message). my shorewall status file is attached. my setup 69.17.65.105 = firewall 69.17.65.22 = dmz server 1 69.17.65.161 = dmz server 2 my local network is

I just found this in my firewall log: May 10 08:58:00 fire2 kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT=eth1 SRC=10.10.10.1 DST=192.168.0.3 LEN=66 TOS=0x00 PREC=0xC0 TTL=254 ID=37790 PROTO=ICMP TYPE=11 CODE=0 [SRC=X.X.X.X DST=65.108.14.222 LEN=38 TOS=0x00 PREC=0x00 TTL=1 ID=62741 PROTO=UDP INCOMPLETE [6 bytes] ] (bracketed source IP removed for anonymity - it is the public IP address of my