similar to: logging

Cheers, This is fairly OT, but if this list doesn''t know, I''m under cross fire for a reason, yet to be found... ;) One of my firewalls gets hit by *lots* of packets from random source IPs and varying source ports. Measured by thumb, it''s more frequent than 1 per second -- thus rendering the log file almost useless [1]. Does anyone know, which apps use UDP port 8497

Shorewall version 2.2.1 2 Interface setup. eth1: 10.10.1.3 eth0: 192.168.1.2 modem is 192.168.1.1 I need to be able to connect to my adsl modem, but when shorewall is up I get connection rejected. I have added "192.168.1.1 RETURN" above the line "192.168.0.0/16 logdrop # RFC 1918" in "/etc/shorewall/rfc1918" but still getting connection rejected Is there

Hi Guys, Thi sis my first post, sorry for my english, I''m Italian. I desperate try configure home server/router connected over ADSL with dynamic IP. I''ve registered to no-ip and in order to connect externaly to my home server. My system is gentoo based. I''ve just installed different pubblic servers with static IP and shorewall and had no problems, but my own home

Hi All, Our internal users need to connect to the bank to do internet banking. The bank requires that the client computers connect to ports 15000-15010. In Shorewall how do I do a masq for anyone trying to connect to these ports? Thanks Raymond

Hiya. I am currently usiong Shorewall 1.4.8 on my Mandrake box. I want to look at upgrading it to the Latest build of shorewall. Is there anything I need to look out for before doing this ? Is there a FAQ as to the easiest way or doers it upgrade ok following the usual Upgrade via RPM instructions. cheers in advance. _________________________________________________________________

Hello everybody: Here is my "network layout": ISP1 ISP2 | | | | +-----eth0---------eth1------+ | | | FC 3 box | | | +-----eth2---------eth3------+ |

Hello....I have a specific Requirement on a One Interface Setup...Help me guys 1.Allow ssh,dns and web request to the firewall.....Input Chain ACCEPT net fw tcp 22 ACCEPT net fw udp 53 ACCEPT net fw tcp 80 Are the above rules correct. 2. Allow 6 Pool of Ip''s to be forwarded thru this firewall....This Machine Stands as a gateway for 6

Hello, is it possible to configure Shorewall for different network environments? I am using it on a single Linux computer. When I am at home, I am using an internal IP address (192.168.0.X), and when I am using my cable modem, I get an internet IP assigned. I now want to be able to use Samba/Windows Filesharing when at home and to disable it when I am using my computer directly on the net.

Hello, I would like to run other services like messaging services on my firewall machine too. Does it make sense to run shorewall, openvpn and the pppoe package in a chroot jail? And is it possible to run these programs as an other user? Ciao Hugo

I''m happy to see shorewall 3.0 is released. My server is running 2.4.6 and I want to upgrade to 3.0. What should I pay attention to upgrade to 3.0 ? ------------------------------------------------------- SF.Net email is sponsored by: Tame your development challenges with Apache''s Geronimo App Server. Download it for free - -and be entered to win a 42" plasma tv or your

Shoot! Sorry Tom. I thought I replaced your e-mail address with the shorewall list address. I got it working!!! I finally figured out what I was doing wrong. Pays to write down what I want to accomplish versus flying by the seat mof my pants. The ACCEPT+ is G R E A T! Took care of some of my issues along with removing the redirect rule (yeah, yeah...I should have thought it over more

Hello, I''ve checked the FAQ, and it tells that there is a GUI interface , does that applis to version 1.4 as well as version 2.0 Sorry if it is a silly question, but just wanted to be sure Kind Regards Samer _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it''s FREE!

I have produced RedHat 9.2.2-22 RPMS that include the ISC "delegate-only" patch that helps thwart Verisign''s wildcard .com and .net hijacking. These RPMs seem to run fine on RH9 (I''ve been running them since yesterday on ns1.shorewall.net). ftp://shorewall.net/pub/misc/ -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net

Hello I am looking for a way to have snort to dynamically update my shorewall config. I have seen software out there but I would like to see if anyone had tried this first. Aslo I would like to know if there is a way clear the Netfilter tables when I do a shorewall restart. The reason being is that when I make a change to my firewall setting I want all connections to have to re-establish

I''m re-reading the section on dns names in the shorewall docs: "I personally recommend strongly against using DNS names in Shorewall configuration files. If you use DNS names and you are called out of bed at 2:00AM because Shorewall won''t start as a result of DNS problems then don''t say that you were not forewarned." Having been stung by this a few times

http://shorewall.net/pub/shorewall/Beta ftp://shorewall.net/pub/shorewall/Beta Problems Corrected since version 1.4.6: 1) Corrected problem in 1.4.6 where the MANGLE_ENABLED variable was being tested before it was set. 2) Corrected handling of MAC addresses in the SOURCE column of the tcrules file. Previously, these addresses resulted in an invalid iptables command. 3) The

http://shorewall.net/pub/shorewall/Alpha/shorewall-2.0.0 ftp://shorewall.net/pub/shorewall/Alpha/shorewall-2.0.0 See if this change to proxy arp is more palatable. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net

I believe that 2.4.0 is about ready to be sent out the door. I''ve made a couple of small changes since RC2 but I don''t believe that they warrant another RC. There remains the issue of what to do about support for Shorewall 2.0 given that 2.2 has only been available since March. It would be my recommendation to make 2.4 the new "stable" release but continue to

Hello, I changed the log path in shorewall.conf, LOGFILE=/var/log/messages to LOGFILE=/var/log/shorewall, and then I touched the shorewall file in /var/log, permission root:root 600, after shorewall restart, no logging messages appear in /var/log/shorewall. so how can I fix this problem ? Thanks !! _______________________________________ YM - 離線訊息