similar to: how to configure

On my windows machine I use a software fire will called ZoneAlarm. One feature I like Is the ability to block applications from using the net. I''ve looked with Shorewall and wonder if it does, or was ever meant to. Not a complaint, a curiosity. Kev -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 1572 bytes

Hi everyone, I have a question regarding the default gateway for hosts on DMZ zone. I moved servers from parallel to the DMZ (outside the firewall, directly connected to I-net) to inside DMZ. The default gw for these servers was the DSL router(bridge) of my ISP. What should be the default gw (for the hosts inside the DMZ), when hosts are inside the DMZ now - still the DSL router (external

Hi! Can I use the old version shorewall 1.2.12 configure as SNAT and DMZ ? Because Debian Linux came with the default shorewall 1.2.12 . Best Regards, Support

I anticipate that this will be the last RC unless problems are discovered. Changes since RC2 include: * The default route is now ignored when Shorewall is detecting masqueraded networks. A warning message is issued if the default route goes through the source interface (normally, the destination interface is the firewall''s external interface and therefore, the default route would go

Hi, I have a 3 interface FW like this: http://shorewall.greshko.com/GSLUG_files/slide0008_image004.png where I use PROXYARP to give the servers in DMZ an IP from our public IP range. A bit like this: http://shorewall.greshko.com/GSLUG_files/slide0042_image026.png proxyarp: xxx.23.52.145 eth1 eth0 - yes xxx.23.52.146 eth1 eth0 - yes xxx.23.52.147 eth1 eth0 - yes xxx.23.52.148 eth1 eth0 - yes

----------------------------------------------------------------------------- Shorewall 1.2.12 # uname -a Linux yoreach 2.4.18 #1 Sun Apr 21 12:50:34 CEST 2002 i686 unknown # ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: dummy0: <BROADCAST,NOARP> mtu 1500

Hi All, I''m using shorewall on my laptop(2 NIC) to connect my desktop to the Internal LAN. For some reason, MS''s SQL query analyser is not able to connect to the SQL server. I alway get the "Server does not exist" I even tried to connect to it using IP address rather than netbios name and it still doesn''t work. All of the access is fine. (eg: WEB/ping etc)

Is the Shorewall.net down ? Regardless of page I get a "connection refused" - Bill

Dear All, I wanna to implement of bandwith shapingin my office using HTB, any body suggest about the case ? Below the acl ip range i want to limit : 1. staf (10.0.0.1 - 3) --> limit to 10kbyte/s 2. lab (10.0.0.4 - 6) --> limit to 5kbyte/s 3. bos (10.0.0.7 - 9) --> limit to 20kbyte/s 4. admin (10.0.0.10 - 12) --> no limit thanks all 4 ur advise -- Warm Regards, Cahyo P. KLAS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The server rebuild was a complete failure. For some reason, neither FC3 nor SuSE 9.2 like the graphics card in the box. I have reinstalled the old hard drive and the server is back on line. - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net

I've been trying "relay push" from one icecast server to another. When I issue the command in the first icecast's console, it crashes w/ a segmentation fault. Nothing ever arrives at the second machine, so the first server crashes before anything goes out. version: 1.3.11 command used: relay push 1 192.105.194.202:8000 result: segmentation fault no packet were sent at all to

"CALL FOR PAPERS" THE ISLAMIC SOCIETY IN SOUTH EAST ASIA CONFERENCE ON STATISTICAL AND MATHEMATICAL SCIENCES BANDUNG, 25 - 26 APRIL 2003 Fakultas Matematika dan Ilmu Pengetahuan Alam Universitas Islam Bandung Jalan Tamansari No. 1, Bandung 40116 Telepon +62 22 4203368 Ext. 136 or 135 Facsimile +62 22 4263895 E-mail: - fmipa_unisba at yahoo.com - wanda at

Hi, In the advent of RHEL5 and CentOS 5, I've been rebuilding the RPMforge packages for EL5. You can find these at the usual location[*]. A few points though: + Not all RPMforge packages are available at this time + If you find a package that you need and isn't there, please do look at the buildlogs and send me instructions on how to fix this specific build. (Saves us time

I have a fedora 3 with postfix and apache apache is ok, webmin is fine, etc no 25 or 110 ? kevin Jan 4 15:47:13 ibm kernel: Shorewall:net2fw:ACCEPT:IN=eth0 OUT= MAC=00:06:29:33 :e8:7e:00:02:3b:00:02:c4:08:00 SRC=67.127.200.22 DST=4.11.105.55 LEN=40 TOS=0x00 PREC=0x00 TTL=44 ID=33681 PROTO=TCP SPT=57621 DPT=25 WINDOW=2048 RES=0x00 SYN U RGP=0 Jan 4 15:47:20 ibm kernel:

I''ve installed this fine software on my home network and am very pleased with the ease of installation and especially the documentation. My firewall box masq''s a private net via dialup modem. Configuration is almost exactly as described in the two-interface example. My question regards the result of a "internet test scan" that I found via google search...when I run

Hello to you all! We are implementing here at the University KVM virtualization for our servers and services and i was wondering if anyone virtualized domain cotrollers to KVM. Does anyone done this before? Any advice? -- Andry Michaelidou Papa | IT Systems Administrator|Department of Computer Science| University of Cyprus Tel: +357.22.892734 | Fax: +357.22.8927231 | http://www.cs.ucy.ac.cy

Hi boys & girls : Probably my Subject is crazy, but due I haven''t tryed this, I prefer to ask. Is it possible to run snort in a fw box (using shorewall, of course). Your feedback will be very well appreciate. Thanks Benito.-

Hello to you all! We are implementing here at the University KVM virtualization for our servers and services and i was wondering if anyone try to automatically backup images. I am actually using logical volumes for the VM guests. All virtual clients are installed in their LVM logical volume. We are already use IBM TSM for backup as we used to when we had physical machines, ie install client

Ed Greshko has established a full Shorewall mirror in Taipei. http://shorewall.greshko.com ftp://shorewall.greshko.com Thanks Ed!! -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net

Hi, i have a network with one machine acting as master router with 2x4-Port-Ethernet-Cards in it - running nmbd! There are two Windows-Workgroups, WRK1 and WRK2 in each there are Windows-Exchange-Servers EX1, EX2. In WRK2 the PDC is on EX2, in WRK1 there is a standalone PDC, PDC1. Every network is a full 255 IP-Network. 192.168.40.1 WRK1 EX1 (192.168.40.40) PDC1 (192.168.40.42) 192.168.41.1