similar to: Througput problems behind firewall

Hi I am using verion 2.0.10 of Shorewall. My configuration is as follows: Eth1 dmz1 ------------| __________ | | | Eth2 dmz2 | FIREWALL |------| INTERNET | ----------| | _______ | |__________| | |---------| |

Hello Tom, I am not sure if you can help with this but I am at my wits end. If you hit this site and do a force refresh (ctrl + F5) the site will time out and lose connections. Do the same on port 443 and it does not time out??? The web site I am reffering to is www.tituswill.com I think the only problem is port 80. Do you have any idea how to diagnose this I have sent a dump of just

I''m very new to shorewall. My setup is IP Gateway (CentOS 4 + Shorewall) with 3 NIC cards. Shorewall works great on the firewall machine. Bind also works (local net machines get IPs fine). Under firestarter, all works great. With shorewall, the loc machines can not route past the firewall. They can connect to the firewall, but not past it. Exactly what information should I post to get

Hi, I have been a shorewall user for a long time now, and it has been working flawlessly. I have now changed ISP and my new DSL connection is PPPoE. My setup is as follows: internet <--------> 3com812 Officeconnect (bridge mode) <----> eth0 <-------> linux box <----> eth1, eth2, eth3, eth4 <---> other internal networks Things are working fine, but the link is

Hi folks, Has anyone tested the changes to multiple ISPs/load balancing or routestopped in 2.4.0-RC1 yet? We need to talk about what criteria we will use for determining whether 2.4.0 is ready for release. I''ve started configuring a firewall at work with the multiple ISPs support, but its kernel doesn''t have connection marking support, so it''s going to be a couple of

Dear Centos Users: I installed Centos 7 on my server a few months ago. While using ssh, there is always a strange message "Write failed: Broken pipe?. It forces quit of SSH. It?s really annoying as it happens very often with irregular time interval - from a couple of minutes to a few hours. I have been working using Linux (Red Hat, Fedora and Centos) over 15 years. This didn?t happen for me

Good day, I have gone through a couple of the HOWTO''s on how to get this to work, but I am still sitting with a very strange (for me) issue. If two clients connect via OpenVPN (bridged), they can access each other without any problems, but neither of them can access the server, nor any system behind it. I am fairly sure it is a Shorewall issue, but I am very new to Shorewall, having

Hello, I''m new in the list. I''ve installed Mandrake MNF and it works fine but I''ve a problem in sending emails. Small text mails can go out but bigger ones, with attachements, have problems. My network is formed by Windows workstations and only the firewall is a Linux box. The first simptom is the reaching of ISP''s server time out and then my mail client goes in

Hello, Here is my network: ------------------ ------------- ----------- Linux box ----------- GRE --------- Cisco ---------- ------------------ ------------- What I wan to accomplish. I want ripv2 to go across (both ways) through the GRE tunnel. No packets are being passed thought the GRE

When we create an L2 loop on a bridge in netns, we will see packets storm even if STP is enabled. # unshare -n # ip link add br0 type bridge # ip link add veth0 type veth peer name veth1 # ip link set veth0 master br0 up # ip link set veth1 master br0 up # ip link set br0 type bridge stp_state 1 # ip link set br0 up # sleep 30 # ip -s link show br0 2: br0:

On 12/07/2023 17:48, Ido Schimmel wrote: > On Tue, Jul 11, 2023 at 04:54:15PM -0700, Kuniyuki Iwashima wrote: >> When we create an L2 loop on a bridge in netns, we will see packets storm >> even if STP is enabled. >> >> # unshare -n >> # ip link add br0 type bridge >> # ip link add veth0 type veth peer name veth1 >> # ip link set veth0 master

Le 13/05/2020 ? 02:13, Orion Poplawski a ?crit?: > On 5/12/20 2:46 AM, Patrick B?gou wrote: >> Hi, >> >> I need some help with NFSv4 setup/tuning. I have a dedicated nfs server >> (2 x E5-2620? 8cores/16 threads each, 64GB RAM, 1x10Gb ethernet and 16x >> 8TB HDD) used by two servers and a small cluster (400 cores). All the >> servers are running CentOS 7, the

hello list! I am attempting to setup haproxy using a shared up I am trying to setup using the heartbeat package that I currently have installed: [root at VIRTCENT01:~]#rpm -qa | grep heartbeat | grep -v -e stonith -e pils heartbeat-2.1.4-11.el5 heartbeat-2.1.4-11.el5 I have /etc/ha/.d authkeys setup this way: # auth 2 #1 crc 2 sha1 {SHA}secret I have /etc/ha.d/resources setup like this:

Hi, I''m running Slackware 13.37 x86 using Shorewall 4.4.21 with OpenVPN and the VPN options I''m using in Slackware 13.37 will not work in Shorewall, but in Slackware 13.1 using the same Shorewall version and files, the ''interfaces'', ''policy'' and ''zone'', are all I have configured, it was working and this also works in Arch at

Hi, this is propably bridge related and not really a xen problem, but it might help someone: Some of our domUs are not able to arp. Arp -n show (incomplete), and doing a tcpdump shows, that on the dom0''s eth0 the arp request goes out, the response comes in, but on the vifX.0 interface the arp response is gone. dom0# tcpdump -ni eth0 arp who-has 10.32.2.51 tell 10.32.7.70 arp reply

I have a setup with two Internet providers. One circuit (net0 == eth1) is used primarily for employees and tunnels to other sites. The other (net1 == eth2) is for the production machines that customers access. Everythung works in teh sense that packets get to where they are sent (mostly) but I recently I had a sniffer on the system and noticed a problem I cannot solve. traffic coming in

We switched over from a bordermanager firewall to a shorewall firewall. Some stuff is not working now. I realized that I had not created the route for the network that is not working however once I created it, it still didn''t work. Most of our network is fine however some pieces are not working. [Net] - [Shorewall] - [LAN] - [Cisco] - [Clients and servers not working] The firewall

This is my system info: Debian Release: 10.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.4.60-1-pve (SMP w/16 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh

On 10/03/2016 04:54 AM, TE Dukes wrote: > I can get the guest to access the internet but have tried every was possible > to be able to access the guest from the LAN or even the host. Nothing I have > tried works. > > The only thing all documentation leaves out is how to set up the guest > networking during the install. "All documentation" doesn't leave out this

Hi, I would like to run a network firewall as a VM on a KVM host. There are ~ 25 VLANs delivered to the KVM host on three dedicated links, no LACP or other things. I have the VLANs 100-180 on the host's enp1s0, the VLANs 200-280 on the host's enp2s0 and the VLANs 300-380 on the host's enp3s0. To save myself from configuring all VLANs on the KVM host, I'd like to hand the entire