similar to: Client Behind Router can''t get internet & cannot do fowarding...

I recently setup shorewall on my freshly rebuilt router box. I setup transparent proxying using transproxy/dansguardian/privoxy/squid. My current rules for the redirect are: REDIRECT loc 81 tcp www - !192.168.100.0/24 ACCEPT fw net tcp www How do I set this so that all the request are redirected except for requests FROM a certain machine (192.168.100.11)? I

Ok. That''s probably really confusing. :) Here''s what I''d like to do. If it''s something that''s overly difficult or just plain stupid, let me know. :) I''m on cable with a dynamic IP. I have a domain forwarding account pointing to me. That is techiem2.no-ip.com. The firewall is 192.168.100.1. My web server is on port 444 on machine

I''m trying to get Shorewall to use ulogd for logging, but I''m not seeing any logging in either the file I set up for logs, nor in /var/log/messages (where the logs used to be). I''m running a stock Debian 3.0 woody system, with a custom 2.4.21 kernel. I used all the settings as described on shorewall.net when configuring the kernel. ulogd (0.97-1) and shorewall

I''ve set up shorewall with the two-interface mode. pc #1 eth1 ---> ppp0 ---> Internet eth1: 10.10.10.254 eth0: 10.10.10.1 > via a crossover cable pc #2 eth0: 10.10.10.2 (gateway=10.10.10.254) I am able to surf the net with pc #1, but pc #2 is completely cut off from pc #1 and the net. I am also unable to ping from and to pc #2.

Hi, I want forward port 21 and 443 to my squid. A simply rule (dnat) didnt help me. My http - port (only 80) will forwarded to my squid. It runs fine. Here I have used the HowTo from Tom and the hints from http://lartc.org/. I want to do the same with port 21 as port 80. My network: Shorewall: eth0 net (192.168.108.1) eth1 dmz (192.168.109.1) eth2 loc (192.168.110.1) eth3 loc1

I''m trying to use my VPS server (single interface of course) as somewhat of a VPN gateway to my other location (which is not accessible directly from some places) where the openvpn server is running, and am kind of lost as to what to try next. I tried a redirect rule, but apparently shorewall didn''t like that (it just failed to start). I tried adding the rules via

Hello all, I''m using shorewall on a linux machine that has two interfaces, eth0 being connected on the internal network (10.10.10.0/24) and eth1 being connected to the external network. On eth0 the IP is statically configured to 10.10.10.254 and there is a dhcp server running for the machines in the private network. On eth1, the IP is dynamically assigned by my ISP modem that acts as

I had to restart one of my routers tonight and since then shorewall on it has been dropping SIP packets coming in from one machine instead of forwarding them to the freebpx server. Shorewall:net2all:DROP:IN=eth0 OUT= MAC=<removed> SRC=<my home network external ip> DST=<server network external ip> LEN=575 TOS=0x00 PREC=0x20 TTL=78 ID=230 PROTO=UDP SPT=5061 DPT=5060

Dear List. I try to build multipath connection w/ load balance to internet with two different gateway; My system is RH-8.0 with iproute-2.4.7-7.90.1.rpm and Kernel-2.4.26 (patching with Julian A. patch),and follow guide from http://www.linuxvirtualserver.org/~julian/nano.txt, The problem is; when i try to connect to Internet form gateway machine it;s success , but only one interface is

Hy, sorry for my poor english i think i''m having a very unusual problem and very dificult to track, but i''ll try to explain it as best as i can. here is my scenario: a firewall/bridge composed of 3 ethernet devices and 1 virtual one. my bridge (br0 ) is composed of eth0, eth1 and tap0 br0:eth0 is my connection to my router (200.244.92.1) br0:eth1 is my connection to my

We switched over from a bordermanager firewall to a shorewall firewall. Some stuff is not working now. I realized that I had not created the route for the network that is not working however once I created it, it still didn''t work. Most of our network is fine however some pieces are not working. [Net] - [Shorewall] - [LAN] - [Cisco] - [Clients and servers not working] The firewall

I''m very new to shorewall. My setup is IP Gateway (CentOS 4 + Shorewall) with 3 NIC cards. Shorewall works great on the firewall machine. Bind also works (local net machines get IPs fine). Under firestarter, all works great. With shorewall, the loc machines can not route past the firewall. They can connect to the firewall, but not past it. Exactly what information should I post to get

Hello all, Yesterday I noticed that my system was "leaking" traffic towards the 10/8 network, I have shorewall installed on multiple machines ranging from single interface devices to ones with 10+ interfaces. I tested all the boxes and they are showing the same behavior. All systems are CentOS 3.4, 2.4.21-27.0.2.ELsmp. Shorewall version: 2.2.1 For the host mentioned is a single

I have a setup with two Internet providers. One circuit (net0 == eth1) is used primarily for employees and tunnels to other sites. The other (net1 == eth2) is for the production machines that customers access. Everythung works in teh sense that packets get to where they are sent (mostly) but I recently I had a sniffer on the system and noticed a problem I cannot solve. traffic coming in

I''m working on setting up a new router/server/etc. box. I''m using Proxmox as the base system (Debian Lenny basically). I''m trying to figure out the right way to configure Shorewall on it. I''ve looked at some of the bridging info but they seem to all be talking about single-interface setups. Could someone look over my setup and give me some input into the

Hi all, I''m using Gentoo Linux Distribution and I''ve upgraded my firewall from Shorewall 1.4 to 2.0.4, however my LANs stop having internet access. I have a server with shorewall 2.0.4 installed and 3 interfaces. eth0 and eth1 are interfaces to a LAN and to my laptop and eth2 is the net interface. I have masq like: eth2 eth0 eth2 eth1

Hello everybody. I could not find an answer to my problem in the archive. (But that may just be me :-) ) I have a problem with proxy arp and connection from loc (localnet) and from the firewall. Works fine from internet to dmz / proxy arp and vise versa. I have a feeling the solution is simple, but I''m no guru in Linux routing etc. The problem seems to be the routing setup. loc -

My Shorewall installation was working great until yesterday when it started logging ''REJECT'' to packets that tried to cross the firewall to the internet. I tried to work past the firewall by entering "shorewall clear" but I still can''t get past the gateway / firewall machine. Does this mean the NIC is damaged? When Shorewall is running I can navigate

Hello Tom, I am not sure if you can help with this but I am at my wits end. If you hit this site and do a force refresh (ctrl + F5) the site will time out and lose connections. Do the same on port 443 and it does not time out??? The web site I am reffering to is www.tituswill.com I think the only problem is port 80. Do you have any idea how to diagnose this I have sent a dump of just

In an effert move my Dmz from a snapqear roouter to Linux with shorewall. Question is I have network 64.42.53.200/29 which makes default gw 64.42.53.201 network 64.42.53.200 broadcast 64.42.53.207 mask 255.255.255.248 and I want to set up shorewall with eth0 64.42.53.202 eth1 local eth2 dmz where dmz will use say 64.42.53.203 for web and email server. Where I do not need or should I say use