similar to: resending to new external address

Hi folks, I'm considering setting up a commercial backup service. I've already got ProFTPd set up to do secure FTP with remote users authenticating via a MySQL lookup. What I'd like to know is if I can do the same thing with rsync? Specifically, can I run rsync as a daemon that permits secure connections and encrypted transfers from remote users using the same MySQL

I have had to replace an existing setup which has a bunch of IPs Proxy-NAT''ed onto the loc segment. While I do eventually want to move them to their own segment, I have to deal with this for the next few weeks. My problem is that from a loc system I can ping the public IP of a system being proxy-ARP''d but I can''t hit it via HTTP. Nothing is being blocked according

Hi, Is there some know problem between the 'scp' client in OpenSSH 2.5.1p1 and F-Secure's SSH 2.4.0 server? The client is running on a Linux (2.2.17) box and server is running on Win2K. When I try to transfer files it asks me for the password (which I provide) then it hangs. Using 'scp -v' didn't provide any helpful info; it's as though the problem happened before

I have a 3 nic setup with shorewall 1.4.8-1 running on redhat 9. My eth2 (dmz zone)has 7 secondary address attached to it. I can ping a machine in each subnet, dmz to net rules seem to be working fine on all machines.. I have my policy set as dmz to dmz accept. If I try to ping between subnets I get Nov 21 12:18:45 kbeewall kernel: Shorewall:FORWARD:REJECT:IN=eth2 OUT=eth2 SRC=172.17.0.2

I''m getting my zones confused. Help. I need to have a bunch of systems using OpenVPN to gain an IP in the virtual subnet 10.100.1.0/24, on interface tun0. I will then route whole subnets to those IPs, like 10.100.2.0/24 via 10.100.1.12, etc. I want to have a policy for: - all hosts behind tun0 - all hosts in 10.100.1.0/24 - individual subnets being routed through IPs in

Hi, enabling this line in hosts file "WAN eth2:0.0.0.0/0!1.0.0.0/8,10.0.0.0/8,169.254.0.0/16,172.16.0.0/12,192.168.0.0/16 routeback,blacklist,tcpflags" results in this error message -- Preparing iptables-restore input... Running /usr/sbin/iptables-restore... iptables-restore v1.3.8: error creating chain ''ACCEPT'':File exists Error occurred at line: 29 Try

Hey folks; I have been happily using shorewall for quite some time so this problem _may_ not be easy to resolve but I am interested in any information regarding your experience with the same setup. I was using FC3 with shorewall 2.2.3 and two NICs setup as a bridge without any issue until I upgraded to FC4. My production system would pass traffic through the bridge but local usage would not

Has anybody on this managed to get ChilliSpot and Shorewall to work together? I have managed to get it to work with the supplied firewall script but if I wanted to do my firewall like that I would not be using Shorewall. At any rate, I am having all kinds of trouble translating the supplied rules to something that Shorewall would understand. If anybody has already done it I would love to see the

The bridging documentation (http://shorewall.net/2.0/bridge.html) has been expanded and there is a refresh of the bridging code (ftp://shorewall.net/pub/shorewall/Bridging and http://shorewall.net/pub/shorewall/Bridging). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net

Hi, In log I get: ----------------------------------------------------------- Sep 30 16:19:03 host kernel: Shorewall:FORWARD:REJECT:IN=eth0 OUT=eth0 SRC=ip1 DST=ip2 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=27279 DF PROTO=TCP SPT=51501 DPT=25 WINDOW=8192 RES=0x00 SYN URGP=0 ---------------------------------------------------------- Even in /etc/shorewall/rules I have

hi, Please see the following text diagram: 10.0.15.0/24 --> 10.0.15.1 (f0/1) cisco router (f0/0) 192.168.0.5 <-- 192.168.0.0/24 --> 192.168.0.1 firewall --> internet I have some problem after added a static route in shorewall in /etc/sysconfig/network-scripts/route-eth0, the syntax is: 10.0.15.0/24 via 192.168.0.5 in 192.168.0.0/24 computers cannot ping or

Hi, I am running OpenVPN where i have one central hub VPN server, and multiple spoke VPN clients. I can ping from each client to the server and each client to computers on the subnet which the server resides (192.168.2.0/24) so it works ok there. I cannot however, ping from one client to another client. I guess the packet path would go: clienta -> vpn -> shorewall/router -> vpn ->

Hi, This subject has been brought up in the forum, but it''s a bit different. If I have a set of tun interfaces. I already defined tun+ as zone A, and I have excluded tun15 as zone B (a subset of zone A). I need to add tun16 to zone B. My config: /etc/shorewall/interfaces: A tun+ - routeback B tun15 /etc/shorewall/ A ipv4 B:A ipv4 I tried to define in

Great piece of software there... Just a few minor problems. First, the sourceforge site doesn''t seem to be kept up to date. This should be pointed out more (Sourceforge probably shouldn''t be the first mirror either). It caused me some long hours trying to solve a bug in 1.4.6, thinking this was the latest version, when in fact this bug was solved in 1.4.8 (routeback for if+).

This is a minor release of Shorewall. Problems Corrected: 1) TCP connection requests rejected out of the common chain are now properly rejected with TCP RST; previously, some of these requests were rejeced with an ICMP port-unreachable response. 2) ''traceroute -I'' from behind the firewall previously timed out on the first hop (e.g., to the firewall). This has been

I am trying to setup a 2 ISP shorewall box and I have 1 question. Does the routeback option replace the steps in FAQ 32 or do I need both? Thanks Jim

hello before asking my question I come My name is Santiago and I''m from Spain but I''m in Colombia I followed this guide: https://www.doas.montanalinux.org/proxmox-ve-with-shorewall.html but when I run shorewall check, this error occurs: Checking... Initializing... Determining Zones... IPv4 Zones: net loc Firewall Zone: fw Validating interfaces file... ERROR: Invalid

Hi everybody. I''m trying to configure shorewall folowing this manual: http://www.montanalinux.org/proxmox-ve-with-shorewall.html But with shorewall check it tells me thah: Checking /etc/shorewall/interfaces... ERROR: Unknown zone (dmz) : /etc/shorewall/interfaces (line 16) How can I define it in the zone file? thanks for the help. best regards, Santiago.

Hello, I''m not sure if this has been asked before but I would like to ask assistance for this problem I have. I installed gentoo for my firewall/gateway and installed dhcp and shorewall. Currently, I can ssh, ftp, remote desktop connect, ping, etc (anything I can think of) from an internal computer inside my network to an external IP, except I cannot surf the net. I can ssh/ftp to

I have problem with IP public, my Network configuration [wireless] <------> [Router] <------ > [ Linux proxy ] < ------ > [Client ] IP configuration [202.123.123.1] <------->[202.123.123.2 and 192.168.0.1] < ------ > [192.168.0.2 and 202.123.123.3] < ------ > [202.123.123.4] this configuration will use IP 202.123.123.2 on internet how to config my network