Displaying 20 results from an estimated 1000 matches similar to: "Zoning Out"
2004 Dec 30
12
Multi-Hop VPN Issue looking for Solutions
I''ve just discovered that I do not have access to the remote gateways
for a set of IPsec tunnels to remote networks. This prevents me from
changing the routing table on those gateways.
I need "roadwarrior" systems connecting to me local network using
OpenVPN (tun) to be able to access those systems. Since the remote
gateways don''t know about 10.100.1.0/24, where my
2004 Dec 30
19
OpenVPN tun Interface
I have a zone "rw" defined as tun0 in interfaces.
From that zone, pings to zone "loc" succeed but pings to remote
networks (On IPsec VPNs) are rejected in the all2all chain. From my
point of view, these pings should be in the rw2cctc chain. (rw to cctc
is ACCEPTed in policy.)
I must have a hole in my config, where would it be?
Thanks,
A.
2005 Jan 04
5
Shorewall and ChilliSpot
Has anybody on this managed to get ChilliSpot and Shorewall to work
together? I have managed to get it to work with the supplied firewall
script but if I wanted to do my firewall like that I would not be using
Shorewall.
At any rate, I am having all kinds of trouble translating the supplied
rules to something that Shorewall would understand. If anybody has already
done it I would love to see the
2008 Mar 26
8
Hub/Spoke OpenVPN can't communicate from Client A to Client B - FORWARD:REJECT:IN=tun0 OUT=tun0
Hi, I am running OpenVPN where i have one central hub VPN server, and multiple spoke VPN clients. I can ping from each client to the server and each client to computers on the subnet which the server resides (192.168.2.0/24) so it works ok there. I cannot however, ping from one client to another client. I guess the packet path would go:
clienta -> vpn -> shorewall/router -> vpn ->
2005 Jan 26
9
Proxy-ARP on Same Segment
I have had to replace an existing setup which has a bunch of IPs
Proxy-NAT''ed onto the loc segment. While I do eventually want to move
them to their own segment, I have to deal with this for the next few weeks.
My problem is that from a loc system I can ping the public IP of a
system being proxy-ARP''d but I can''t hit it via HTTP. Nothing is being
blocked according
2006 May 04
11
Shorewall/OpenVPN issue
Good day,
I have gone through a couple of the HOWTO''s on how to get this to work, but
I am still sitting with a very strange (for me) issue.
If two clients connect via OpenVPN (bridged), they can access each other
without any problems, but neither of them can access the server, nor any
system behind it.
I am fairly sure it is a Shorewall issue, but I am very new to Shorewall,
having
2008 Aug 01
1
file descriptor in bad state
I've just setup a simple gluster storage system on Centos 5.2 x64 w/ gluster
1.3.10
I have three storage bricks and one client
Everytime i run iozone across this setup, i seem to get a bad file
descriptor around the 4k mark.
Any thoughts why? I'm sure more info is wanted, i'm just not sure what else
to include at this point.
thanks
[root at green gluster]# cat
2010 Jul 06
3
Cross subnet browsing + OpenVPN
Hi All,
I'm having a problem with cross subnet browsing and name resolution across
an openvpn tunnel. i've found quite a few people who've had the same on
mail lists but none of their fixes have worked. The spec of the setups at
both ends of the tunnel are as follows:
OS - CentOS 5.5
Samba Version 3.5.4
OpenVPN Version 2.0.9-1
Each server is configured in gateway mode with two NICS,
2010 Jul 06
1
Cross subnet browsing + vpn
Hi All,
I'm having a problem with cross subnet browsing and name resolution across
an openvpn tunnel. i've found quite a few people who've had the same on
mail lists but none of their fixes have worked. The spec of the setups at
both ends of the tunnel are as follows:
OS - CentOS 5.5
Samba Version 3.5.4
OpenVPN Version 2.0.9-1
Each server is configured in gateway mode with two NICS,
2010 Jul 06
2
WG: Cross subnet browsing + OpenVPN
What about your openvpn config?
The tun net must have an entry in your hosts allow.
If you work with briding the remote network has to be the same subnet as the
local!?
Bridging is the best way to have a remote net integrated.
I have one logging in form Berlin on my Samba-Domain.
Daniel
-----------------------------------------------
EDV Daniel M?ller
Leitung EDV
Tropenklinik
2007 Sep 27
4
current state is silly?
The following manifest is causing an error/warning and permissions are
not set. i do not understanding why:
file { "/diskless/swaps":
ensure => directory,
owner => nfsnobody,
group => nfsnobody,
mode => 1777;
}
The error is:
Fri Sep 21 14:53:05 EST 2007
2008 May 14
2
Help
Hello there
I have a question about rsync, and some options.
I have 10 servers here that all need data from one machine. It's a
LARGE amount of files all pictures and files and such, now every time I
rsync the directory over it takes like hours to create the file list.
Now I'm fine with that, but I need to know if it can save the file list
it generates and uses it over again for the
2003 Nov 21
7
FORWARD:REJECT
I have a 3 nic setup with shorewall 1.4.8-1 running on redhat 9. My eth2
(dmz zone)has 7 secondary address attached to it. I can ping a machine in
each subnet, dmz to net rules seem to be working fine on all machines.. I
have my policy set as dmz to dmz accept. If I try to ping between subnets I
get
Nov 21 12:18:45 kbeewall kernel: Shorewall:FORWARD:REJECT:IN=eth2 OUT=eth2
SRC=172.17.0.2
2008 Dec 31
5
Problem with "routeback, blacklist, tcpflags" in Shorewall 4.2.4-2
Hi,
enabling this line in hosts file
"WAN
eth2:0.0.0.0/0!1.0.0.0/8,10.0.0.0/8,169.254.0.0/16,172.16.0.0/12,192.168.0.0/16
routeback,blacklist,tcpflags"
results in this error message
--
Preparing iptables-restore input...
Running /usr/sbin/iptables-restore...
iptables-restore v1.3.8: error creating chain ''ACCEPT'':File exists
Error occurred at line: 29
Try
2009 Mar 11
1
prediction error for test set-cross validation
Hi,
I have a database of 2211 rows with 31 entries each and I manually split my
data into 10 folds for cross validation. I build logistic regression model
as:
>model <- glm(qual ~ AgGr + FaHx + PrHx + PrSr + PaLp + SvD + IndExam +
Rad +BrDn + BRDS + PrinFin+ SkRtr + NpRtr + SkThck +TrThkc +
SkLes + AxAdnp + ArcDst + MaDen + CaDt + MaMG +
MaMrp + MaSh +
2008 Dec 14
1
Is that iozone result normal?
5-nodes server and 1 node client are connected by gigabits Ethernet.
#] iozone -r 32k -r 512k -s 8G
KB reclen write rewrite read reread read write
read rewrite read fwrite frewrite fread freread
8388608 32 10559 9792 62435 62260
8388608 512 63012 63409 63409 63138
It seems 32k write/rewrite performance are very
2003 Apr 25
2
firewalling help/audit
Hi !
First of all, I am sorry if this is not the list for that, but I've been
learning (a little bit...) a way to implement a freeBSD firewall.
So far I came up with a set of rules I would like to show you for commenting.
I am sure there're a lot of errors and/or stupid rules (I am not sure the
rules order is good for what I need) and I would be really pleased if one
could have a look
2012 Jun 21
2
[Bug 2020] New: Remote-to-remote copying doesn't work when second host not on port 22
https://bugzilla.mindrot.org/show_bug.cgi?id=2020
Bug #: 2020
Summary: Remote-to-remote copying doesn't work when second host
not on port 22
Classification: Unclassified
Product: Portable OpenSSH
Version: 6.0p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
2010 Feb 14
1
mlogit function cut off formular
I'm trying to fit a multinominal logistic model using package mlogit. I have
15 independent variables. The code looks like this:
m<-mlogit(score~0|f1+f2+f3+f4+f5+f6+f7+f8+f9+f10+f11+f12+f13+f14+f15, data,
reflevel="1")
And it gives the following error message:
Error in parse(text = x) :
unexpected ')' in "score ~ 0 + alt:(f1 + f2 + f3 + f4 + f5 + f6 + f7 + f8
+ f9
2006 Nov 11
5
src/etc/rc.firewall simple ${fw_pass} tcp from any to any established
Hi security@ list,
In my self written, large ipfw rule set, I had something that passed
http to allow me to browse most but not all remote sites. For years
I assumed the few sites I had difficulty with were cases pppoed MTU
!= 1500, from not having installed tcpmssd on my 4.*-RELEASE, but
then running 6.1-RELEASE I realised that wasn't the problem.
http://www.web.de Still failed, &