Displaying 20 results from an estimated 3000 matches similar to: "Re: Shorewall 2.2 and Debian Sarge"
2006 May 29
4
IpSec support with kernel 2.6.16.18
Hi all,
I''m currently using ipsec with Shorewall 3.0.7 on a patched 2.6.10
kernel. Having heard that ipsec support was in the standard kernel
starting from 2.6.16, I tried to upgrade to the last kernel.
My problem is that shorewall won''t start anymore.
I get this output in /var/log/shorewall-init.log:
Starting Shorewall...
Initializing...
Shorewall has detected the
2005 Feb 15
0
Re: Shorewall 2.2 and Debian Sarge
Jason Wohlford wrote:
> Hi Tom,
Jason -- Please post your Shorewall questions to the Shorewall users
mailing list -- I don''t offer private hand holding.
> I''m having some trouble with Debian Sarge (testing) and Shorewall 2.2.
> Any assistance would be much appreciated. I emailed Debian''s shorewall
> .deb maintainer. He created an updated
2008 Jun 22
2
Automatic Expunge
Any suggestions for doing an automatic move and expunge on mailboxes?
Cheers,
Jason
--
Jason Wohlford
<jason at wohlford.org>
<http://wohlford.org>
2008 Apr 15
6
Bah! Outlook
Hi All,
I run a little hosting company. I use Dovecot 1.0.10* with IMAP
exclusively. Lots of my customers use Outlook or Outlook Express. This
poses a problem. These programs don't and have absolutely no
workarounds to move messages to a trash folder when deleted. They only
mark the message for deletion. Then, users have to purge the message
to actually delete it. Outlook has a way
2008 Apr 17
2
Development news
Hi Timo and welcome back!
> On Sun, 2008-03-16 at 20:29 +0200, Timo Sirainen wrote:
>> Tomorrow begins a 5 week lab course at school. Every day and about 8
>> hours a day. And then we'll also have to write these reports about what
>> we have done and how/why, which takes quite a lot of time as well. After
>> 5 weeks there's one free week
Are you a teacher or a
2004 Sep 29
0
Re: Shorewall-users Digest, Vol 22, Issue 65
Hi
I have 2nic firewall . I had to open some ranges of udp and tcp ports . I
faced a problem that although all the ports are open Some functionality was
not working . Any body used shorewall with H323 Voip traffic DNATed . Any
help is appretiated .
Thanks
----- Original Message -----
From: <shorewall-users-request@lists.shorewall.net>
To: <shorewall-users@lists.shorewall.net>
Sent:
2004 Jul 23
4
shorewall 2.0.3a, (ULOG) doesn''t log anything
Dear all:
Im using shorewall 2.0.3a (debian) w/ ULOG. shorewall starts ok, and the
firewall is running, but nothing is printed on the logs.
I try, for example, to do a connection to a port that is opened on the
server but closed by the FW and I get a connection refused. If I stop
the firewall, this port is accesible from the outside.
I think I''ve followed all the steps on
2007 Oct 06
7
ipp2p segmentation fault
Hi all.
On Sep 26th I decided to try and get ipp2p working on my machine that acts as a gateway for my Internet connection.
This machine is running Debian.
I performed the install by doing the following steps:
- I installed the Debian package called linux-source-2.6.22 for my Linux kernel source and unpacked the resulting tar.bz2 file.
- From the netfilter.org site I downloaded the following
2007 Jul 29
12
Shorewall 4.0.0 + Kernel 2.6.21.5-grsec
Hello,
My hoster updated its kernel packages... It contained some old problems
that should have been fixed. My servers have now a wonderful 2.6.21.5
kernel + grsec running.
Both are running Debian 4.0 (stable release).
mx:/etc/shorewall# iptables --version
iptables v1.3.6
mx:/etc/shorewall# uname -a
Linux mx.network-hosting.com 2.6.21.5-grsec-xxxx-grs-ipv4-32 #1 SMP Fri
Jul 27 17:18:23 CEST
2007 Mar 20
2
New Perl-based Compiler
My experimentation with a Perl-based compiler for Shorewall is beginning
to bear fruit. Here is a timing from the main firewall at shorewall.net
using the Perl-based compiler. That compiler generates a script that
uses iptables-restore to configure Netfilter.
root@lists:~/shorewall# shorewall restart .
Compiling...
Shorewall configuration compiled to /var/lib/shorewall/.restart
Restarting
2005 Jan 06
6
Nested zones? (Or soemthing?)
[192.168.0.0/24 Lan]
v
[Shorewall box ''Curtain'', 192.168.0.254, DHCP to ISP, and a OpenVPN tunnel
10.4.0.2]
v
[Internet]
v
[Shorewall box ''statler'' 130.241.25.165, and an OpenVPN tunnel 10.4.0.1]
Now, i have set a rule on statler
ACCEPT vpn $FW tcp smtp
and i have as below.
root@statler:/etc/shorewall# cat zones | grep -v ^#
net Net Internet
2009 Dec 17
4
Shorewall time element rules never works ?
Hi all,
I Try use shorewall rules with time element but its never works, the
rules look like this
HTTPS(REJECT) loc net:69.63.181.11,69.63.181.12,69.63.184.142,69.63.187.17,69.63.187.19 localtz×tart=20:00×top=20:10&weekdays=Mon,Tue,Wed,Thu,Fri
This rules for block https access to facebook site at working hours & day
My system is Debian lenny, shorewall 4.4.4.2 kernel
2004 Sep 27
9
masq - pings and connections get dropped after PREROUTING?
Hello,
I have a pretty standard two-interface setup with masquerading, so the local
network can connect through the firewall to the Internet.
On the firewall box (trevor), eth0 is connected to a cable modem and eth1 is
connected to the local network via a crossed cable. There is one other
machine on the local network (brian), whose eth0 is at the other end of the
crossed cable.
I used to have
2004 Sep 29
10
DNAT + Masq Problem - Yes I read the FAQ I promise
I have a debian woody machine acting as a firewall for a small
network. I am trying to do a simple DNAT to port 80 on the protected
webserver and masquerade all traffic from the protect subnet outbound.
After having read the FAQ and various posts regarding problems with
DNAT I''m afraid I''m no closer to a solution. Based on the output from
"shorewall show nat" I
2012 Jun 13
3
Default Route disappear
Hi
I have a default route to 192.168.1.1 as soon as I start shorewall the
default route dissapear. What do I need to do to have it not disappear.
Kind Regards
My network setup
/etc/network/interfaces:
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.17
netmask 255.255.255.0
network 192.168.1.0
broadcast 192.168.1.255
2004 Aug 07
11
Traffic shaping?
Ok, shaping on Linux is new to me.. so bear with me if i am just stupid.
curtain:/etc/shorewall# grep TC shorewall.conf | grep -v ^#
TCP_FLAGS_LOG_LEVEL=info
TC_ENABLED=Yes
CLEAR_TC=Yes
TCP_FLAGS_DISPOSITION=DROP
curtain:/etc/shorewall#
So it should be enabled, right?
---- tcrules ----
1 eth0 0.0.0.0/0 all
2 eth1 0.0.0.0/0 all
2 eth2 0.0.0.0/0
2013 Sep 16
7
Rsync rules for Shorewall
Hi folks,
I''m having an issue with rsync between my firewall and an internal
box. It seems to be a shorewall issue (or correctly speaking, an
issue with my shorewall config) because if I disable shorewall my
rsync works fine.
And I just can''t find it documented anywhere what I need to do.
I have rules like this :
root@userver:/etc/shorewall# grep -i Rsync rules
2005 Jan 30
11
Poor ipsec performance with policy match
Hello !
I have a performance issue with Kernel 2.6.X and policy match support as
suggested in http://shorewall.net/IPSEC-2.6.html. My IPSEC performance
doesn''t exeed about 30kbyte/sec even if my downlink is 1024kbit/sec and
should reach more than 100kbyte/sec.
No, its not the cpu''s performance (AMD Barton 2500+) and no it''s not the
gateway (CELERON 600 Mhz) on the
2004 Dec 08
9
Kernel/iptables question
As suggested here:
http://lists.shorewall.net/pipermail/shorewall-users/2004-October/015097.html
I''ve run:
adam@shrike:~$ /sbin/iptables -m policy --help
iptables v1.2.11
Usage: iptables -[AD] chain rule-specification [options]
iptables -[RI] chain rulenum rule-specification [options]
iptables -D chain rulenum [options]
--snip--
And:
adam@shrike:~$ sudo
2011 Dec 04
6
Shorewall 4.4.27 Beta 1
Beta 1 is now available for testing.
One of the problems I''ve had with the Shorewall products is trying to keep them all in sync. There have been two copies of each shell library and four CLI programs.
To simplify maintenance, I have collapsed each of the library pairs into a single library and have reduced the number of CLI programs from four to two (one for the