Displaying 20 results from an estimated 1000 matches similar to: "REDIRECT + shorewall drop for dynamic blacklists"
2004 Sep 22
3
Strange DNAT problems with shorewall 1.4.8
I''ve had some issues with my network, and I''ve had to reconfigure my
Gibraltar CD. It runs shorewall 1.4.8, and I have a 2-interface setup, so
I downloaded the relevant files from the install page.
Masq and such works, but I''m having a problem with my port forwarding. It
works for port 22, but it doesn''t seem to work for any other port.
I''ve turned
2012 Sep 05
2
DNAT issue
Hi,
Sorry, not an experienced shorewall user, this is my first basic setup.
This starts to drive me crazy.
I wanted to use DNAT to forward port 33890 to an internal machine (windows)
port 3389. To reach my workstation when I''m not home.
In my rules :
DNAT:debug net loc:192.168.0.11:3389 tcp 33890 -
pub.lic.ip.add
#SECTION BLACKLIST
#well known port scans
DROP net
2005 Jan 02
1
Linksys router and shorewall
I''m not a subscribed user, so please cc me on any replies
(fier0@bigfoot.com).
I know this has been asked a few times, but i have not been able to find
a direct answer. I was using shorewall with 2 nics, and it worked fine,
except if that linux box went down then nobody could get out to the
internet (and the wife would kick my ass). I''ve now started to use my
linksys
2004 Sep 15
15
re: start error
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The original post was over 300,000kb so I didn''t spam the list with it -TE.
|
|
| Thank you for your quick and helpful response.
|
| I didn''t understand that the virtual interface eth0:1 doesn''t count as
a separate instance from eth0.
| I am sorry to ask for further assistance and would appreciate any
help. The error
2003 Mar 28
9
Squid
I''m attempting to setup Squid as shown on:
http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ
The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat
7.2 on the server in the DMZ. I''m not seeing the requests come in to the
server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the
firewall, the local traffic I''m trying to
2005 Jan 11
2
dnat problem
Hi,
I have a proxy/firewall,
I want to dnat requests for 193.205.140.106 on port 443 towards
10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389
towards 10.2.15.25, these rules must apply from internet, loc and fw
(some client use a proxy on fw to reach these servers)
I have tried with the following rules:
DNAT net dmz:10.2.15.23 tcp 443 -
2004 Nov 24
10
Attack from local network or...?
Hello,
when I execute "shorewall hits" command I find this stats:
HITS IP DATE
---- --------------- ------
92099 192.168.0.2 Nov 24
7764 59.104.107.85 Nov 23
3997 192.168.1.77 Nov 24
337 181.50.93.89 Nov 23
331 59.104.156.68 Nov 23
315 99.109.157.73 Nov 23
301 190.225.157.40 Nov 23
275 179.153.183.53 Nov 23
268
2003 Aug 31
4
linux-ha heartbeat .. failover firewall
I have searched your FAQ''s and read the documentation on your site as well
as googling. I am not able to figure this out. If you have any ideas can
you please help.
I am using the linux-ha failover with redundant firewalls.
As part of the function of the linux-ha software consists a service called
heartbeat which is a connection from each failover node through a serial
cable or ethernet.
2008 Aug 01
1
[git patches] Ocfs2 and Configfs fixes
The only non-fix here is Joel's new configfs convenience macros, but nobody
is using them yet, so I think the patch is safe.
By the way, these patches (as usual) are all rebased on top of your latest
tree. I think that since the vast majority of ocfs2 and configfs patches are
self-contained and within a small area of the kernel that this should
probably be fine. If you feel otherwise however,
2008 Feb 26
2
Patch to add debugfs interface to o2net
This is a forward port for net_proc.c from 1.2.
2006 Feb 09
1
Error Messages in /var/log/messages
Here's the output:
Feb 9 15:51:26 SSI001 kernel: SFW2-INext-ACC-TCP IN=eth0 OUT=
MAC=00:0f:ea:73:88:12:00:40:2b:67:5b:a7:08:00 SRC=192.168.1.54
DST=192.168.1.2 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=51248 DF PROTO=TCP
SPT=1964 DPT=139 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402)
Feb 9 15:51:28 SSI001 kernel: SFW2-INext-ACC-TCP IN=eth0 OUT=
2006 Feb 14
14
[Bug 448] IPv6 conntrack does not work on a tunnel interface
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=448
laforge@netfilter.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Component|ip_conntrack |nf_conntrack
------- Additional Comments From laforge@netfilter.org 2006-02-14 09:05 MET -------
ipv6 conntrack is
2003 Jan 16
3
Jan 16 17:49:33 murowall kernel: Shorewall:loc2net:CONTINUE:IN=eth0 OUT=eth2 SRC Shorewall:FORWARD:REJECT:IN=eth0 OUT=eth2
I have the problem when my localnetwork do telnet to the net
Shorewall:FORWARD:REJECT:IN=eth0 OUT=eth2
my files are the following:
policy
#SOURCE DEST POLICY LOG LEVEL LIMIT:BURST
loc net CONTINUE info
loc fw ACCEPT info
loc loc ACCEPT
loc dmz ACCEPT info
fw
2006 Sep 12
3
Completely isolating P2P/BitTorrent traffic
Hi all,
I''m tring to isolate P2P traffic, specifically BitTorrent, for my QoS
scripts. I can''t seem to completely isolate ALL BitTorrent traffic.
I identify & mark packets and then use tc filters to put them into
appropriate classes. My firewall rules (below) do the markings. My VoIP
boxes'' and ICMP traffic get highest priority (mark 1). Then comes DNS, SSH,
2009 May 22
2
Fixing to bite the dust?
I've been getting LOTS of messages like the below in the daily log, and
from all indications, it appears to all be related to the cpu;
the machine is just over a year old, and was the old vortex.wa4phy;net
server from the downtown co-lo site. Aside from huge log files, and
lots of other fluff, numerous problems of other nature have started
cropping up. Anyone have any suggestions as to
2002 May 30
3
eDonkey and Shorewall
Hi everybody!
I''m very happy with shorewall, seems to safe my computer well, a little
bit to well. But i''m sure it''s a mistake of mine:
I can''t get edonkey working! They say that edonkey needs the following
ports enabled:
4665 udp in / out
3665,4665,7665,8665 udp out
4661,4662,4666 tcp in
thats what i wrote in the rules file:
ACCEPT fw net
2005 Feb 07
2
blacklists and rules
Hi People, what files is processed first?, balcklist or rules, i want to
globally filter imesh, but at the same time allow managers to connect, i.e.
, imesh work on port 1214, i have this:
/etc/shorewall/blacklist
#ADDRESS/SUBNET PROTOCOL PORT
192.168.0.0/16 tcp 1214
192.168.0.0/16 udp 1214
2008 Feb 21
2
overall comparison of an ordered categorical in a multiple regression
I entered the following:
formula<-nst~age+soc+inc+reg+imp
pnstlm<-lm(formula,nst)
summary(pnstlm)
imp and soc are ordered categorical variables but the summary does not give
an output of the overall p-values, just individual comparisons. I can't
find help for this in the manual. Is there a command or option change in
the summary to find out the overall p-value?
thank you in
2010 Dec 27
2
what process is sending this packet?
I can see, that theres a program that keeps sending packets on port 25:
Dec 27 14:11:46 a kernel: [ 6336.992320] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=61533 DF PROTO=TCP SPT=37263 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0
Dec 27 14:12:01 a kernel: [ 6352.635704] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=55853
2007 Jun 08
5
CBQ + Layer7 x Emule
Hi All ,
My first message and I have a little problem with my FC6 box trying to block
emule traffic using layer7 .
Here my network :
Internet --------- ADSL Router ------------------- FC6 Box
-------------------- Emule Box
external ADSL : Dynamic
Internal ADSL : 192.168.254.1
external FC6 : 192.168.254.3
internal FC6 : 192.168.253.1
Emule Box : 192.168.253.3
I guess that everything