similar to: REDIRECT + shorewall drop for dynamic blacklists

I''ve had some issues with my network, and I''ve had to reconfigure my Gibraltar CD. It runs shorewall 1.4.8, and I have a 2-interface setup, so I downloaded the relevant files from the install page. Masq and such works, but I''m having a problem with my port forwarding. It works for port 22, but it doesn''t seem to work for any other port. I''ve turned

Hi, Sorry, not an experienced shorewall user, this is my first basic setup. This starts to drive me crazy. I wanted to use DNAT to forward port 33890 to an internal machine (windows) port 3389. To reach my workstation when I''m not home. In my rules : DNAT:debug net loc:192.168.0.11:3389 tcp 33890 - pub.lic.ip.add #SECTION BLACKLIST #well known port scans DROP net

I''m not a subscribed user, so please cc me on any replies (fier0@bigfoot.com). I know this has been asked a few times, but i have not been able to find a direct answer. I was using shorewall with 2 nics, and it worked fine, except if that linux box went down then nobody could get out to the internet (and the wife would kick my ass). I''ve now started to use my linksys

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The original post was over 300,000kb so I didn''t spam the list with it -TE. | | | Thank you for your quick and helpful response. | | I didn''t understand that the virtual interface eth0:1 doesn''t count as a separate instance from eth0. | I am sorry to ask for further assistance and would appreciate any help. The error

I''m attempting to setup Squid as shown on: http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat 7.2 on the server in the DMZ. I''m not seeing the requests come in to the server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the firewall, the local traffic I''m trying to

Hi, I have a proxy/firewall, I want to dnat requests for 193.205.140.106 on port 443 towards 10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389 towards 10.2.15.25, these rules must apply from internet, loc and fw (some client use a proxy on fw to reach these servers) I have tried with the following rules: DNAT net dmz:10.2.15.23 tcp 443 -

Hello, when I execute "shorewall hits" command I find this stats: HITS IP DATE ---- --------------- ------ 92099 192.168.0.2 Nov 24 7764 59.104.107.85 Nov 23 3997 192.168.1.77 Nov 24 337 181.50.93.89 Nov 23 331 59.104.156.68 Nov 23 315 99.109.157.73 Nov 23 301 190.225.157.40 Nov 23 275 179.153.183.53 Nov 23 268

I have searched your FAQ''s and read the documentation on your site as well as googling. I am not able to figure this out. If you have any ideas can you please help. I am using the linux-ha failover with redundant firewalls. As part of the function of the linux-ha software consists a service called heartbeat which is a connection from each failover node through a serial cable or ethernet.

The only non-fix here is Joel's new configfs convenience macros, but nobody is using them yet, so I think the patch is safe. By the way, these patches (as usual) are all rebased on top of your latest tree. I think that since the vast majority of ocfs2 and configfs patches are self-contained and within a small area of the kernel that this should probably be fine. If you feel otherwise however,

This is a forward port for net_proc.c from 1.2.

Here's the output: Feb 9 15:51:26 SSI001 kernel: SFW2-INext-ACC-TCP IN=eth0 OUT= MAC=00:0f:ea:73:88:12:00:40:2b:67:5b:a7:08:00 SRC=192.168.1.54 DST=192.168.1.2 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=51248 DF PROTO=TCP SPT=1964 DPT=139 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402) Feb 9 15:51:28 SSI001 kernel: SFW2-INext-ACC-TCP IN=eth0 OUT=

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=448 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- Component|ip_conntrack |nf_conntrack ------- Additional Comments From laforge@netfilter.org 2006-02-14 09:05 MET ------- ipv6 conntrack is

I have the problem when my localnetwork do telnet to the net Shorewall:FORWARD:REJECT:IN=eth0 OUT=eth2 my files are the following: policy #SOURCE DEST POLICY LOG LEVEL LIMIT:BURST loc net CONTINUE info loc fw ACCEPT info loc loc ACCEPT loc dmz ACCEPT info fw

Hi all, I''m tring to isolate P2P traffic, specifically BitTorrent, for my QoS scripts. I can''t seem to completely isolate ALL BitTorrent traffic. I identify & mark packets and then use tc filters to put them into appropriate classes. My firewall rules (below) do the markings. My VoIP boxes'' and ICMP traffic get highest priority (mark 1). Then comes DNS, SSH,

I've been getting LOTS of messages like the below in the daily log, and from all indications, it appears to all be related to the cpu; the machine is just over a year old, and was the old vortex.wa4phy;net server from the downtown co-lo site. Aside from huge log files, and lots of other fluff, numerous problems of other nature have started cropping up. Anyone have any suggestions as to

Hi everybody! I''m very happy with shorewall, seems to safe my computer well, a little bit to well. But i''m sure it''s a mistake of mine: I can''t get edonkey working! They say that edonkey needs the following ports enabled: 4665 udp in / out 3665,4665,7665,8665 udp out 4661,4662,4666 tcp in thats what i wrote in the rules file: ACCEPT fw net

Hi People, what files is processed first?, balcklist or rules, i want to globally filter imesh, but at the same time allow managers to connect, i.e. , imesh work on port 1214, i have this: /etc/shorewall/blacklist #ADDRESS/SUBNET PROTOCOL PORT 192.168.0.0/16 tcp 1214 192.168.0.0/16 udp 1214

I entered the following: formula<-nst~age+soc+inc+reg+imp pnstlm<-lm(formula,nst) summary(pnstlm) imp and soc are ordered categorical variables but the summary does not give an output of the overall p-values, just individual comparisons. I can't find help for this in the manual. Is there a command or option change in the summary to find out the overall p-value? thank you in

I can see, that theres a program that keeps sending packets on port 25: Dec 27 14:11:46 a kernel: [ 6336.992320] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=61533 DF PROTO=TCP SPT=37263 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 Dec 27 14:12:01 a kernel: [ 6352.635704] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=55853

Hi All , My first message and I have a little problem with my FC6 box trying to block emule traffic using layer7 . Here my network : Internet --------- ADSL Router ------------------- FC6 Box -------------------- Emule Box external ADSL : Dynamic Internal ADSL : 192.168.254.1 external FC6 : 192.168.254.3 internal FC6 : 192.168.253.1 Emule Box : 192.168.253.3 I guess that everything