similar to: Problem starting Shorewall using Bridge configuration

Hi I am using Shorewall with a bridged Firewall using the "bridging utils" from Debian. eth0 is connected to the router and eth1 is connected to the local lan. eth0 and eth1 are both assigned zero addresses and br0 is assigned the Firewall server address of 192.168.0.1 I should point out that Shorewall is working fine in Bridge mode, but I have hit some problems while evaluating

Hi I have installed Shorewall 2.0.8 from the Debian Repositories and although the firewall is working fine I have a problem with the start up at Boot time. I am running "SimplyMepis" which is a Debian based distro with kernel 2.4 or 2.6. My config is the firewall running on a PC with 2 nics, eth1 connected to a private lan, etho with a fixed ip address connected to another

Hi As per my follow up mail I implemented the ProxyArp configuration as per the Documentation on the Web site and all seemed to be working correctly. However, the one thing that doesn''t seem to be working properly is Samba. I have Samba running on the FW machine and one of the servers 192.168.0.8 on the Local Lan. I can connect to a Share using Samba from Server to Server, however

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am forwarding your post to the Debian Shorewall maintainer -- none of the code involved in Shorewall startup under Debian is part of the standard Shorewall distribution. - -Tom - -------- Original Message -------- Subject: [Shorewall-users] Problems with Firewall start at Boot time Date: Mon, 06 Sep 2004 16:48:16 -0400 From: Stewart Outram

Hi Tom and other gurus, I modified SHOREWALL (version 2.0.15) for bridging and I cannot restart it. I got the following error ... Processing /etc/shorewall/policy... Policy ACCEPT for fw to net using chain fw2net Policy REJECT for fw to loc using chain all2all Policy DROP for net to fw using chain net2all Policy ACCEPT for loc to fw using chain loc2fw Policy ACCEPT for loc to net

Hi folks, I read quite some posts about "Destination host unreachable" problems before, but none could help me to solve my issue. So here we go: This is what I am using: SUSE Linux Enterprise Desktop 10 SP1 - Current with all updates Network configuration of my dom0: foobar:~ # ip a 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd

On 03/16/2015 01:07 PM, Lentes, Bernd wrote: > Bernd wrote: > >> Laine wrote: >> >>> -----Original Message----- >>> From: sendmail [mailto:justsendmailnothingelse@gmail.com] On >> Behalf Of >>> Laine Stump >>> Sent: Monday, March 16, 2015 4:12 PM >>> To: libvirt-users@redhat.com >>> Cc: Lentes, Bernd >>>

someone recommended that i should give br0 the same hardware address as eno2. I did that, and restarted the vm, and it still does not work. Here is my current host interface config: ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft

> Dear CentOS-Community, > > we are facing the following issue: > > A secondary ip address seems to be automatically added to a nic which > causes several issues in our setup. Hi, Can you show as the config of eno4? And can you diff the config of eno1 and eno4. Looks like there is a difference somewhere. Regards, Simon > > > This server is equipped with four nics

I should have what i want to achive. The server is intended as a host for VMs. Our network has multiple VLANs, and the VMs will be connected to different VLANS. The interface eno1 is for host traffic and eno2 is connected to the trunk port of the switch, making the different VLANS availabel to the VMs via the br0. I want to use a VLAN-aware br0, so that I specify in my VM config (on the host

Hello All, I'm trying to figure out why xen-utils-common 3.2 doesn't suport bridging on multiple interfaces. I've been digging around /etc/xen/scripts/network-bridges. And modified it so that during boot, when executed the script writes into /tmp/netbr file, but I commented out code that actually creates bridges. I discovered that this script is called three times during boot, I

Hello, I''m stuck IPSECing my wireless network at home and would appreciate any comments. I appologize in advance if I''m wasting your time with trivia - I''m not a professional and staring at the problem for days from various angles hasn''t done me any good ... My home server/firewall (morannon) is hooked up through an USB to ethernet adapter (eth1) to my DSL

I have an access-IProm my isp that I configured my eth0 with. And I also have an IP-range assigned from my ISP that will be used on my servers connected to eth1. The IP-range is routed thru the access-IP. This is how my configfiles look like. Internal everything seems to work but not external. /etc/shorewall/proxyarp #ADDRESS INTERFACE EXTERNAL HAVEROUTE

hello , i''m currently trying to set-up Traffic Shapping with Shorewall and I have strong feelings that I found a bug. I may be mistaken, but I tried everything and can''t get it to work. I''ve turned ON TC_ENABLED=Yes and CLEAR_TC=Yes when i start shorewall ( shorewall start ), i get this message : Setting up Traffic Control Rules... TC Rule "2 eth1 0.0.0.0/0 tcp

This is my system info: Debian Release: 10.5 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.4.60-1-pve (SMP w/16 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh

Dear CentOS-Community, we are facing the following issue: A secondary ip address seems to be automatically added to a nic which causes several issues in our setup. This server is equipped with four nics which are currently in use: # nmcli con show NAME????? UUID????????????????????????????????? TYPE????? DEVICE eno2????? cb6fcb54-be52-4ab6-8324-88091a0ea1a0? ethernet? eno2 eno4?????

Lables: Gateway = 209.5.171.65 Netmask = 255.255.255.192 Eth0 = net = 209.5.171.66 Eth1 = loc = 192.168.0.1 There is no NAT clients, in essence loc is dmz. I can rename loc to dmz if that helps. Proxy/ARP is used for IP addresses 209.5.171.67-126 Problem: Using the Shorewall Action AllowFTP does not result in desired behavior when connecting from Internet to machines behind firewall in DMZ. From

Hi Parke, Thanks, no I had not run those commands, but after doing so, my VPN address is not visible. See below: nsasia at db2:/etc/tinc$ sudo systemctl enable tinc at VPN1 Created symlink /etc/systemd/system/tinc.service.wants/tinc at VPN1.service → /lib/ systemd/system/tinc at .service. nsasia at db2:/etc/tinc$ systemctl start tinc at VPN1 ==== AUTHENTICATING FOR

On 12/16/18 4:59 PM, Marc Haber wrote: > Hi, > > I would like to run a network firewall as a VM on a KVM host. There are > ~ 25 VLANs delivered to the KVM host on three dedicated links, no LACP > or other things. I have the VLANs 100-180 on the host's enp1s0, the VLANs > 200-280 on the host's enp2s0 and the VLANs 300-380 on the host's enp3s0. > > To save

Hi all, I have done some tests for the new attributes "check" and "type", could you please help to have a check? And I have some questions about the patch, please help to have a look, Thank you! The questions: 1. in step 4 below, the error message should be updated: Actual results: XML error: invalid mac address **check** value: 'next'. Valid values are