similar to: Bridge Questions

You are awesome!!!! -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of Tom Eastep Sent: Wednesday, March 30, 2005 9:11 AM To: Mailing List for Shorewall Users Subject: Re: [Shorewall-users] Shorewall and an inline IDS (snort-inlineorhogwash) Tom Eastep wrote: > Thibodeau, Jamie L. wrote: >

Plus I would like to let you know that it works like a charm. Snort can now see those packets. -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of Thibodeau, Jamie L. Sent: Wednesday, March 30, 2005 9:25 AM To: Mailing List for Shorewall Users Subject: RE: [Shorewall-users] Shorewall and an inline

Does anyone know what a good maximum number of machines I should place in the ProxyArp list? Thanks Jamie

If I''m using proxyarp and I try to ping that host from a machine in the net(untrusted) zone should I get a reply from the firewall address saying Destination host unreachable? I would like it to just time out. Jamie

I have a quick question regarding accounting rules. This is the contents of my accounting file. *for reference eth1 is my net interface eth0 is my loc interface ezp:COUNT - eth1 129.15.70.46 tcp 80 ezp:COUNT - 129.15.70.46 eth1 tcp - 80 smag:COUNT - eth1 129.15.70.24 tcp 80 smag:COUNT - 129.15.70.24 eth1 tcp - 80

I made an atempt to run snort_inline and shorewall on the same system but I could not get snort to see the packets. Maybe someone with a little more iptables knowledge could tell me what I''m doing wrong or if its possible to have the systems setup so that it places packets that the firewall would allow into QUEUE. After setting up and starting shorewall I then issue the following

Has anyone successfully setup a shorewall Ucarp solution?

I am not a member of the mailing list. Shorewall version 2.0.9 ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 4: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000

Clients: Some sites just show the top area not the full page. Some sites cant be reached at all. I think it 90% may be the MTU/MSS problem. But I already have set the shorewall.conf CLAMPMSS=1400 or CLAMPMSS=Yes, but it doest make things good. I would be mad. Anybody helps me would so appreciated! If you want know more info. to diag my problem, I would be please to.

Hi, I am in the process of conteinerization of server infrastructure, and my idea is to run telephony server appliance Trixbox under KVM (which in tuen uses QEMU codebase) on SuSE Linux. KVM networking is rather primitive, and the only way to make KVM''ed OS seen as "normal" computer is to use virtual bridge as I found on net. The questions are (based on the

I''m expermienting with Shorewall for use protecting my servers(about 25 all currently using pub addresses). My pointy-haired-boss is somewhat sceptical about adding a firewall that would be a single point of failier for our services. Does anyone have a good set of documentation that I could use in setting up either an Active/Active or Active/passive setup with two identical shorewall

Hi, I''ve set up a bridge which connects two parts of the same subnet with each other. I''ve set up everything as described in the Documentation and it works very nicely. However: I have a problem with adding hosts to zones dynamically. The zone I want to add hosts to is called ''work''. Since only the bridge br0 is defined in /etc/shorewall/interfaces

Hi, I have a Linux firewall based on shorewall with 2 NIC and ADSL (ppp0). My ppp0 ip is fixed. The internal NIC, eth1, is bridged with tap0, tap1 and tap2 to form br0. br0 subnet is 192.168.2.0/24. The firewall is configured to masq internal traffic and block whatever needs to be blocked. It is also configured to tunnel openvpn v1.6. I have a roaming laptop running XP. I can create a tunnel

Here is the report and the complete diagram. And sorry for email problem and incomplete email ! I have made new test. Eth0 and eth2 are bridged. I can ping NET from LAN I can ping every firewall''s interface from LAN I can ping eth1 from private LAN I can ping everything from firewall Bridging is activated in shorewall.conf >From LAN i can ping 192.168.11.253 but not 192.168.11.254

Hi I have recently reconfigured my system to a Bridge based architecture on the basis that I have an ADSL Modem/Router with a Public address on the Wan side and a Private address on the Lan side. I am running a Debian based system kernel 2.6.7 and the Bridging software is installed and working correctly, including startup etc. The problem that I have is in "shorewall start" The

Hi I have been using Shorewall for a while now and find it very useful and easy to configure, I am learning iptables and having trouble getting the bridge to successfully work with squid, although I get it working with Shorewall straight away? Does anyone know the rules to successfully use squid with a transparent bridge? Internet – router - (bridge eth0 – eth1) – local lan auto lo iface lo

hi list, i got a small problem. here is my setup: WAN | | | bridged $FW-------DMZ | | masqueraded | LOCAL my shorewall machine ($FW) got three interfaces: eth0 eth1 eth2 * eth0 is connected to the WAN * eth1 is connected to my DMZ * eth2 is connected to LOCAL network i manage a whole C class (public adresses) in my DMZ, let''s say X.Y.Z.0/24 * my router

Hy, sorry for my poor english i think i''m having a very unusual problem and very dificult to track, but i''ll try to explain it as best as i can. here is my scenario: a firewall/bridge composed of 3 ethernet devices and 1 virtual one. my bridge (br0 ) is composed of eth0, eth1 and tap0 br0:eth0 is my connection to my router (200.244.92.1) br0:eth1 is my connection to my

Hi I am using Shorewall with a bridged Firewall using the "bridging utils" from Debian. eth0 is connected to the router and eth1 is connected to the local lan. eth0 and eth1 are both assigned zero addresses and br0 is assigned the Firewall server address of 192.168.0.1 I should point out that Shorewall is working fine in Bridge mode, but I have hit some problems while evaluating

Hi, the new function ''shorewall show zones'' in 2.2.0-Beta showed a thing which is (in my view) either abug or not documented. If I have a line in /etc/shorewall/hosts which reads work br0:eth0:192.168.2.10,192.168.2.11,192.168.2.12 then "show zones" has the output work br0:eth0:192.168.2.10 br0:192.168.2.11 br0:192.168.2.12 That is, the