Displaying 20 results from an estimated 700 matches similar to: "DNS, DNAT and Notifies"
2005 Mar 07
7
Webmin Module
I have registered a project with Sourceforge to produced a Webmin module for
Shorewall.
http://sourceforge.net/projects/webmin-shorewal/
Anyone interested in participating please email me at
enemyofthestate at users.sourceforge.net
I am still learning the interface but I think I need your Sourceforge Nym to
add you as a developer.
--
Stephen Carville
Unix and Network Adminstrator
2005 Mar 02
12
Problem with outgoing Masquerade
I''m having another little problem with my new firewall. I want outgoing port
25 from my mail server to appear on the address 65.223.121.227 so I created
the file masq:
eth2 192.168.124.18 65.223.121.227 tcp 25
eth1 eth5
eth1 eth3
eth1 eth4
eth1 == net0 == 209.189.103.196/27
eth2 == net1 == 65.223.121.237/28
eth3 == dmz0
eth4 == dmz1
eth5 == loc ==
2006 Aug 23
2
Permission Problem --Windows or UNIX?
I am using Samba 3.0.20a with winbindd on FC3 and all the shares except
one are working. I keep getting a permison denied error for non-local
users in certain directories.
The permissions on the directory are
# ls -ld .
drwxr-xr-x 11 procman users 4096 Aug 3 15:35 .
# ls -l
drwxrwx--- 12 procman admin 4096 Aug 2 15:47 administration
drwxrwx--- 5 procman data-entry 4096 Nov 16
2004 Sep 02
5
DNAT and ping
I have the following
interfaces
loc eth0
net0 eth1
net1 eth2
(net0 and net1 are the two ISP networks)
policy
loc net0 ACCEPT
loc net1 ACCEPT
net0 all DROP info
proxyarp
209.189.103.204 eth0 eth1 no no
params
Pellucidar=192.168.124.232
rules
DNAT net0 loc:$Pellucidar tcp 22,80,1950,50005 - 209.189.103.204
ACCEPT all all icmp
2004 Sep 07
6
Syntax for address range
I would like to add a rule allowing only the address 192.168.150.20 and the
range of addresses from 192.169.150.100 to 192.168.150.150 in zone dmz0 to
connect to two terminal servers in the local zone.
Is there a syntax that can specify a range of addresses in the rules file? Do
I have to enter each one separately?
--
Stephen Carville
Unix and Network Adminstrator
DPSI
6033 W.Century Blvd.
2005 Mar 01
3
Problem with multiple ISP''s
I have a setup with two Internet providers. One circuit (net0 == eth1) is
used primarily for employees and tunnels to other sites. The other (net1 ==
eth2) is for the production machines that customers access. Everythung works
in teh sense that packets get to where they are sent (mostly) but I recently
I had a sniffer on the system and noticed a problem I cannot solve. traffic
coming in
2005 Mar 21
1
Two ISP and routing.
I think I''ve figured out the routing for multiple ISP''s and DNAT. For
ths who might be interesed, I''ve uploaded some notes to:
http://www.heronforge.net/redhat/node17.html
Let me know of you see any errors or a better way...
--
Stephen Carville <stephen@totalflood.com>
Unix and Network Admin
Nationwide Totalflood
6033 W. Century Blvd
Los Angeles, CA 90045
1999 May 19
3
Samba and BackupExec
Hi,
I've got Samba 2.0.2 and a server NT4 SP3 with Seagate BackupExec 7.0.
When I want to backup Samba with Seagate BackupExec, I get a message
saying "Unable to connect to server, <F5> to retry", and then another
one saying "A device specific error occured".
I've read all the Samba archive about that subject, but I do not find
any solution.
I don't
2005 Mar 08
3
question about vpn
on i have a small question we have a linux box with a windows 2003
server well we natted all the ports and mail is working
remote desktop is working web is working the only thing that does not
work is vpn how can i foward vpn traffic to this server i checked the
site and searched for foward vpn and got nothen can somone please
enlight me where to start
Marshal McInnis Tech / Web
2006 May 15
6
Everything but [Homes] works
I am migrating from my "old" 2.2.7 samba server to a newer server runnig
3.0.20a and everythig is working except the [homes] share. The server
(FILE-CABINET) is a member of the domain, security is set to ADS and, as
far as I can tell, kerberos is working. The program wbinfo returns a
list of users and groups like it should. getent passwd returns first my
local passwd file and then
2003 Mar 01
1
Linux to Linux with Samba?
Is it possible to allow two Linux computers to browse each other in a
manner similar to the way a winbox and browse a Linux box with Samba? Ya
know, like the network neighborhood thing, not the smbclient get put
thing?
Thanks
2005 Apr 10
3
Re: whitelisting one IP in blacklisted netblock
Robin Lynn Frank wrote:
> I have an entire /8 blacklisted. The problem is there is a single IP in
> it I want to exempt from this. Searching the web site, I note there
> used to be (circa version 1.3) a whitelist feature, but I couldn''t find
> a simple solution to what I want to do.
>
> What would be the bes/easiest way to accomplish this?
I can''t think of a
2005 Oct 11
0
Cannot get logged in using Server=DOMAIN
I have an FC3 intallation with samba-3.0.10-1. I cannot get it to accept
a login with server=DOMAIN. I can join the domain with no problem:
# net rpc join member -U scarville
passwd:
Joined domain TOTALFLOOD.
I can browse the shares:
$ smbclient -L amazon
added interface ip=192.168.124.230 bcast=192.168.124.255 nmask=255.255.255.0
Password:
Anonymous login successful
Domain=[TOTALFLOOD]
2003 Mar 04
2
Acces Denied to shared printer on linux using Windows XP
Hi,
my problem is to access a shared printer with samba on my WindowsXP workstation
When I browse thru my network with Explorer, I can see the shared printer.
When I double-clic on the printer, Windows XP ask me if I want to install it.
I choose the right driver and click "OK".
The installation begin and there is no error in the installation.
After the installation Windows XP open the
2004 Dec 30
3
OpenVPN forwarding?
I am looking at terminating a OpenVPN tunnel on my shorewall box, but
selectivly forward incoming traffic from the VPN tunnel to various hosts
on my LOC-zone. Is this doable? Or need I set up OpenVPN tunnels that
terminates on the LOC-hosts in question directly?
(Or rather: Which page on the web site have I neglected to read _this_
time?)
Happy new year to one and all!
.
2004 Sep 03
7
Shorewall as a "commercial" firewall
I am considering replacing my old checkpoint and watchguard firewalls witha
single Linux box using iptables and shorewall. I have two ISP''s (with
separate routing tables), two DMZ''s, at least one VPN to a remote office, and
a local trusted network. The configuration will look like:
+----------------+
| |
net0 ----------+ eth1
2005 Mar 02
11
Gui Interface
Hello,
I''ve checked the FAQ, and it tells that there is a GUI interface , does that
applis to version 1.4 as well as version 2.0
Sorry if it is a silly question, but just wanted to be sure
Kind Regards
Samer
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it''s FREE!
2003 Feb 21
0
Re: Need solution to Printers window access denied, unableto connect message.
look in the smb.conf man page for "disable sspool"
I think thats the right option. It needs to go in your global section
ie disable sspool = yes
Cheers
-------------
Kristyan Osborne IT Technician
Longhill High School
01273 391672
------
Computers are like airconditioners: They stop working properly if you open windows.
Win95: A 32-bit patch for a 16-bit GUI shell
2001 Aug 08
1
--delete option not working
I am trying to use rsync to move backup file from a cople of Oracle
servers to another machine where they will be backed up to tape. The
command is run from a script launched by cron and looks like:
/usr/local/bin/rsync --recursive --delete --verbose $BACKUP_DIR/* \
euphrates::tigris/logarch/.
Rsync is running from inetd on euphrates which has the following
defined in /etc/rsyncd.conf:
2004 Sep 29
12
SPF screening implemented at shorewall.net
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Over the past weekend, I added SPF screening on the MTA at
shorewall.net. SPF is a mechanism for a domain to use DNS to publish a
list of those IP addresses that are used to send legitimate email from
that domain. A receiving MTA can use that published information to
determine if email from a domain is being sent through an MTA belonging
to that