similar to: problem with masquerading with shorewall

Hello Everyone! I am using shorewall-3.0.5 on suse linux. Recently we have implemented dansguardian running on 8080 and squid on port 3128. Previously (before dans guardian) masquerading was working fine but after the implementation of dansguardian masquerading is not working. My rules file has entry Previous entry was ACCEPT loc:192.192.192.3 net REDIRECT loc 8080 tcp

Hallo, I got a problem (I think it''s not a Problem, I am just to stupid to manage it) Iwant my Server (eth1: addr:10.0.123.1, Local Zone), eth0 is connectet to the Student-Network (addr:172.16.129.106 Mask:255.255.248.0 gateway: 172.16.128.1, Net Zone), to forward all packages from port 80 on local Zone to www-cache.uni-halle.de:3128 (172.16.128.1:3128) because I have to use this

Hi, I followed the instructions posted on the shorewall web page for transparent proxy, but I still cannot get it to work. I have almost the same setup as described on the web, running squid on dmz, eth1, and the loc on eth2. I can see that packets going out from the fw, they are not sent to the squid proxy, and if I try to telnet to the squid proxy to port 80, where I should be directed to

Dear All, Linux Kernel 2.4.20-8 Running Shorewall 2.2.0 ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:48:54:53:82:45 brd ff:ff:ff:ff:ff:ff inet 62.68.254.178/28 brd

Tom, I am NOT subscribed (yet). I dropped SuSeFirewall2 in favor of shorewall to get past the configuration hurdles I as experiencing. At the moment, when my SuSe 9.1 starts up, I can see shorewall processing the rules, policies, etc. and I see no errors and then moves on with the rest of the SuSe boot process . However, no traffic passes through using the rules. I run an iptables -L and I

hello before asking my question I come My name is Santiago and I''m from Spain but I''m in Colombia I followed this guide: https://www.doas.montanalinux.org/proxmox-ve-with-shorewall.html but when I run shorewall check, this error occurs: Checking... Initializing... Determining Zones... IPv4 Zones: net loc Firewall Zone: fw Validating interfaces file... ERROR: Invalid

We are trying to configure shorewall as follows: 1. We have shorewall running at gateway (172.16.1.1) with NAT. 2. We have a number of web servers (172.16.1.x/24). These web servers are accessed through port forwarding at the gateway (172.16.1.1) and websites are visible through virtual hosting through a web re-director. 3. Presently the proxy server runs in a transparent mode, i.e., all web

We are using Shorewall 2.0.8 with SuSE 9.1 and have built a bridging firewall primarily to defend against syn flood and smurf DoS attacks. We are a small ISP using Cisco routers for a total of 5-6 subnets. Since bridges are based on use of MAC addresses, if we could use one bridging firewall system instead of 5-6 ... is this possible? practical? (Other than introducing a single point of failure

Hi everybody. I''m trying to configure shorewall folowing this manual: http://www.montanalinux.org/proxmox-ve-with-shorewall.html But with shorewall check it tells me thah: Checking /etc/shorewall/interfaces... ERROR: Unknown zone (dmz) : /etc/shorewall/interfaces (line 16) How can I define it in the zone file? thanks for the help. best regards, Santiago.

Hello all, I''ve read the shorewall guides and browsed through the mailing lists, but I haven''t been able to find out if the following is possible or not using shorewall. Our provider has given us 16 IPs + 4 in a separate range for our uplink. I would like to replace that router with a Linux box running shorewall with three interfaces. I want the DMZ to be a standard, routed

Dear All, Firstly, thank you very much - shorewall is great. I''m not a member of this list, and please forgive me if I am suggesting something stupid, but the following occurs to me, and I thought it might be useful. Why no make it possible to specify zones as well as interfaces in the /etc/shorewall/masq file ? Eg: instead of: eth0 eth1 one might write: net loc (or masq in

This is some ramblings on why using proxy ARP (on a host in a DMZ) is a good or bad thing. The good is that a computer X retains a public IP address which makes it easy to connect it directly to the net if the firewall has to be taken down for extended periods. Thus, if computer X is a mail server for example, it can still function in a reduced capacity until the firewall is restored. The bad

Hi everybody I have a Problem with Masquerading from my local net (loc) to my VPN (loc2). I can reach every Service from loc2 in loc, but I can''t get reach any service from loc in loc2. Has somebody an Idea where my mistake is ? Without shorewall, it was working. Thanks for helping Lars Technical Information : Shorewall 2.0.13 Suse 9.0 *177.177.77.X The first 3 Counts are changed

Hi! I want to redirect all http and https traffic from my LAN to squid in DMZ - transparent proxy. How do I do that? Regards, Sasa

I''ve got a Shorewall firewall setup that''s similar to the standard 3 interface configuration (net,loc,dmz). Several ports are forwarded from the internet to computers in the dmz. I''d like to have any connections to that same public IP address from either loc or dmz to be treated exactly as if they were coming in from the internet itself. There''s some

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I mean http://users.gurulink.com/drk/transproxy/TransparentProxy.html on "6. Transparent Proxy to a Remote Box." Thanks - -------- Original Message -------- Subject: Squid on remote Box Date: Wed, 16 Mar 2005 17:16:35 +0700 From: Royke K <royke4k@cbn.net.id> To: shorewall-users@lists.shorewall.net How do I configure port

We switched over from a bordermanager firewall to a shorewall firewall. Some stuff is not working now. I realized that I had not created the route for the network that is not working however once I created it, it still didn''t work. Most of our network is fine however some pieces are not working. [Net] - [Shorewall] - [LAN] - [Cisco] - [Clients and servers not working] The firewall

Hello all, i am new to shorewall and i already have a question ;) i am running a mailserver in my dmz (or actually this will be when = evertything will be working fine with shorewall) with public ip = addresses.. i have a subnet of 8 ip addresses (255.255.255.248 mask) and = i was planning of the classic 3 nic (eth0-2) setup... the dmz should = work with proxy-arping...=20 now my quesion is

I have problem with IP public, my Network configuration [wireless] <------> [Router] <------ > [ Linux proxy ] < ------ > [Client ] IP configuration [202.123.123.1] <------->[202.123.123.2 and 192.168.0.1] < ------ > [192.168.0.2 and 202.123.123.3] < ------ > [202.123.123.4] this configuration will use IP 202.123.123.2 on internet how to config my network