similar to: Shorewall + OpenVpn

Hi, I have a few questions about the inner workings of netfilter (a graphical layout of my network setup @ https://aequorin.homeunix.net:62389/local/media/network-graph.png) 1) These are the syslog entries for some simple connection tests. Shorewall/netfilter has been set to record all stateful connections SSH is recognized as phys(eth0) -> $FW traffic. This is because PHYSIN is

[This email is either empty or too large to be displayed at this time]

Dear All, I try to upgrade, my old shorewall from 4.4.13-3 to 4.5.2.3-1 on CentOS, after upgrade i can''t start shorewall with this message: "/Shorewall: Address Ranges require the Multiple Match capability in your kernel and iptables/" I try to search on the net about this, but no still no light. Somebody can help me? Great appreciate for any help. Regards,

inquiry about differences between the tap and the vnet in the virt-manager Greetings! I encounter a problem about the network when using virt-manager to create and run a VM. when I want to establish a network bridge for the guest OS, I generally use two kinds of ways described as fellow : First method : create a bridge with the help of linux commad: brctl, or Second method : using

Hello, I have been using the bridging facilities provided by Linux (vanilla 2.6.7 SMP with UML skas host patch applied) to bridge a regular physical ethernet network (on interface eth0) with a virtual network (on interface tap0, cf uml_switch, http://user-mode-linux.sourceforge.net/networking.html). A couple of virtual machines (run using user-mode linux, a tool that enables you to run linux

Hi Vene, Would appreciate any help you can give as I am not sure which NAT you are talking about. A little more background. I am replacing a Windows 2000 routing and remote access machine that was acting as the gateway and performing NAT for Internet access for our local clients. In this setup the cisco VPN clients had no problem connecting to the vpn concentrator. The only difference in any

Hello list, Please don''t shoot me. I know I''m doing something with bonding that bonding wasn''t made for. I just want to give it a try. I want a simple mechanism to have a failover on a 24Mbit line to a 2Mbit line in case the 24Mbit line goes down. Between A and B there are two lines: a 24Mbit and a 2Mbit. I use two OpenVPN tunnels with tap devices: +-- tap0 (A)---

No i can start qemu but no network I have a bridge br0 with ta0 on it My start line qemu debian.5-0.x86.20100901.qcow --curses -net nic -net tap,ifname=tap0,script=no

Here is the scenario: I have one server with kernel 2.4.24 with a bridge br0 made of 2 interfaces, eth0 and tap0 (the last is an OpenVPN tunnel), and one remote computer connetting through tap0. If I assign a static IP to the remote computer, the bridge works perfecly (so I think the problem is not OpenVPN-related). If I start a DHCPd on the server and I configure the remote client to get the

How does the libvirt deal with the vnet mac address? Greetings, if I establish a network for the VM (hypervisor is KVM) using bridge in the virt-manager , a vnet0 device is created . There are some relationships about mac address between the vnet0 device in the hypervisor and the ethX device in the VM, for example : the mac address of vnet0 is FE:54:00:84:E3:62 the mac address of ethX in the VM

Hello all, I subscribed newly to this list, since I got an bridging problem after an upgrade from Debian etch to Debian lenny (before everything worked fine). The situation is as follows: # brctl show bridge name bridge id STP enabled interfaces br0 8000.000347729835 no eth0 tap0 tap0

Hello All, I am trying to implement OpenVPN on Fedora core Linux 3 with the latest pathces installed. This server is used only as firewall/internet gateway/proxy/VPN server, with kernel 2.6.1-1.27.FC3 and kernel 2.6.1-1.27.FC3 SMP It has two NIC''s eth0 (10.0.0.150) connected to ADSL, eth1 (192.168.3.12) connected to the local network. I use shorewall 2.4 on this machine. I like to test

Hi all. I would need to use a single physical interface on a Linux box to manage two different IP addresses (belonging to two separate logical subnets) with two different MAC address. (I need to emulate te presence of two separate physical interfaceses for a PC on the same LAN, at layer 2 and layer 3). Is it possible to use the linux ethernet bridging code and two tap interfaces for this

Hello Tinc list! I'm trying to set up a Tinc VPN between two KVM host machines so that a VM on one host can communicate with a VM on the other host. While I do have a good bit of experience with virtualization, I'm not a particularly savvy network guy, so this is proving to be a pretty big challenge. Requirements: * ALL VM network traffic must be secure. * VMs on one host must be

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I''m running Shorewall 4.4.0/Debian Lenny and I''m trying to setup OpenVPN with a mild degree of success so far. My ultimate end goal is to basically have an extension of my home lan to my laptop as well as my wife''s when we are away from home, and have all of my normal network resources available as if I were sitting at home

On 04/27/2015 04:59 AM, Daniel P. Berrange wrote: > On Sun, Apr 26, 2015 at 10:51:34AM +0800, wh.h@foxmail.com wrote: >> How does the libvirt deal with the vnet mac address? >> >> Greetings, >> if I establish a network for the VM (hypervisor is KVM) using bridge in >> the virt-manager , a vnet0 device is created . There are some relationships >> about mac

Hey all, I''m trying to setup roadwarrior connection to my internal network. So I''ve setup openvpn to create a tap0 connection and also have bridged the eth1 (leads to my internal computers 192.168.2.10-30 and tap0 which is the VPN connection. On my shorewall setup I have br0 maped to zone loc and eth0 to be my internet and I have masqing on my br0 to get my internal computers

I'm currently running Openvpn on a multi-homed linux server. The bridge device br0 comprises the tap0 virtual device and the physical eth0 device. Eth0 is wired to the local LAN. Remote clients dial into the server's external interface eth1's udp port 1194. This works but when the number of clients increases (over 12), we see lots of dropped packets and lost connections. We look at

Hello, I thinking about using PCI passthrough to dedicated a domU as firewall. I understand PCI passthrough concept. When done, my domU will see network card and the dom0 won''t any more. So I''ll be able to filter all trafic from outside, since it will go through network domU. Then, how will I be able to connect other domU (and maybe dom0) to the network domU ? In a normal way,

I have a Debian 8 64-bit machine set up as a server and apt-got the tinc package. I configured tinc as a bridge and everything seems normal except that the tunnel does not forward multicast traffic. I used tcpdump to examine the br0, eth0 and tap interfaces. I could see multicast packets on both br0 and eth0, but there is no such packet present on the tap interface. I don't quite know why