similar to: Some help for a beginner please: terser logging

I''m re-reading the section on dns names in the shorewall docs: "I personally recommend strongly against using DNS names in Shorewall configuration files. If you use DNS names and you are called out of bed at 2:00AM because Shorewall won''t start as a result of DNS problems then don''t say that you were not forewarned." Having been stung by this a few times

Hello Shorewall gurus, as outlined on the shorewall site I have done the following after failure to install shorewall via the rpm: I have read all of the FAQ. I have read the quickstart guide with particular attention directed at the Mandrake solution. I have searched the mailing list archives (all old replies). I have studied the documentation index. I have previous experience using shorewall

hi, we use openvpn as for our vpn endpoints and we''ve got about 70-80 vpn connections which means we have tun0 - tun80 interface. i''d like to define one zone for all of our vpn connections how can I do that? actualy our local zone is 192.168.0.0/17 (not 16) and all of the vpn''s are in 192.168.128.0/17. our should i define somehow the local zone as 192.168.0.0/16? but in

Hello, I am stumped on a problem I am having with Shorewall 2.0.1 on Mandrake 10. My setup is as follows. I have a /28 and have assiigned all ip addresses to my firewall using aliases. I am able to setup rules to allow specific traffic to specfic ip addresses on the firewall like so: ACCEPT net:w.x.y.z $FW:w.x.y.z tcp 22 This works great for TCP and UDP traffic. I can

Hi folks, Has anyone tested the changes to multiple ISPs/load balancing or routestopped in 2.4.0-RC1 yet? We need to talk about what criteria we will use for determining whether 2.4.0 is ready for release. I''ve started configuring a firewall at work with the multiple ISPs support, but its kernel doesn''t have connection marking support, so it''s going to be a couple of

The second Beta is now available at: http://www.shorewall.net/pub/shorewall/Beta ftp://ftp.shorewall.net/pub/shorewall/Beta Function from 1.3 that has been omitted from this version includes: 1) The ''check'' command is no longer supported. 2) The MERGE_HOSTS variable in shorewall.conf is no longer supported. Shorewall 1.4 behavior is the same as 1.3 with MERGE_HOSTS=Yes.

Is it just me, or have there been an excessive number of TCP port 9200 port scans ? Port 9200 seems to be associated with WAP & Lexmark printers, but what else ? I know Tom does not like identification, but most sources seem to resolve to Asia. Is there a new Trojan loose ? An example: Oct 7 19:16:18 mybox kernel: Shorewall:net2all:DROP:IN=eth0 OUT=

Hi All, In a scenario, where a LAN is being provided internet connectivity through multiple ISPs terminated at a Load Balanced Multihomed Linux Router as described in LARTC HowTo, how would the traffic distribution affected if there is a squid based transparent proxy for the LAN''s web traffic on the same system (i.e. the load balanced router itself). The recent squid versions have

hello list, i''ve set up shorewall and snort inline on a linux box. it works, but snort only sees traffic from new connections. and this is because shorewall automatically generates rules to accept established and related connections. how can i force shorewall to queue everything, so that snort can scan the hole traffic like in IDS mode. The setup i have now is really simple, just 2 zones

Is my RFC1918 file obsolete? I have been assigned an ip in the 83.0.0.0/8 range, and of cource a lot of Shorewall systems drop me with a RFC1918 error. So, is my ISP actually giving me a RFC1918 IP, or am I missing something? .

i have squid running on DMZ zone and my network using ProxyARP on eth1 and eth2 mylinuxbox slackware 9.2 my network can access to internet normal, but can''t redirect to squid server from firewall. sometimes my network can connect to squid and sometimes bypass this squid server. i dont know what going on. now.. my network bypass redirect to squid server. my config file follow document

Hi all, We want to do some stress testing of firewall configurations/hardware. We have discovered hping that seems a great tool for this, but funny enough Shorewall cuts it !!! even when you leave ports open :) So besides hping, any tool for this? Why is shorewall cutting this traffic? Thanks in advance. Regards. -- Jaime Nebrera - jnebrera@eneotecnologia.com Consultor TI - ENEO

Hi all, I''m using Fedora Core 2, kernel 2.6.5. I''ve installed shorewall 2.1.9 from rpm package. It seems that there is a builtin action called "dropBcast" drops all broadcast packages on my ethernet interfaces base on package type "pkttype=broadcast". For a particular reason, I need all traffics of broadcast packages are allowed to pass my ethernet

Hi, I''m configured a home router with Shorewall. It took me a while as I''m quite a newbie to Linux, but now it''s working fine. I would like to install some bandwith-monitoring so I know how much traffic is generated. I found a tool for it called ipac-ng. It uses iptables and here is where I''m in trouble. I afraid that it will conflict with shorewall. Does

Is this possible using shorewall ? here is the setup that I need: many client computers C1 to C30 connect to the internet using ONE gateway computer server running shorewall proxy S1 client C1 connects to local LAN /shorewall proxy S1 and authenticates using username U1 S1 connects to SSH server external server ES1 authenticates using username EU1. client C1 can transfer files, upload and

I set up an ipsec/racoon vpn tunnel test environment. The gateway machines are 192.168.0.30 and 192.168.0.31 on the external adaptor and 10.0.1.1 and 10.0.2.1 internally. The test workstations are 10.0.1.10 and 10.0.2.10. The tunnel seems to be working as in 10.0.1.10 can talk to 10.0.2.10 an vice versa and they can both use the net via NAT, however 192.168.0.30 and 192.168.0.31 cannot directly

Hi all, I have a strange goal..... the setup: two sites ("a" and "b") both with linux machines running shorewall. a machine at site ''a'' needs to connect to services on a machine at site ''b''. both sites have dsl with dynamicaly assigned ip addresses. site ''b''s ip can be resolved from siteb.dynamic.dns.com (one of

hi all, shorewall claim that support stateful connection. But I read the document, I can''t found any configuration on it like in iptables e.g. -m -state NEW, ESTABLISHED something like like. Is shorewall by default is staeful connection for any connectione.g. web, http

Dear All, Linux Kernel 2.4.20-8 Running Shorewall 2.2.0 ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:48:54:53:82:45 brd ff:ff:ff:ff:ff:ff inet 62.68.254.178/28 brd

Hi all Firewall is Linux SLES8 kernel 2.4.21-278-default with 2 interfaces, fixed IP addresses on LAN and Internet (INT, WAN), NAT from LAN to INT (Masquerading-SNAT). Shorewall is v2.2.2. I am trying to allow access from LAN to Internet for all workstations EXCEPT for some of them. Default policy is REJECT LAN to INT traffic, so rule created in /etc/shorewall/rules is: ACCEPT