similar to: Thick head still having problems with subnets (?)

Displaying 20 results from an estimated 1000 matches similar to: "Thick head still having problems with subnets (?)"

2005 May 25
9
Newbie going through a probably stupid thing
Believe me: Read the FAQ Checked over and over This might be toooooo stupid to be documented. Please bear with me. Any help ? Situation: single card standalone "firewall" (used like a "personal firewall"). Have sshd running on the FW. Want the sshd daemon to be accessible only from 2 LANs: 1) My other home LAN machine 2) IBM intranet machines (9.0.0.0) Whatever I have
2002 Sep 12
2
reset /proc/net/dev
HI List, How do i reset the values in /proc/net/dev ? This file holds values for count of each (packet && byte), (sent && received) through all interfaces. I''m using a monitor which reads values from this file and prints out some nicely formatted output. But i need to reset the values. ie. set then to zero. Restarting the network does not do what i want. I guess a reboot
2004 Aug 05
9
Not able to access website
Hi, Trying to figure out why I cannot get access to dell.com Their site is up because I can browse using a different firewall. Trying to find out where the logs are located and what log files it would write to if it were to deny browsing to a website. I can see the [UNREPLIED] when using the shorewall status. Was hoping to know what logfile it is writing it to. Thanks in advance, Elmer
2004 Dec 29
18
No response on port 80 with Shorewall
I have problem getting answer on http request from all my local subnets but not from local subnet. Ping and requests on ports 21 22 23 25 110 works fine. I logged port 80 in rules files and I got accept entry same for local subnet and other subnets. Local subnet is 192.168.6 Dec 29 09:52:40 zinfsrv2 kernel: Shorewall:loc2fw:ACCEPT:IN=eth0 OUT= MAC=00:09:6b:07:ca:cc:00:10:b5:fa:bd:71:08:00
2003 Aug 31
4
linux-ha heartbeat .. failover firewall
I have searched your FAQ''s and read the documentation on your site as well as googling. I am not able to figure this out. If you have any ideas can you please help. I am using the linux-ha failover with redundant firewalls. As part of the function of the linux-ha software consists a service called heartbeat which is a connection from each failover node through a serial cable or ethernet.
2005 Jan 03
1
vpn2fw before nordc1918 in ???_in
I am not subscribed to the list, so if you could CC me on replies, it would be appreciated. Hi there. I am running 2.0.8 on a linux 2.6 kernel with ipsec (i.e. no ipsec<n> interfaces). Since ipsec traffic comes in on the same interface as "net" traffic, I have been looking at the rules for "eth0_in" on my ipsec gateway/firewall. I see that "norfc1918" is
2007 Jul 29
12
Shorewall 4.0.0 + Kernel 2.6.21.5-grsec
Hello, My hoster updated its kernel packages... It contained some old problems that should have been fixed. My servers have now a wonderful 2.6.21.5 kernel + grsec running. Both are running Debian 4.0 (stable release). mx:/etc/shorewall# iptables --version iptables v1.3.6 mx:/etc/shorewall# uname -a Linux mx.network-hosting.com 2.6.21.5-grsec-xxxx-grs-ipv4-32 #1 SMP Fri Jul 27 17:18:23 CEST
2004 Dec 04
7
vpn-zone wide open
Hello! I am using shorewall shorewall-2.0.11-1 on fedora core2 (iptables-1.2.9-95.7). My box has 2 physical nicĀ“s plus one virt. ipsec interface for a freeswan-vpn connection. A few days ago, portsentry spit out a lot of connections from windows clients (port 135, 445). Ooops. I review my shorewall settings but could not find a mistake. So I took a win-client and established a second
2005 Mar 07
10
DNS Name problem with mail server on LAN
Hi, I have a big "name problem" with my internal mail server (10.0.0.152). It is "seen" on the internet through DNAT (213.58.230.27). Also there is a MX record pointing to the machine. Everything works fine from the outside. However i can''t set the mail clients on the lan pointing to the mx record, because this one points to 213.58.230.27 and the firewall
2003 Jan 12
10
Shorewall on a file/webserver/router Help
Hi, I have a install of shorewall I have 2 interfaces(I think) ppp0[connection device] and eth0 [LAN device], I want to allow all traffic from the the internet in or aleast port 80 and CVS and webmin and mail and everything normal to the main machine with shorewall on it. I changed to policy file but it just gave me errors as to double interfaces. I also what still to alow connection sharing
2004 Oct 11
5
Intermittant Samba glitch
Hi there, Let me just start by saying that I am a bit of a Linux newbie, but that Shorewall seems an excellant product. The issue I''m reporting wont stop me from using it, it still does 99% of what I need. Anyway, I have a resonably simple two interface system. My server (HatMannz, P3-900MHz with a RAID-1 array of 80GB IDE drives running Red Hat 9.0) connects to a cable modem via eth1
2005 May 26
1
Re: Newbie going through a probably stupid thin g
Bulgrien, Kevin wrote: > Your interface / zone / hosts / rules / policy / etc setup affects > the firewall status. I had a similar problem due to a configuration > file issue. I suggest posting that information to the list. The > status is does not necessarily clearly show what was done > incorrectly. > > It is probably not a rule problem, but rather a zone problem. Also
2004 Dec 21
2
Defining "trusted" hosts/nets on a single interface system
Ok, I give up. I tried, really hard, before asking but I must be the most stupid shorewall user on the planet :( My laptop runs a single eth0 interface and knows Net and Firewall as zones and the default "inbound" policies are Net->Any DROP and >ny->Any REJECT. Now at home I have my trusted 192.168.174.240/29 subnet which hosts my very trusted 192.168.174.242 host and I
2005 Feb 01
4
Shorewall problem
I am getting the following message when Shorewall stops can anybody shed any light on this message and where I should be looking? Thanks root@bobshost:~# shorewall stop Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Stopping Shorewall...Processing /etc/shorewall/stop ... IP Forwarding Enabled
2005 Jan 11
2
dnat problem
Hi, I have a proxy/firewall, I want to dnat requests for 193.205.140.106 on port 443 towards 10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389 towards 10.2.15.25, these rules must apply from internet, loc and fw (some client use a proxy on fw to reach these servers) I have tried with the following rules: DNAT net dmz:10.2.15.23 tcp 443 -
2003 Mar 28
9
Squid
I''m attempting to setup Squid as shown on: http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat 7.2 on the server in the DMZ. I''m not seeing the requests come in to the server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the firewall, the local traffic I''m trying to
2003 Mar 23
12
Shorewall 1.4.1
This is a minor release of Shorewall. WARNING: This release introduces incompatibilities with prior releases. See http://www.shorewall.net/upgrade_issues.htm. Changes are: a) There is now a new NONE policy specifiable in /etc/shorewall/policy. This policy will cause Shorewall to assume that there will never be any traffic between the source and destination zones. b) Shorewall no longer
2005 Jun 11
7
help connection is dropping every 10min
Hi, I have some problems with shorewall, I got disconnected every 10 minutes.. All the connections stops I am using Shorewall version 2.4.0-RC2 and it is running on debian 3.1r0 I can''t seem to find the problem. I hope you can help me with this. i post my log so that you can maby see where the problem is.(i have filtert some ip addresses) /sbin/shorewall show log Shorewall-2.4.0-RC2
2004 Dec 10
9
parallel zone: loc2 is composition of loc1
i have no idea how to definie for a parallel zone the host file if the second zone (net) should be the composition of the first zone (dmz). i tried all the following combinations in the interface and host files: interface: - eth0 - (variante 1) - eth0 192.168.0.255,255,255,255,255 (variante 2) - eth0 192.168.0.255,!192.168.0.255 (variante 3)
2003 Jul 30
9
occasional rejected packets
Hi, I am getting occasional rejected packets like so: Jul 31 09:52:03 firewall kernel: Shorewall:all2all:REJECT:IN=eth2 OUT=eth0 SRC=192.168.10.91 DST=132.147.22.6 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=55364 DF PROTO=TCP SPT=1147 DPT=23 WINDOW=16384 RES=0x00 SYN URGP=0 Jul 31 09:52:46 firewall kernel: Shorewall:all2all:REJECT:IN=eth2 OUT=eth0 SRC=192.168.10.26 DST=10.9.100.30 LEN=48 TOS=0x00