similar to: Query re Tom''s firewall (see http://www.shorewall.net/myfiles.htm)

Displaying 20 results from an estimated 500 matches similar to: "Query re Tom''s firewall (see http://www.shorewall.net/myfiles.htm)"

2004 Nov 01
9
Some issues with proxy ARP
This is some ramblings on why using proxy ARP (on a host in a DMZ) is a good or bad thing. The good is that a computer X retains a public IP address which makes it easy to connect it directly to the net if the firewall has to be taken down for extended periods. Thus, if computer X is a mail server for example, it can still function in a reduced capacity until the firewall is restored. The bad
2003 Nov 24
14
New Terminology
There has been a low continuing level of confusion over the terms "Source NAT" (SNAT) and "Static NAT". To avoid future confusion, all instances of "Static NAT" have been replaced with "One-to-one NAT" on the web site and in the CVS configuration files (Shorewall/ project). The documentation in 1.4.9 will also contain this change. -Tom -- Tom Eastep \
2004 Nov 07
3
Zone to same zone policy
Are there any scenarios that require traffic from a zone to itself to be blocked? If not, Shorewall should possibly allow it as a matter of course. It seems strange having to explicitly create such a policy & it''s not immediately obvious when it is required. -- Taso Hatzi caesar 17 <<-salad cjbx jc vdwwjar jc xi jc jd salad
2004 Nov 06
3
shorewall.net Down Time
Tomorrow morning, the following systems will be unavailable while I upgrade the OS on my firewall: a) shorewall.net b) lists.shorewall.net c) cvs.shorewall.net d) rsync.shorewall.net The upgrade will begin around 0700 PST (-0800) and will like take two hours or so. Sorry for the inconvenience. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \
2011 Jan 08
2
tdbdump, tdbbackup
Do these programs still exist? They don't seem to be part of the samba3x package on RHEL5.
2010 Dec 30
2
Questions about ldap organizational units
Environment is Samba as a PDC, OpenLDAP backend, with smbldap-tools providing the scripts to manipulate the data. What are the recommended/mandated organizational units (OU=) for user, computer, group info. I'm pretty sure that groups go in ou=Groups, but I am confused about where user and computer data goes. I have seen ou=People, ou=Computers, and ou=Users in various places. Which is it
2004 Dec 01
5
PPTP connections through Shorewall - WinXP Workstation to Win2003 Server
The problem scenario I describe was reported previously in the Shorewall lists but its resolution does not seem to have made it into the lists. Scenario: Windows XP client seeking to establish a VPN connection to a Windows 2003 Server located behind a Shorewall firewall (running on Mandrake kernel 2.4.22-37mdk). The connection cannot be made, the client reports error code 721. Discussion:
2005 May 08
2
Samba docs
Hi, especially John H. T :) I'm yet again plodding through chapter 14 of the Samba-HOWTO-Collection.pdf. Not because I can't make what's in it work for me, I did that long ago, I found out for myself, because a great deal of what's in it is wrong. I just got fed up with trying to get Nagios to work - I gave up, for various reasons and started on the Samba doco. At the risk of
2011 Jan 09
1
DFS - access shares via \\domain\dfsroot\...
Is there a trick to being able to access shares via \\domain\dfsroot\.. rather than \\computer\dfsroot\... ? Only the latter works for me - samba 3.0.22
2010 Dec 23
1
How can one set/reset machine account passwords
Scenario: a) Samba with an ldap backend. b) The ldap database becomes irretrievably corrupted. c) I roll in a new ldap database from a known good copy. d) Problem is the passwords for the machine accounts are out of date. e) Is it possible to coax Samba & the clients (mostly XP) to resynch their passwords? f) I want to preserve the client computers SIDs & names. g) I really
2011 Jan 09
1
When is a machine SID created?
I have been having a problem with 'net getdomainsid' on a machine that I set up to be a BDC. # net getdomainsid Could not fetch local SID tdbdump shows that there is no machine SID in secrets.db, so I'm thinking that I overlooked the step that creates a machine SID. What creates the machine SID and when? Also, is it the hostname or the netbios name that samba uses as the machine
2004 Oct 13
4
Connection tracking on non-masqueraded interfaces.
I don''t think this has anything to do with Shorewall but I am not too familiar with iptables stuff yet so I''m not sure. Running Shorewall shorewall-1.4.9 on Mandrake Linux release 9.2 (FiveStar) for i586 Kernel 2.4.22-37mdk. Run "nmap -sP 192.168.x.x/24" (for example), where 192.168.x.x/24 is the LAN. You can do this from a firewall/router, or even from a
2011 Jan 11
3
[Resolved] Reestablishing trust with PDC
Thanks to both of you - exactly the piece I was missing. -----Original Message----- From: tms3 at tms3.com [mailto:tms3 at tms3.com] Sent: Monday, January 10, 2011 12:52 PM To: Christ Schlacta Cc: samba at lists.samba.org Subject: Re: [Samba] Reestablishing trust with PDC > > > you haven't tried experimenting with backing up and restoring the > samba password cache. look in
2004 Oct 31
9
Maquerading through IPSECed wireless dropping packets selectively?
Hello, I''m stuck IPSECing my wireless network at home and would appreciate any comments. I appologize in advance if I''m wasting your time with trivia - I''m not a professional and staring at the problem for days from various angles hasn''t done me any good ... My home server/firewall (morannon) is hooked up through an USB to ethernet adapter (eth1) to my DSL
2006 Jan 08
2
net rpc vampire segfault
Been trying to run this on FC3 pulling stuff off a NT4 PDC - it just segfaults on 3.0.21 & 3.0.21a I'm building the RPMS from the tar ball on the host using the makerpms.sh script Reverted to the 3.0.10 issued by Fedora and no segfault. From what I can see (with strace) it segfaults while reading from the socket connecting the PDC - not the first read, but after quite a few
2006 Jan 30
2
NT 4 workstation joining Samba domain
Samba 3.0.21b with LDAP backend The transfer to the Sanba hosted domain appears to work, ie success message, but I can't log on to a domain account from that workstation, complains about missing machine account or incorrect password. Only NT4 workstations seem to be a problem, Win2k and XP are Ok. NT4 is maximally patched, updated and etc - no registry hacks however. I checked the LDAP
2003 Jan 16
5
Is there any merit in making a start/restart conditional upon a successful check?
--
2005 May 01
2
Samba-3 by Example Ch 6
I am following Chapter 6 of Samba-3 By Example to set up Samba on a Fedora 3 box. It seems to go Ok until page 144 step 5. # net getlocalsid [2005/05/02 00:22:04, 0] lib/smbldap.c:smbldap_search_suffix(1155) smbldap_search_suffix: Problem during the LDAP search: (No such object) SID for domain SIROCCO is: S-1-5-21- etc Running the same command with some debugging: # net -d 2 getlocalsid
2006 Jun 17
1
Dealing with interfaces going down
Some of Shorewall''s features manipulate routing tables. Linux removes routes involving interfaces that disappear (namely pppX). When these interfaces are restore the routing tables are not restored. Just wondering how people are dealing with this situation.
2005 Mar 20
2
Troubleshooting help
Somehow, hopefully to be determined, I got my Thunderbird/dovecot Fedora Core 3 configuration into a real snit, such that I can no longer access my INBOX. When Thunderbird tries to get the INBOX content (or get new mail) it reports "The current command did not succeed. The mail server responded: Invalid messageset: -2147483648:*." Scouring logs and googling has come up empty. Now