Displaying 20 results from an estimated 1000 matches similar to: "Logfile entry query"
2003 Apr 15
8
repost (passive FTP server in DMZ and shorewall 1.4.2)
I apologize for the first message. :)
---------------------------------------
I have an FTP server running in the DMZ section of my home network. It uses port 23000 for connection and ports 19990 to 19994 for data transfer.
I have setup the following rule for outside people to connect to it:
DNAT net dmz:192.168.2.2 tcp 23000
I''m at work right now and I can''t use
2003 Mar 28
9
Squid
I''m attempting to setup Squid as shown on:
http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ
The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat
7.2 on the server in the DMZ. I''m not seeing the requests come in to the
server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the
firewall, the local traffic I''m trying to
2005 Jan 11
2
dnat problem
Hi,
I have a proxy/firewall,
I want to dnat requests for 193.205.140.106 on port 443 towards
10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389
towards 10.2.15.25, these rules must apply from internet, loc and fw
(some client use a proxy on fw to reach these servers)
I have tried with the following rules:
DNAT net dmz:10.2.15.23 tcp 443 -
2004 Sep 24
10
hopeless - smb over bridged firewall
Dear List!
I use a shorewall 2.0.8 on a Debian sarge system. I use a DSL connection
to the Internet (ppp0 - eth1 to the modem) and a bridge to the local
lan. The bridged config i''ve made with bridge.html from the shorewall
site. The Bridge is between local net and a openvpn tap device. This
works. I ccan make tunnels, and a can make a lot of things through the
firewall. I can get a list
2013 May 01
2
Shorewall 4.5.15 fails to start using systemctl on FC18
Starting Shorewall using systemctl fails with the error message as
below. Starting from command line succeeds. I''ve tried changing the
permissions on the /var/lib/shorewall folder to 777 but no change. The
temp file isn''t present after the error so I don''t know if the
permission issue is related to that. Selinux is disabled.
I''m new to FC18 and systemctl so
2004 Dec 29
18
No response on port 80 with Shorewall
I have problem getting answer on http request from all my local subnets
but not from local subnet.
Ping and requests on ports 21 22 23 25 110 works fine.
I logged port 80 in rules files and I got
accept entry same for local subnet and other subnets.
Local subnet is 192.168.6
Dec 29 09:52:40 zinfsrv2 kernel: Shorewall:loc2fw:ACCEPT:IN=eth0 OUT=
MAC=00:09:6b:07:ca:cc:00:10:b5:fa:bd:71:08:00
2005 Jan 09
19
Shorewall and CUPS printing interference
I''m having a problem with the Shorewall firewall and CUPS printing
interfering with each other. My Linux firewall machine is acting as both
a CUPS server and client for all of my tests.
Shorewall 2.0.13
CUPS 1.1.22-2
Linux kernel 2.6.9
CUPS was working fine to print to my Epson C84 (network connected via a
Netgear PS101 print server using lpd://PS101.IP.address/raw ) until I
2004 Aug 05
9
Not able to access website
Hi,
Trying to figure out why I cannot get access to dell.com
Their site is up because I can browse using a different firewall.
Trying to find out where the logs are located and what log files it
would write to if it were to deny browsing to a website. I can see the
[UNREPLIED] when using the shorewall status. Was hoping to know what
logfile it is writing it to.
Thanks in advance,
Elmer
2004 Dec 04
7
vpn-zone wide open
Hello!
I am using shorewall shorewall-2.0.11-1 on fedora core2
(iptables-1.2.9-95.7). My box has 2 physical nicĀ“s plus one virt. ipsec
interface for a freeswan-vpn connection.
A few days ago, portsentry spit out a lot of connections from windows
clients (port 135, 445). Ooops.
I review my shorewall settings but could not find a mistake. So I took a
win-client and established a second
2015 Feb 21
2
Call for testing: OpenSSH 6.8
On Sat, 21 Feb 2015, Corinna Vinschen wrote:
> Building on 64 bit Cygwin works out of the box. However, I have trouble
> with the testsuite. As usual, I'm building outside the source tree:
>
> - Building the testsuite fails:
>
> Assembler messages:
> Fatal error: can't create regress/unittests/bitmap/tests.o: No such file or directory
> Makefile:152:
2013 Sep 27
2
Locating inefficient code
Hi,
I have been using R for a few months and I have this working
code. Don't seen any problem but this takes a long time. So if I have
about 30000 rows it takes a few minutes. If I have 100000 it does not seem
to complete.
Original Data:
Proto Recv-Q Send-Q Local-Address Foreign-Address State
tcp 0 0 172.20.100.2:60255
2007 Nov 05
36
please help diagnosing "ip_conntrack: table full, dropping packet"
Hi,
I run a small system with an older version of shorewall (1.4.2). It has been extremely solid for a long time.
But recently I have noticed the connection table filling up, which has never happened before. My guess is that the box is getting hit with floods.
The system only has 64M of ram and the conntrack_max is set to 4096 based on the ram. I have temporarily increased it to 8192 so that it
2011 Jul 21
42
Problem With OpenVPN Connectivity
Hi,
I''m running Slackware 13.37 x86 using Shorewall 4.4.21 with OpenVPN and the
VPN options I''m using in Slackware 13.37 will not work in Shorewall, but in
Slackware 13.1 using the same Shorewall version and files, the ''interfaces'',
''policy'' and ''zone'', are all I have configured, it was working and this also
works in Arch at
2003 May 20
3
lots of sockets in TIME_WAIT
Hi there,
I have some DDOS(?) attack on my router going where my apache HTTP
server is flooded with short-timed connections from some host. This
results in LOTS of sockets in TIME_WAIT/LAST_ACK/CLOSING states and
eventually I'm out of mbufs, which, consequently means I can't even
connect to the router from LAN. The kern.ipc.nmbclusters is 2560, (I
guess high enough for router with
2000 Sep 21
3
FW:
-----Original Message-----
From: Allan Matias [mailto:amatias@amada.com]
Sent: Wednesday, September 20, 2000 5:30 PM
To: samba-admin@lists.samba.org
Subject:
Need to know more about Samba. In how to connect a Unix system to an Nt
Server. Would a Unix machine be seen by the Nt when Samba software is
loaded?
Thank you for your attention.
--Allan D. Matias
Amada Software Support
2010 Oct 22
4
502 bad gateway on nginx with recv() failed
Hi,
I''m serving the puppetmaster application with its config.ru through
unicorn - proxied by nginx.
I''m using unix sockets, 4 workers, and 2048 backlog.
The clients - after their typical "puppet run" - send back a report to
the master in YAML.
Some clients whose reports tend to be large (close to 2mb) get a 502
bad gateway error and error out.
nginx log:
2010/10/22
2010 Jan 27
5
sshd killed due to dos attack
Hi,
I am not sure to report this as a bug. so mailing to the list.
I have sshd(openssh3.5p1) server running on my router and when i run tcpjunk
to that port, sshd gets killed after some time
192.168.71.1 is my sshd server and 192.168.71.4 is my client from where i
send my dos attack
This is the tcpjunk command i gave to the ssh server
#tcpjunk -s 192.168.71.1 -p 22 -c req -i 100
req session
2006 Oct 13
3
Re: Tc rules Help with multiISP+ squid& squidguard...
>If you
>
>a) Have the correct REDIRECT rule (which you do); and
>b) Are accepting $FW->Net HTTP traffic (which you are -- at least with
your
>policy); and
>c) DNS works from your firewall (I assume it does since you are wide
open >from $FW->Net); then
>The problem is in your Squid configuration (this is true in %90 of the
>reports on this list where Squid
2015 Feb 23
2
Call for testing: OpenSSH 6.8
Hi Damien,
On Feb 23 10:28, Corinna Vinschen wrote:
> On Feb 22 07:59, Damien Miller wrote:
> > On Sat, 21 Feb 2015, Corinna Vinschen wrote:
> > > - The failing last loop in the "forwarding" script as reported back
> > > during 6.7 testing is still failing for me more often than not. It's
> > > always the same reason, the script tries to use
2009 Apr 17
2
Issues with ssh-agent connecting to a large number of hosts at once
Hi,
I'm having problems with ssh-agent when I am connecting to a large (several
hundred) hosts at once. I'm using a kanif (
http://taktuk.gforge.inria.fr/kanif/) which is a very nice package that
distributes ssh connections across the hosts you are connecting to (a
fan-out sort of approach, so all connections are not coming from one host).
However, all hosts have to authenticate, so all