similar to: /etc/shorewall/masq

On 2014?03?07? 23:05, Ady wrote: > I understand that these remarks might seem not the main issue, but I > tend to think that once you are successful while using only "default" > > values and in a minimalistic case, you could add complexity > (different paths, multiple firmwares, additional kernels, multiple > cfg files...). Ady, Thanks. I will follow your advice to

On 03/08/2014 10:06 PM, Gene Cumm wrote: >> Hi Gene, >> > Thanks. As you suggested, I did a test about 6.03-pre6, and I still got >> > the same issue. My client machine >> > still only shows: >> > ==================== >> > Getting cached packets >> > My IP is 192.168.120.1 >> > ==================== >> > The syslog log

On Mar 8, 2014 10:08 AM, "Gene Cumm" <gene.cumm at gmail.com> wrote: > > On Mar 8, 2014 9:27 AM, "Steven Shiau" <steven at nchc.org.tw> wrote: > > > > > > > > On 03/08/2014 10:06 PM, Gene Cumm wrote: > > >> Hi Gene, > > >> > Thanks. As you suggested, I did a test about 6.03-pre6, and I still got > >

On 2014?03?08? 05:56, Gene Cumm wrote: > In /etc/vmware/vmnet8/dhcpd/dhcpd.conf I added the following: > > host 7x { > hardware ethernet 00:0C:29:38:6B:6E; > filename "e6/bootx64.efi"; > next-server 172.21.1.1; > # option vendor-encapsulated-options >

Hi - I have shorewall-1.3.8-1 on a RH 7.3 machine that acts as a firewall for my network. It was running the other day just fine, but today I have problems getting to the firewall. It is a frame-relay network with Cisco routers. Everything is 192.168.x.x / 24. I can''t ping the firewall from the WAN, but can from the main LAN. Sounds like a routing issue to me, but it was working for

Hi! I''m trying to create a routed VPN using OpenVPN - and having trouble with the routing concepts involved. Let me see if I can properly describe my current topology: Server - LAN, with both local workstations and remote bridged workstations on the 192.168.0.0/24 network (this works without reservation). Server located at 192.168.0.71, 192.168.0.72, 192.168.0.222, and few

Hello, i'm using a debian etch box (2.6.18-5-686) with tinc 1.0.5 for connecting to my office LAN. On the same box there's a vmware virtual machine running (Windows 2k). Now i'd like to connect this virtual machine through the VPN, too. All my attempts did fail... The virtual machine runs with a "host only" network (vmnet1). On the linux side i tried to configure NAT

hi, i just do some tests with a fresh compiled samba 3.0.23a. trying to authenticate against PAM with pam_winbind gives: Aug 1 09:59:21 humevo36 pam_winbind[27853]: pam_winbind: pam_sm_authenticate (flags: 0x0000) Aug 1 09:59:23 humevo36 pam_winbind[27853]: Verify user `gasch' Aug 1 09:59:23 humevo36 pam_winbind[27853]: enabling cached login flag Aug 1 09:59:23 humevo36

Dear all, I get a problem with masq, why it doesn''t work for connect to internet? my masq configuration /etc/shorewall/masq eth0 10.2.0.0/16 202.158.1.99 but if my masq file without 202.158.1.99 it work! /etc/shorewall/masq eth0 10.2.0.0/16 and the ip nat will be same with ip address eth0. FYI: IP number (202.158.1.99) just valid IP but doesn''t have interface

I''m planning a multi isp setup and cafully read the documentation. One thing that bothers me is the masq file. The example uses a single ip address on each public interface. I have multiple addresses on both public interfaces (16 on one and 64 on the other). I''m a bit confused about what to put in the masq file in this situation. Any insights would be appreciated. Ronald --

Hello, on my old system I''m using ipchains. Can anyone help me with converting rule /sbin/ipchains -A forward -j MASQ -s source_addr -d destination_addr 443 -p tcp to shorewall. I know that I can write eth0 source_addr to /etc/shorewall/masq file but I can''t found where I can specify the destination address. The reason for this is to allow one user (computer) access only to

I am wanting to verify that I am properly using the MASQ for a series of hosts. I have 2 providers, and my providers file has the contents: #NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY OPTIONS COPY l3 1 100 main eth0.100 1.18.139.1 track,loose,fallback eth1 ws 2 200 main eth0.101 1.155.136.193

I know this is a little off topic (not as usual, dammit!), but I figure at least one of y'all can handle this one. I have tried to configure my CentOS4.4 Plus desktop for samba sharing with the VMWare Windows that runs on it. However, no matter what I've done so far, I can't get the Windows to recognize this machine as a legitimate network destination. Here's my samba

Hi, after kernel upgrade to 2.4.23 my existing configuration of shorewal 1.4.8 will not start / it fail on DNAT and/or masq with message: "iptables: Invalid argument" / I founded some similar problems description - see links bellow, but there is no solution how to get work shorewall with DNAT and masq with 2.4.23 kernel. http://www.ussg.iu.edu/hypermail/linux/kernel/0312.0/0268.html

hi, in the masq file''s documentation, there is a sentence: "If you have a static IP on that interface, listing it here makes processing of output packets a little less expensive for the firewall." this realy means that SNAT to the primary address is less expensive than a MASQ rules in the netfilter? is this documented anywhere in iptables/netfilter? thanks. -- Levente

Hi Ivo, --On Freitag, 23. Juni 2000 01:15 +0200 Ivo Timmermans <zarq@icicle.yi.org> wrote: > I'm not sure I fully understand your patch. This is not so important since I'm trying to get 1.0pre2 running. Although I had no luck so far, I'll point out what's going wrong at the end of this mail. > For instance, you force a > key exchange when the connection is made,

Hi for all ... I just read all doc about ip alias in Shorewall . If I am right, I can not use ip alias with masq, it is right ? What I am trying to do is create an ip alias in my internal network interface and use it for tests purpose ( specifically for getting familiar with multi ISP shorewall config ) The actual system is working fine with the ip 192.168.1.1 in eth1, eth0 is my dsl provider .

Hi everybody. I''m sorry to bother you because I''m probably doing something wrong, but I have already read the documentation and I have been using shorewall for quite a long time. I recently installed 3.2.3 from source (but there was the same problem with 3.0.7 from apt-get ... -t unstable) The thing is, that I can''t get masq working. Maybe this is because

Hi All, Our internal users need to connect to the bank to do internet banking. The bank requires that the client computers connect to ports 15000-15010. In Shorewall how do I do a masq for anyone trying to connect to these ports? Thanks Raymond

I'm on too many lists already, so haven't joined this one. If you have things that I really need to know, please reply or CC me off-list. I often work through masqueraded (NAT) links, and find that the following patch is able to keep an idle ssh link up where nothing else will. Please consider making it a part of the main ssh package.