similar to: PPTP connections through Shorewall - WinXP Workstation to Win2003 Server

This is some ramblings on why using proxy ARP (on a host in a DMZ) is a good or bad thing. The good is that a computer X retains a public IP address which makes it easy to connect it directly to the net if the firewall has to be taken down for extended periods. Thus, if computer X is a mail server for example, it can still function in a reduced capacity until the firewall is restored. The bad

I don''t think this has anything to do with Shorewall but I am not too familiar with iptables stuff yet so I''m not sure. Running Shorewall shorewall-1.4.9 on Mandrake Linux release 9.2 (FiveStar) for i586 Kernel 2.4.22-37mdk. Run "nmap -sP 192.168.x.x/24" (for example), where 192.168.x.x/24 is the LAN. You can do this from a firewall/router, or even from a

Hi, I?m using centos in 4 servers that work as gateway for intranets where i work. I built a particular kernel for my needs but this kernel is 2.4.31. So i neeed to boot this kernel in centos 4.3 and centos 4.2. Can anyone help with that? I know the problem is mainly in modutils because modules cannot be loaded when kernel is loaded. Any help is very much appreciated.

Do these programs still exist? They don't seem to be part of the samba3x package on RHEL5.

There has been a low continuing level of confusion over the terms "Source NAT" (SNAT) and "Static NAT". To avoid future confusion, all instances of "Static NAT" have been replaced with "One-to-one NAT" on the web site and in the CVS configuration files (Shorewall/ project). The documentation in 1.4.9 will also contain this change. -Tom -- Tom Eastep \

Environment is Samba as a PDC, OpenLDAP backend, with smbldap-tools providing the scripts to manipulate the data. What are the recommended/mandated organizational units (OU=) for user, computer, group info. I'm pretty sure that groups go in ou=Groups, but I am confused about where user and computer data goes. I have seen ou=People, ou=Computers, and ou=Users in various places. Which is it

On the firewall, what is the rationale for giving eth1 an IP address that is also assigned eto eth0? (Rather than a private one.) -- Taso Hatzi caesar 17 <<-salad cjbx jc vdwwjar jc xi jc jd salad

Hi, especially John H. T :) I'm yet again plodding through chapter 14 of the Samba-HOWTO-Collection.pdf. Not because I can't make what's in it work for me, I did that long ago, I found out for myself, because a great deal of what's in it is wrong. I just got fed up with trying to get Nagios to work - I gave up, for various reasons and started on the Samba doco. At the risk of

Is there a trick to being able to access shares via \\domain\dfsroot\.. rather than \\computer\dfsroot\... ? Only the latter works for me - samba 3.0.22

Scenario: a) Samba with an ldap backend. b) The ldap database becomes irretrievably corrupted. c) I roll in a new ldap database from a known good copy. d) Problem is the passwords for the machine accounts are out of date. e) Is it possible to coax Samba & the clients (mostly XP) to resynch their passwords? f) I want to preserve the client computers SIDs & names. g) I really

I have been having a problem with 'net getdomainsid' on a machine that I set up to be a BDC. # net getdomainsid Could not fetch local SID tdbdump shows that there is no machine SID in secrets.db, so I'm thinking that I overlooked the step that creates a machine SID. What creates the machine SID and when? Also, is it the hostname or the netbios name that samba uses as the machine

Are there any scenarios that require traffic from a zone to itself to be blocked? If not, Shorewall should possibly allow it as a matter of course. It seems strange having to explicitly create such a policy & it''s not immediately obvious when it is required. -- Taso Hatzi caesar 17 <<-salad cjbx jc vdwwjar jc xi jc jd salad

Hello, Please see the following picture: http://www.wilson-kwok.com/pptp.jpg I used one to one NAT from 210.0.0.1 to 192.168.0.2 for web server, and then use port forwarding from 210.0.0.1 to 192.168.0.3 for pptp server, but I cannot connect from my home to pptp server. Here is the nat file: 210.0.0.1 eth0:2 192.168.0.2 Here is the rules

I am trying shorewall as my previous post With alisias on eth1 loc and 4 pptp client vpns. The odd thing is when I enter one of the vpns in interfaces such as vpn1 it works. But if I enter the vpn in the hosts file shorewall blocks the vpns. shorewall/hosts #ZONE HOST(S) OPTIONS loc eth1:192.168.25.0/24 loctw eth1:192.168.50.0/24 locsa eth1:192.168.75.0/24 vpntw

Is it possible to pass PPTP packets through 2 firewalls before they hit the remote access server? I installed a Netgear ProSafe VPN firewall as the first line of defense in my network. I have since set up a Fedora Core 2 server running Shorewall 2.1.3 and Squid in non-transparent mode, between the Netgear unit and my network. So, the Netgear faces the Internet with a public, static, IP address.

Greetings List Members, I''ll firstly apologise if this isn''t the place that I should be posting this message but here goes. What I want to do is have a VPN (PPTP/IPSEC/CIPE/etc) server, but it must support more than one simultaneous connection. I currently have a PPTP VPN server setup that has port 1723 and protocol 47 DNAT''d through to the internal IP

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have a situation where some Poptop/PPTP sessions (only with FC5/Shorewall to FC5/Shorewall firewall in between) cause the following to appear in the state table (shorewall show connections). unknown 47 420 src=XX.234.79.183 dst=XX.234.137.226 packets=2 bytes=130 [UNREPLIED] src=XX.234.137.226 dst=XX.234.79.183 packets=0 bytes=0 mark=0 use=1

Hi all, Freshly installed apache 2.2 with httpd-itk (from epel). When I try to access apache's document root from a browser on local network, it always serve me the Apache welcome page, even if I have a index.html and a phpinfo.php file in the /var/www/html folder. If point the browser specifically to http://server/index.html, I get a '404 Not found error'. I'm running CentOS

I forgot to mention it. All the files under /var/html are owned by apache:apache On 15-05-07 04:07 PM, Eric Lehmann wrote: > Have you checked the file rights under your document root ? > Your apache group need reading right. > Am 07.05.2015 21:42 schrieb "John" <tuxfed at gmail.com>: > >> Hi all, Freshly installed apache 2.2 with httpd-itk (from epel). When I

when trying to install .net framework 3.0 i get: brewergeek at brewergeek-laptop:~$ rm -rf .wine brewergeek at brewergeek-laptop:~$ wine dotnetfx3setup.exe wine: created the configuration directory '/home/brewergeek/.wine' fixme:system:SetProcessDPIAware stub! fixme:dwmapi:DwmIsCompositionEnabled 0x33cf94 fixme:file:MoveFileWithProgressW MOVEFILE_WRITE_THROUGH unimplemented