similar to: Intermittant Samba glitch

Hi, I have some problems with shorewall, I got disconnected every 10 minutes.. All the connections stops I am using Shorewall version 2.4.0-RC2 and it is running on debian 3.1r0 I can''t seem to find the problem. I hope you can help me with this. i post my log so that you can maby see where the problem is.(i have filtert some ip addresses) /sbin/shorewall show log Shorewall-2.4.0-RC2

Hallo, i have a problem to configure shorewall to enable scanning over the network with sane. The scanner is located at the firewall hosts local interface. Why do i get a "all2all" message and not "loc2loc" Aug 25 14:55:26 router saned[26946]: saned from sane-backends 1.0.11 ready Aug 25 14:55:26 router saned[26946]: check_host: access by remote host: 192.168.0.250 Aug

I have problem getting answer on http request from all my local subnets but not from local subnet. Ping and requests on ports 21 22 23 25 110 works fine. I logged port 80 in rules files and I got accept entry same for local subnet and other subnets. Local subnet is 192.168.6 Dec 29 09:52:40 zinfsrv2 kernel: Shorewall:loc2fw:ACCEPT:IN=eth0 OUT= MAC=00:09:6b:07:ca:cc:00:10:b5:fa:bd:71:08:00

Problem: "Firewall" machine cannot get DNS but is allowing DNS through internally. Something changed with the configuration but we''re not sure what. Here is the pertinent info: Shorewall Status Entries Oct 5 09:24:50 all2all:REJECT:IN= OUT=eth2 SRC=192.168.7.55 DST=65.175.131.201 LEN=55 TOS=0x00 PREC=0x00 TTL=64 ID=50982 DF PROTO=UDP SPT=32973 DPT=53 LEN=35 Oct 5

Hi, I have a proxy/firewall, I want to dnat requests for 193.205.140.106 on port 443 towards 10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389 towards 10.2.15.25, these rules must apply from internet, loc and fw (some client use a proxy on fw to reach these servers) I have tried with the following rules: DNAT net dmz:10.2.15.23 tcp 443 -

My logs show thats: A internal client search my proxy (192.168.0.3) Oct 12 12:40:33 massayo kernel: Shorewall:all2all:REJECT:IN=3Deth1 OUT=3D MAC=3D00:e0:7d:82:0f:fe:00:04:75:99:28:63:08:00 SRC=3D192.168.0.215 DST=3D192.168.0.3 LEN=3D63 TOS=3D0x00 PREC=3D0x00 TTL=3D128 ID=3D25902 PROTO=3DUDP SPT=3D3028 DPT=3D53 LEN=3D43 Why OUT is empty? From: Server (DMZ) Oct 12 12:40:34 massayo kernel:

Hi, I am getting occasional rejected packets like so: Jul 31 09:52:03 firewall kernel: Shorewall:all2all:REJECT:IN=eth2 OUT=eth0 SRC=192.168.10.91 DST=132.147.22.6 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=55364 DF PROTO=TCP SPT=1147 DPT=23 WINDOW=16384 RES=0x00 SYN URGP=0 Jul 31 09:52:46 firewall kernel: Shorewall:all2all:REJECT:IN=eth2 OUT=eth0 SRC=192.168.10.26 DST=10.9.100.30 LEN=48 TOS=0x00

I''m attempting to setup Squid as shown on: http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat 7.2 on the server in the DMZ. I''m not seeing the requests come in to the server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the firewall, the local traffic I''m trying to

Hello, I was helping a friend to extend his Shorewall firewall and noticed something strange in the syslog Shorewall:all2all:REJECT:IN= OUT=eth1 SRC=192.168.0.1 DST=192.168.0.2 LEN=39 TOS=0x00 PREC=0x00 TTL=64 ID=3021 DF PROTO=UDP SPT=44337 DPT=1503 LEN=19 Anybody got an idea what this can be? -- Groeten, Peter Device response received when none expected. - - Heb je een Dreambox 7000S ?

Greetings all, I have just install Shorewall on a Debian system and I''m using it as a firewall on an internal network. The specifics of the system are as follows: firewall:/var/log# shorewall version 3.0.4 firewall:/var/log# uname -a Linux firewall 2.6.12-1-386 #1 Tue Sep 27 12:41:08 JST 2005 i586 GNU/Linux Shorewall start successfully and $FW can connect to the Internet for upgrading

I am trying to set up my Shorewall box to forward multicast packets to my local net. I do have some problems with mrouted (see below), but I can join and add routes using smcroute. Multicast works when shorewall is disabled. I got a lot of help from the following. http://lists.shorewall.net/pipermail/shorewall-users/2005-January/016674.html I cannot get the multicast packets to pass the fw when

I'm getting a gazillion of these probes in my firewall logs. I don't understand what's going on here,... These all look like bootp requests from 10.21.72.1, to 255.255.255.255. there's certainly no 10.x.x.x here on this network, and I don't get the destination address... is it possible to send packets out onto the internet addressed like that? whois doesn't turn up

[192.168.0.0/24 Lan] v [Shorewall box ''Curtain'', 192.168.0.254, DHCP to ISP, and a OpenVPN tunnel 10.4.0.2] v [Internet] v [Shorewall box ''statler'' 130.241.25.165, and an OpenVPN tunnel 10.4.0.1] Now, i have set a rule on statler ACCEPT vpn $FW tcp smtp and i have as below. root@statler:/etc/shorewall# cat zones | grep -v ^# net Net Internet

I''m having a problem with the Shorewall firewall and CUPS printing interfering with each other. My Linux firewall machine is acting as both a CUPS server and client for all of my tests. Shorewall 2.0.13 CUPS 1.1.22-2 Linux kernel 2.6.9 CUPS was working fine to print to my Epson C84 (network connected via a Netgear PS101 print server using lpd://PS101.IP.address/raw ) until I

Louis, Tried the rules you suggested: These work. I think that rules out any Windows problems. ufw insert 1 allow in on enp2s5 from 192.168.254.15 to 192.168.254.39 ufw insert 2 allow in on enp2s5 from 192.168.254.39 to 192.168.254.15 These do not work. ufw insert 1 allow in on enp2s5 proto tcp from 192.168.254.0/24 to 192.168.254.39 port 139,445 ufw insert 2 allow in on enp2s5 proto udp from

Hi My situation: I have two pc''s with public ip''s (192.159.56.206(webserver) and 84.196.123.65(mail-gateway)) in the dmz. The firewall (84.196.123.66) is configures with proxyarp, so nothing is changed on the pc''s from when they were not behind the firewall (i.e. they don''t have the firewall as gateway (and they each have different gateways, only 84.196.123.65

Here's the output: Feb 9 15:51:26 SSI001 kernel: SFW2-INext-ACC-TCP IN=eth0 OUT= MAC=00:0f:ea:73:88:12:00:40:2b:67:5b:a7:08:00 SRC=192.168.1.54 DST=192.168.1.2 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=51248 DF PROTO=TCP SPT=1964 DPT=139 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (020405B401010402) Feb 9 15:51:28 SSI001 kernel: SFW2-INext-ACC-TCP IN=eth0 OUT=

Hi, I have a install of shorewall I have 2 interfaces(I think) ppp0[connection device] and eth0 [LAN device], I want to allow all traffic from the the internet in or aleast port 80 and CVS and webmin and mail and everything normal to the main machine with shorewall on it. I changed to policy file but it just gave me errors as to double interfaces. I also what still to alow connection sharing

I have searched your FAQ''s and read the documentation on your site as well as googling. I am not able to figure this out. If you have any ideas can you please help. I am using the linux-ha failover with redundant firewalls. As part of the function of the linux-ha software consists a service called heartbeat which is a connection from each failover node through a serial cable or ethernet.

Hi all, I''m tring to isolate P2P traffic, specifically BitTorrent, for my QoS scripts. I can''t seem to completely isolate ALL BitTorrent traffic. I identify & mark packets and then use tc filters to put them into appropriate classes. My firewall rules (below) do the markings. My VoIP boxes'' and ICMP traffic get highest priority (mark 1). Then comes DNS, SSH,