similar to: what is this dhcp flag?

Is my RFC1918 file obsolete? I have been assigned an ip in the 83.0.0.0/8 range, and of cource a lot of Shorewall systems drop me with a RFC1918 error. So, is my ISP actually giving me a RFC1918 IP, or am I missing something? .

Hi List, I read this list for nearly two years and learnt a lot, but now i have a very strange problem I can''t solve.. I have a firewall machine running Debian, which connects a small office to the internet via a DSL-line (with pppoe) and which is running Shorewall. It allows all outbound traffic and accepts pptp, openvpn and ssh-connections (on a non-standard port) from the internet.

Hi, I''ve a little problem, I hope so.. First a hint, I haven''t a static IP - Adress and so I used a dyndns Provider. In DMZ runs a sftp server. It should accessible from net. My router is forwarding the traffic from port 22 to the machine in DMZ. Now, in basic installation I have rfc1918-dropping configured by net interface. My problem: If rfc1918 dropping is on I

I''m beginning to think again about what will be different in 2.0. Here are some thoughts. a) User-defined actions will be emphasized. - A library of actions will be available with names such as: AcceptSSH AcceptDNS DropWindows (drops all SMB noise) DropBroadcasts (Silently drop all Broadcast traffic) ... The possibilities are nearly endless but should

Hi I''ve come accross a small problem with the rcf1918 address blocking on my internet interface. Im connected via a cable modem and it has an internel web server that allows me to configure/monitor it but as expected if I enable rfc1918 blocking for my eth0 interface(The internet one) it also blocks the cable modems web server. Is there any way it can add a rule before the rfc1918

I have tried (RH7.3/shorewall-1.3.12-1) both of the following in shorewall.conf to eliminate ''rfc1918'' logging into /var/log/messages: RFC1918_LOG_LEVEL=debug RFC1918_LOG_LEVEL=notice Neither appear to eliminate the logging. Here''s what the ''logdrop'' chain shows: 1 229 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix \

Hello, when I execute "shorewall hits" command I find this stats: HITS IP DATE ---- --------------- ------ 92099 192.168.0.2 Nov 24 7764 59.104.107.85 Nov 23 3997 192.168.1.77 Nov 24 337 181.50.93.89 Nov 23 331 59.104.156.68 Nov 23 315 99.109.157.73 Nov 23 301 190.225.157.40 Nov 23 275 179.153.183.53 Nov 23 268

Please, help me. Can i forbid and how any outgoing traffic (ping,trace) to rfc1918 networks on my external interfaces? Thank you very much. Aleksandr -------------------- Продукция AcmePower - это зарядные устройства, аккумуляторы формата АА и ААА, сетевые адаптеры, аккумуляторные батареи для фото и видеокамер, ноутбуков и PDA. Гарантия минского сервисного центра.

hi: Just a litle update: 41/8 allocated to AfriNIC (APR 2005). 73/8 allocated to ARIN (MAR 2005). hope it helps.

I came across a problem when one of our clients was not able to access any of the servers on our network. This person has never connected to us before and now for this first time was trying to do it from his home is Houston, TX using earthlink cable service provided by Time Warner. All this information, I think, is important because when I started examining my shorewall logs I found out

i have no idea how to definie for a parallel zone the host file if the second zone (net) should be the composition of the first zone (dmz). i tried all the following combinations in the interface and host files: interface: - eth0 - (variante 1) - eth0 192.168.0.255,255,255,255,255 (variante 2) - eth0 192.168.0.255,!192.168.0.255 (variante 3)

Hi, One person, trying to access my website has troubles doing so. All other users do not have a problem. I have a cable modem, with a shorewall 1.4 machine behind it. On the second interface of the shorewall machine I have a few machines, of which one is the webserver. Checking the logfile I see the following messages: Aug 30 21:24:16 gatekeeper kernel: Shorewall:rfc1918:DROP:IN=eth1

http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2 Problems Corrected: 1. The "shorewall check" command results in the (harmless) error message: /usr/share/shorewall/firewall: line 2753: check_dupliate_zones: command not found 2. The

I''m sorry to have to bother the list with this, but I''m missing something obvious and my brain is cramping or something, I cannot find the answer... Here is an entry from my log file: Sep 16 11:12:34 fw kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT= MAC=00:c0:9f:1e:fa:99:00:07:50:cd:a5:80:08:00 SRC=201.1.7.201 DST=208.10.57.129 LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=11155 DF

http://shorewall.net/pub/shorewall/Beta ftp://shorewall.net/pub/shorewall/Beta Problems corrected since RC1: 1) The documentation of the USERSETS column in the rules file has been corrected. 2) If there is no policy defined for the zones specified in a rule, the firewall script previously encountered a shell syntax error: [: NONE: unexpected operator Now, the absence of a

Hello All I installed shorewall 3.0.8 on Centos 4.3 with openvz.org kernel it work well i have in this Host 3 virtual servers (VPS) i can access from a VPS to the internet , and with NAt rule (Via Shorewall) i can access from Internet to the 3 VPS. i want that all the 3 VPS can communicate between them. i can''t do a tcp connection from a VPS to an other , in my shorewall log in the

Hello I have an asterisk 16.2.1 on an ubuntu on AWS, which is experiencing a drop in call. It does not have a certain time, it is random. The audio is flowing normally and the call is dropped. Has anyone ever experienced this? My settings changed below: allowoverlap = no udpbindaddr = 0.0.0.0 tcpenable = no tcpbindaddr = 0.0.0.0 transport = udp, ws, wss srvlookup = yes directmedia = no

Hello shorewall-users, we have a strange problem where some of our customers cannot access our webshop, but most of the customers can. I have been slowly eliminating possibilities and am now left with either the firewall (Shorewall 1.4) or the webshop server. What appears a lot in the logfiles is: Jul 26 11:51:04 gw kernel: Shorewall:logdrop:DROP:IN=eth0 OUT=eth1 SRC=84.128.198.240

Hi Alex, and thanks for your time. Probably not. The servers are only configured like they where when they where parallel to the fw. Just the default gateway, same as for the external interface on the fw. That''s what the documentation instructed to configure the servers using arp. But is it required with extra configuration on the server connected via proxy arp? Or is it some parameter

Hello, I am using the following iptables POSTROUTING rule to NAT some RFC 1918 addresses: iptables -t nat -A POSTROUTING -s 192.168.19.23 ! 192.168.0.0/255.255.0.0 -p tcp --dport 80 -j SNAT --to-source 10.32.4.2 (I am using SNAT instead of MASQUERADE for performance reasons). I have several addresses on the 192.168.0.0/16 subnet that I am SNAT''ing similarly. Problem is, ''tc