Displaying 20 results from an estimated 1000 matches similar to: "what is this dhcp flag?"
2004 Nov 30
2
RFC1918 all of a sudden?
Is my RFC1918 file obsolete? I have been assigned an ip in the
83.0.0.0/8 range, and of cource a lot of Shorewall systems drop me with
a RFC1918 error.
So, is my ISP actually giving me a RFC1918 IP, or am I missing
something?
.
2005 May 09
12
shorewall suddenly dropping all from outside
Hi List,
I read this list for nearly two years and learnt a lot, but now i have
a very strange problem I can''t solve..
I have a firewall machine running Debian, which connects a small
office to the internet via a DSL-line (with pppoe) and which is
running Shorewall. It allows all outbound traffic and accepts pptp,
openvpn and ssh-connections (on a non-standard port) from the
internet.
2004 Nov 09
9
Dyndns
Hi,
I''ve a little problem, I hope so..
First a hint, I haven''t a static IP - Adress and so I used a dyndns
Provider.
In DMZ runs a sftp server. It should accessible from net. My router is
forwarding the traffic from port 22 to the machine in DMZ. Now, in
basic installation I have rfc1918-dropping configured by net
interface.
My problem:
If rfc1918 dropping is on I
2004 Jan 09
32
Ideas for Shorewall 2.0
I''m beginning to think again about what will be different in 2.0. Here
are some thoughts.
a) User-defined actions will be emphasized.
- A library of actions will be available with names such as:
AcceptSSH
AcceptDNS
DropWindows (drops all SMB noise)
DropBroadcasts (Silently drop all Broadcast traffic)
...
The possibilities are nearly endless but should
2002 Apr 20
2
Blocking rfc1918 addresses with one exception
Hi
I''ve come accross a small problem with the rcf1918 address blocking on
my internet interface.
Im connected via a cable modem and it has an internel web server that
allows me to configure/monitor it but as expected if I enable rfc1918
blocking for my eth0 interface(The internet one) it also blocks the
cable modems web server. Is there any way it can add a rule before the
rfc1918
2003 Jan 03
6
RFC1918_LOG_LEVEL
I have tried (RH7.3/shorewall-1.3.12-1) both of the following in
shorewall.conf to eliminate ''rfc1918'' logging into /var/log/messages:
RFC1918_LOG_LEVEL=debug
RFC1918_LOG_LEVEL=notice
Neither appear to eliminate the logging.
Here''s what the ''logdrop'' chain shows:
1 229 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix \
2004 Nov 24
10
Attack from local network or...?
Hello,
when I execute "shorewall hits" command I find this stats:
HITS IP DATE
---- --------------- ------
92099 192.168.0.2 Nov 24
7764 59.104.107.85 Nov 23
3997 192.168.1.77 Nov 24
337 181.50.93.89 Nov 23
331 59.104.156.68 Nov 23
315 99.109.157.73 Nov 23
301 190.225.157.40 Nov 23
275 179.153.183.53 Nov 23
268
2007 Nov 20
11
rfc1918 on external interface
Please, help me. Can i forbid and how any outgoing traffic
(ping,trace) to rfc1918 networks on my external interfaces?
Thank you very much.
Aleksandr
--------------------
Продукция AcmePower - это зарядные устройства, аккумуляторы формата АА
и ААА, сетевые адаптеры, аккумуляторные батареи для фото и видеокамер,
ноутбуков и PDA. Гарантия минского сервисного центра.
2005 Apr 21
6
bogons update
hi:
Just a litle update:
41/8 allocated to AfriNIC (APR 2005).
73/8 allocated to ARIN (MAR 2005).
hope it helps.
2003 Feb 24
2
69.x.x.x network in rfc1918
I came across a problem when one of our clients was not able to access any
of the servers on our network. This person has never connected to us before
and now for this first time was trying to do it from his home is Houston, TX
using earthlink cable service provided by Time Warner. All this
information, I think, is important because when I started examining my
shorewall logs I found out
2004 Dec 10
9
parallel zone: loc2 is composition of loc1
i have no idea how to definie for a parallel zone the host file if the
second zone (net) should be the composition of the first zone (dmz).
i tried all the following combinations in the interface and host files:
interface:
- eth0 - (variante 1)
- eth0 192.168.0.255,255,255,255,255 (variante 2)
- eth0 192.168.0.255,!192.168.0.255 (variante 3)
2004 Aug 30
4
DROPPED SYN Packets
Hi,
One person, trying to access my website has troubles doing so. All other
users do not have a problem.
I have a cable modem, with a shorewall 1.4 machine behind it. On the second
interface of the shorewall machine I have a few machines, of which one is
the webserver.
Checking the logfile I see the following messages:
Aug 30 21:24:16 gatekeeper kernel: Shorewall:rfc1918:DROP:IN=eth1
2004 Nov 02
3
Shorewall 2.2.0 Beta 2
http://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
ftp://shorewall.net/pub/shorewall/2.2-Beta/shorewall-2.2.0-Beta2
Problems Corrected:
1. The "shorewall check" command results in the (harmless) error
message:
/usr/share/shorewall/firewall: line 2753:
check_dupliate_zones: command not found
2. The
2004 Sep 16
3
Help with brain cramp question....
I''m sorry to have to bother the list with this, but I''m missing
something obvious and my brain is cramping or something, I cannot find
the answer...
Here is an entry from my log file:
Sep 16 11:12:34 fw kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT=
MAC=00:c0:9f:1e:fa:99:00:07:50:cd:a5:80:08:00 SRC=201.1.7.201
DST=208.10.57.129 LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=11155 DF
2003 Oct 02
2
Shorewall 1.4.7 RC2
http://shorewall.net/pub/shorewall/Beta
ftp://shorewall.net/pub/shorewall/Beta
Problems corrected since RC1:
1) The documentation of the USERSETS column in the rules file has been
corrected.
2) If there is no policy defined for the zones specified in a rule,
the firewall script previously encountered a shell syntax error:
[: NONE: unexpected operator
Now, the absence of a
2006 Jul 21
4
OpenVZ and virtuel network
Hello All
I installed shorewall 3.0.8 on Centos 4.3 with openvz.org kernel
it work well
i have in this Host 3 virtual servers (VPS)
i can access from a VPS to the internet , and with NAt rule (Via
Shorewall) i can access from Internet to the 3 VPS.
i want that all the 3 VPS can communicate between them.
i can''t do a tcp connection from a VPS to an other , in my shorewall log
in the
2020 Sep 21
2
Asterisk Drop call
Hello
I have an asterisk 16.2.1 on an ubuntu on AWS, which is experiencing a
drop in call. It does not have a certain time, it is random. The audio
is flowing normally and the call is dropped.
Has anyone ever experienced this?
My settings changed below:
allowoverlap = no
udpbindaddr = 0.0.0.0
tcpenable = no
tcpbindaddr = 0.0.0.0
transport = udp, ws, wss
srvlookup = yes
directmedia = no
2004 Jul 26
3
Intermittently denying access to webshop
Hello shorewall-users,
we have a strange problem where some of our customers cannot access our
webshop, but most of the customers can. I have been slowly eliminating
possibilities and am now left with either the firewall (Shorewall 1.4) or the
webshop server.
What appears a lot in the logfiles is:
Jul 26 11:51:04 gw kernel: Shorewall:logdrop:DROP:IN=eth0 OUT=eth1 SRC=84.128.198.240
2005 May 30
13
RE: Proxy ARP working from Internet butnotfromfwand loc
Hi Alex, and thanks for your time.
Probably not.
The servers are only configured like they where when they where parallel to
the fw.
Just the default gateway, same as for the external interface on the fw.
That''s what the documentation instructed to configure the servers using arp.
But is it required with extra configuration on the server connected via
proxy arp?
Or is it some parameter
2006 Nov 06
3
Ingress qdisc bypassed on SNAT''ed traffic?
Hello,
I am using the following iptables POSTROUTING rule to NAT some RFC
1918 addresses:
iptables -t nat -A POSTROUTING -s 192.168.19.23 !
192.168.0.0/255.255.0.0 -p tcp --dport 80 -j SNAT --to-source
10.32.4.2
(I am using SNAT instead of MASQUERADE for performance reasons).
I have several addresses on the 192.168.0.0/16 subnet that I am
SNAT''ing similarly.
Problem is, ''tc