Displaying 20 results from an estimated 20000 matches similar to: "After shorewall restart NAT SMTP connection slow; reboot and it works fine"
2005 Mar 10
7
norfc1918 not working in SW 2.2.1?
Hello all,
Yesterday I noticed that my system was "leaking" traffic towards the
10/8 network, I have shorewall installed on multiple machines ranging
from single interface devices to ones with 10+ interfaces. I tested all
the boxes and they are showing the same behavior.
All systems are CentOS 3.4, 2.4.21-27.0.2.ELsmp.
Shorewall version: 2.2.1
For the host mentioned is a single
2004 Nov 30
5
Problem with 2.4.28 kernel config
I just recompiled a plain vanilla 2.4.28 kernel, and used the Shorewall.net
kernel config as a guideline. For some reason, I get this:
Nov 30 12:05:34 fw shorewall: Shorewall has detected the following
iptables/netfilter capabilities:
Nov 30 12:05:34 fw shorewall: NAT: Available
Nov 30 12:05:34 fw shorewall: Packet Mangling: Available
Nov 30 12:05:34 fw shorewall: Multi-port Match:
2005 Mar 23
9
multiple vpn connections out via shorewall
Hi All,
Just joined the list to try and solve a problem.
To show that I''ve read the rules I''ll start with the requested info
os linux kernel-2.4.27 with latest netfilter pom for gre and pptp conntrack
etc
iptables is 1.3.0 - downloaded and compiled with the pom stuff and the 2.4.27
kernel
shorewall version shorewall-2.2.1-2 from rpm
ip addr show
[root@squid3 root]# ip addr
2004 Oct 19
2
Xserver over IPSEC in 2.1.11
Hello,
After I''ve switched from 2.1.6 to 2.1.11 I could not run Xserver (TCP 6000)
over ipsec anymore, so I''ve reinstalled 2.1.6.
Is it a bug or configuration issue?
The error is:
Shorewall:net2all:DROP: IN=eth0 OUT=eth1
MAC=00:50:da:2d:c1:6c:00:0c:31:f6:c4:8d:08:00 SRC=192.168.123.150
DST=192.168.1.2 LEN=48 TOS=00 PREC=0x00 TTL=62 ID=36507 CE PROTO=TCP
SPT=35069 DPT=6000
2004 Oct 17
1
DNAT not working anymore
Heya guys and gals,
I had a shorewall 1.4.x running on my router and somehow it decided to
stop working.
I didn''t really change something, it just stopped working really.
Anyway, here the info that is asked for on the support page at first:
# shorewall version
2.0.9
# ip addr show
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd
2004 Nov 20
5
Differences in masq from 1.4 -> 2.0?
In the panic of replacing our firewall(s) earlier in the week, we ended up
moving our original shorewall 1.4 config onto a machine with 2.0.10
already installed, overwriting all the 2.0.10 config files.
Most things seem to work fine, except for our masq entries. I''ve examined
the default 2.0.10 files compared with our 1.4 files, and can''t spot the
problem. What am I missing?
2004 Sep 27
9
masq - pings and connections get dropped after PREROUTING?
Hello,
I have a pretty standard two-interface setup with masquerading, so the local
network can connect through the firewall to the Internet.
On the firewall box (trevor), eth0 is connected to a cable modem and eth1 is
connected to the local network via a crossed cable. There is one other
machine on the local network (brian), whose eth0 is at the other end of the
crossed cable.
I used to have
2008 Jul 07
5
IPSEC tunnel up, but no traffic coming through
Hi all,
I finally got my IPSec tunnel from my Fedora firewall system (running
Shorewall 4.0.6) to a remote Draytek Router up-and-running, but I''m having
difficulties directing traffic through the tunnel. From the output of
"racoon -F -f racoon.conf" and the connection status page of the Draytek I
can tell the tunnel is UP, but ping and traceroute requests to several hosts
2005 Jan 08
8
Shorewall problem, perhaps with PPPoE
I have what strikes me as an odd problem with shorewall.
Let me describe my setup.
My desktop (alfred) is connected to the network
through an ADSL modem.
I am running rp-pppoe, and this works perfectly.
I have a small home network, with two LANs;
an Ethernet LAN (including a machine running Windows XP),
and a WiFi LAN, including the laptop (william) I am using now.
All the computers except for
2005 Jan 30
20
FTP Transparent Proxy from Local To Net Through DMZ
Dear All,
Linux Kernel 2.4.20-8
Running Shorewall 2.2.0
ip addr show
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:48:54:53:82:45 brd ff:ff:ff:ff:ff:ff
inet 62.68.254.178/28 brd
2004 Oct 09
9
fxp initiated behind shorewall
Okay, no one had any idea concerning my Radmin question, which I still
haven''t figured out. However, I am now trying to figure out an FXP problem.
All of the needed details are listed below the description problem.
Problem:
I have a local windows XP pro computer running FlashFXP behind shorewall
2.0.9 (unpatched) with only two interfaces (ppp0 and eth1) as
loc:192.168.1.5. The server
2004 Aug 24
14
Shorewall response time slowing
Ok here are all the information the website said I should include first:
[root@residents root]# shorewall version
1.4.8
[root@residents root]# ip addr show
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
2004 Oct 29
8
No entries in the syslog, even though the LOG chains show counts
I have obviously done something on my system to cause it to no longer
show Shorewall log entries in the syslogs, but for the life of me I
can''t figure out what. Let me first give you some details about my
config which will hopefully show why I think logging should be working,
and perhaps you can tell me why it''s not.
I am using version 2.0.9 from the debian sarge package
2004 Sep 15
15
re: start error
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The original post was over 300,000kb so I didn''t spam the list with it -TE.
|
|
| Thank you for your quick and helpful response.
|
| I didn''t understand that the virtual interface eth0:1 doesn''t count as
a separate instance from eth0.
| I am sorry to ask for further assistance and would appreciate any
help. The error
2004 Oct 13
4
Connection tracking on non-masqueraded interfaces.
I don''t think this has anything to do with Shorewall but I am not too
familiar with iptables stuff yet so I''m not sure.
Running Shorewall shorewall-1.4.9 on Mandrake Linux release 9.2 (FiveStar)
for i586 Kernel 2.4.22-37mdk.
Run "nmap -sP 192.168.x.x/24" (for example), where 192.168.x.x/24 is the LAN.
You can do this from a firewall/router, or even from a
2004 May 17
3
Yikes! Routing issues!
We switched over from a bordermanager firewall to a shorewall firewall.
Some stuff is not working now.
I realized that I had not created the route for the network that is not
working however once I created it, it still didn''t work.
Most of our network is fine however some pieces are not working.
[Net] - [Shorewall] - [LAN] - [Cisco] - [Clients and servers not
working]
The firewall
2004 Feb 26
4
Help! Martians invading through IPSec. :-)
[ sorry for cross-posting this to newbies and users, but I''m a bit
desperate to get this resolved ]
This is strange... I had this working before without any problems, and
recently we started to have some odd issues. I can''t be sure exactly
what has changed as I''m unfortunately not the only person with access
to the server. {sigh}
The problem is that I pretty much
2004 Nov 03
2
PPPoE + Masquedate + Shorewall
Hi,
I have been a shorewall user for a long time now, and it has been
working flawlessly. I have now changed ISP and my new DSL connection is
PPPoE.
My setup is as follows:
internet <--------> 3com812 Officeconnect (bridge mode) <----> eth0
<-------> linux box <----> eth1, eth2, eth3, eth4 <---> other internal
networks
Things are working fine, but the link is
2004 Sep 20
2
After upgrade people can no longer connect
Hello Tom,
I''ve been using Shorewall for years without problems. My previous version of
shorewall was 1.4.6b-1. Everything worked just fine. Today I upgraded using
rpm to 2.0.8-1. After update no one can connect to any interface from net.
Server can connect to outside world fine and those described in routestopped
have no problem connecting. Any help correcting this problem would be
2003 Jul 09
2
router in a subnet again :)
Hi,
after migrating to shorewall firewall from my own iptables rule set (to
utilise freeswan vpn tunnels) I have successfully configured a 3 interface
firewall with net2net vpn tunnels, with the help of the shorewall
documentation. However I cannot seem to configure my final step which is to
masq another subnet attached to my LAN (LANB, via Cisco 1603 router) to get
internet access via the