similar to: After shorewall restart NAT SMTP connection slow; reboot and it works fine

Hello all, Yesterday I noticed that my system was "leaking" traffic towards the 10/8 network, I have shorewall installed on multiple machines ranging from single interface devices to ones with 10+ interfaces. I tested all the boxes and they are showing the same behavior. All systems are CentOS 3.4, 2.4.21-27.0.2.ELsmp. Shorewall version: 2.2.1 For the host mentioned is a single

I just recompiled a plain vanilla 2.4.28 kernel, and used the Shorewall.net kernel config as a guideline. For some reason, I get this: Nov 30 12:05:34 fw shorewall: Shorewall has detected the following iptables/netfilter capabilities: Nov 30 12:05:34 fw shorewall: NAT: Available Nov 30 12:05:34 fw shorewall: Packet Mangling: Available Nov 30 12:05:34 fw shorewall: Multi-port Match:

Hi All, Just joined the list to try and solve a problem. To show that I''ve read the rules I''ll start with the requested info os linux kernel-2.4.27 with latest netfilter pom for gre and pptp conntrack etc iptables is 1.3.0 - downloaded and compiled with the pom stuff and the 2.4.27 kernel shorewall version shorewall-2.2.1-2 from rpm ip addr show [root@squid3 root]# ip addr

Hello, After I''ve switched from 2.1.6 to 2.1.11 I could not run Xserver (TCP 6000) over ipsec anymore, so I''ve reinstalled 2.1.6. Is it a bug or configuration issue? The error is: Shorewall:net2all:DROP: IN=eth0 OUT=eth1 MAC=00:50:da:2d:c1:6c:00:0c:31:f6:c4:8d:08:00 SRC=192.168.123.150 DST=192.168.1.2 LEN=48 TOS=00 PREC=0x00 TTL=62 ID=36507 CE PROTO=TCP SPT=35069 DPT=6000

Heya guys and gals, I had a shorewall 1.4.x running on my router and somehow it decided to stop working. I didn''t really change something, it just stopped working really. Anyway, here the info that is asked for on the support page at first: # shorewall version 2.0.9 # ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd

In the panic of replacing our firewall(s) earlier in the week, we ended up moving our original shorewall 1.4 config onto a machine with 2.0.10 already installed, overwriting all the 2.0.10 config files. Most things seem to work fine, except for our masq entries. I''ve examined the default 2.0.10 files compared with our 1.4 files, and can''t spot the problem. What am I missing?

Hello, I have a pretty standard two-interface setup with masquerading, so the local network can connect through the firewall to the Internet. On the firewall box (trevor), eth0 is connected to a cable modem and eth1 is connected to the local network via a crossed cable. There is one other machine on the local network (brian), whose eth0 is at the other end of the crossed cable. I used to have

Hi all, I finally got my IPSec tunnel from my Fedora firewall system (running Shorewall 4.0.6) to a remote Draytek Router up-and-running, but I''m having difficulties directing traffic through the tunnel. From the output of "racoon -F -f racoon.conf" and the connection status page of the Draytek I can tell the tunnel is UP, but ping and traceroute requests to several hosts

I have what strikes me as an odd problem with shorewall. Let me describe my setup. My desktop (alfred) is connected to the network through an ADSL modem. I am running rp-pppoe, and this works perfectly. I have a small home network, with two LANs; an Ethernet LAN (including a machine running Windows XP), and a WiFi LAN, including the laptop (william) I am using now. All the computers except for

Dear All, Linux Kernel 2.4.20-8 Running Shorewall 2.2.0 ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:48:54:53:82:45 brd ff:ff:ff:ff:ff:ff inet 62.68.254.178/28 brd

Okay, no one had any idea concerning my Radmin question, which I still haven''t figured out. However, I am now trying to figure out an FXP problem. All of the needed details are listed below the description problem. Problem: I have a local windows XP pro computer running FlashFXP behind shorewall 2.0.9 (unpatched) with only two interfaces (ppp0 and eth1) as loc:192.168.1.5. The server

Ok here are all the information the website said I should include first: [root@residents root]# shorewall version 1.4.8 [root@residents root]# ip addr show 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100

I have obviously done something on my system to cause it to no longer show Shorewall log entries in the syslogs, but for the life of me I can''t figure out what. Let me first give you some details about my config which will hopefully show why I think logging should be working, and perhaps you can tell me why it''s not. I am using version 2.0.9 from the debian sarge package

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The original post was over 300,000kb so I didn''t spam the list with it -TE. | | | Thank you for your quick and helpful response. | | I didn''t understand that the virtual interface eth0:1 doesn''t count as a separate instance from eth0. | I am sorry to ask for further assistance and would appreciate any help. The error

I don''t think this has anything to do with Shorewall but I am not too familiar with iptables stuff yet so I''m not sure. Running Shorewall shorewall-1.4.9 on Mandrake Linux release 9.2 (FiveStar) for i586 Kernel 2.4.22-37mdk. Run "nmap -sP 192.168.x.x/24" (for example), where 192.168.x.x/24 is the LAN. You can do this from a firewall/router, or even from a

We switched over from a bordermanager firewall to a shorewall firewall. Some stuff is not working now. I realized that I had not created the route for the network that is not working however once I created it, it still didn''t work. Most of our network is fine however some pieces are not working. [Net] - [Shorewall] - [LAN] - [Cisco] - [Clients and servers not working] The firewall

[ sorry for cross-posting this to newbies and users, but I''m a bit desperate to get this resolved ] This is strange... I had this working before without any problems, and recently we started to have some odd issues. I can''t be sure exactly what has changed as I''m unfortunately not the only person with access to the server. {sigh} The problem is that I pretty much

Hi, I have been a shorewall user for a long time now, and it has been working flawlessly. I have now changed ISP and my new DSL connection is PPPoE. My setup is as follows: internet <--------> 3com812 Officeconnect (bridge mode) <----> eth0 <-------> linux box <----> eth1, eth2, eth3, eth4 <---> other internal networks Things are working fine, but the link is

Hello Tom, I''ve been using Shorewall for years without problems. My previous version of shorewall was 1.4.6b-1. Everything worked just fine. Today I upgraded using rpm to 2.0.8-1. After update no one can connect to any interface from net. Server can connect to outside world fine and those described in routestopped have no problem connecting. Any help correcting this problem would be

Hi, after migrating to shorewall firewall from my own iptables rule set (to utilise freeswan vpn tunnels) I have successfully configured a 3 interface firewall with net2net vpn tunnels, with the help of the shorewall documentation. However I cannot seem to configure my final step which is to masq another subnet attached to my LAN (LANB, via Cisco 1603 router) to get internet access via the