Displaying 20 results from an estimated 4000 matches similar to: "Problems with Port Forwarding"
2004 Nov 26
3
[OT] - Problem in DMZ
Hi everyone,
Sorry for asking OT here, but I need your expertise :-)
I am running a standard 3 I/F net, dmz, loc Shorewall 1.4.7 on a RH 9 server
In the DMZ I have a web shop running with DNAT from the external address to
the DMZ - this all works
I want to add a develop server in the DMZ with external access so I set this
up as per the live server and from internal network it works, but from
2004 Jul 26
3
Intermittently denying access to webshop
Hello shorewall-users,
we have a strange problem where some of our customers cannot access our
webshop, but most of the customers can. I have been slowly eliminating
possibilities and am now left with either the firewall (Shorewall 1.4) or the
webshop server.
What appears a lot in the logfiles is:
Jul 26 11:51:04 gw kernel: Shorewall:logdrop:DROP:IN=eth0 OUT=eth1 SRC=84.128.198.240
2004 Nov 22
6
Dynamic Failover
I am faced with a network that needs to autoswitch to isdn should
T-1 go down. After a shorewall search it looks to be quite a deal with
routing
config with linux. Like scripts written to deal with knowing the T-1 is
down.
I looked into a cisco router that does this. around $3000
This network has used shorewall as the gateway for 4 years now.
Currently Fedora as op. system. It appears to me
2004 Dec 26
1
Preparing for Shorewall 2.2 -- End of Support for Shorewall 1.4 is near!
Shorewall 2.2.0 is expected to be released in the February/March
timeframe so it is now time to begin thinking about preparing to
upgrade. This is particularly important for those of you still running
Shorewall 1.4 since support for that version will end with the release
of 2.2.
For those of you still running Shorewall 1.4, here are some things that
you can do ahead of time to ease the upgrade to
2004 Aug 17
4
Wild cards in "shorewall add" command
Hi
I am looking at converting a Linux terminal server box to iptables
using Shorewall 2.0. (At the moment it uses ipchains).
The server currently has scripts which are called as each user logs
in which run a series of "ipchains" commands to set the access
rights for that user (and again to cancel them when the user logs
out). My plan is to replace these scripts with ones that call
2004 Aug 12
1
Upgrading to v2.x
Hello shorewall-users,
now that I''ve got v1.4 problems solved I''d just like to ask a general question.
Are there any real benefits to upgrading if v1.4 does what I want ?
I''m not a fan of bleeding-edge in production and I don''t go for "v2 must be better than v1 because it''s newer"
Tom, if you have a few minutes, what''s new in 2.0
2004 Oct 05
1
IPsec help
Hello all,
I''m setting up (for the first time) IPsec and have a question
I need to allow another location access to a specific server in our local
network, and deny access to all other servers
I have followed Tom''s IPsec tunnel guide and setup a vpn zone, but I don''t
want to allow all traffic in both directions so I haven''t added a general
policy for vpn.
2012 Sep 05
2
DNAT issue
Hi,
Sorry, not an experienced shorewall user, this is my first basic setup.
This starts to drive me crazy.
I wanted to use DNAT to forward port 33890 to an internal machine (windows)
port 3389. To reach my workstation when I''m not home.
In my rules :
DNAT:debug net loc:192.168.0.11:3389 tcp 33890 -
pub.lic.ip.add
#SECTION BLACKLIST
#well known port scans
DROP net
2006 Feb 07
7
Masquerading issue
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello,
Shorewall-3.0.3
RH9 (+legacy updates)
eth0: loc: 192.168.1.0/24
eth0:0: loc: 192.168.20.0/24
eth1:: 69.70.32.8/29
I''m worked all day on an issue I found today and I just can''t find a way
to fix my problem.
So, basically, for now, my network looks like this:
Internet
^
|
(69.70.32.8/29)
Firewall
192.168.1.1
2009 May 08
4
XEN/bridge mode
Hi!
I want to forward the port 3389 from the domU to the virtual server with ip
address 192.168.122.77 with not success...
I tried a lot of iptables rules with no luck so far. Is this possible? I
take a look at other post and I don''t found an answer.
By example:
/sbin/iptables -t nat -A PREROUTING -p tcp -i xenbr0 --dport 3389 -j DNAT
--to 192.168.122.77:3389
the virtual nic for the
2003 Sep 05
3
Confused about approach
Greetings all,
I''m a bit of a linux rookie, but a friend and I have built a
firewall running Shorewall 1.4.6c over a minimal install of Redhat 9.
Out network setup looks something like this:
Cable Modem : eth0 :12.xxx.xxx.3 (Zone is named INSIGHT)
Campus Lan : eth1 : 10.176.9.21 (Zone is named MULAN)
DMZ : eth2 : 192.168.1.0 255.255.255.0 (Zone is named DMZ)
Currently, I
2005 Mar 11
2
Port Forwarding, followed all the forums and FAQs
I apologize before hand for my newbie question, but I have done the research and I still cant find a solution.
Shoreline 1.4.8
Problem: Firewall isent allowing me to port forward to server
Port Open = 3389 (RDP)
Line added for Port Forwarding:DNAT net loc:192.168.42.5 tcp 3389
Error Produced:
Mar 11 06:37:40 net2allROP:IN=ppp0 OUT=eth1 SRC=64.x.x.xxx DST=192.168.42.2 LEN=48 TOS=0x00
2005 Mar 18
6
Fowarding through networks
1 small question i have 4 network cards on my firewall
eth0 inet
eth1 internel network
eth2 customer network
eth3 freeswan vpn
is there a way that i can connect the eth2 and eth1 network together so
that i can access the servers off eth1 from eth2?
Marshal McInnis Tech / Web Designs
1-205-344-4455 Ext 208
2005 Jul 07
4
DNAT with 2 ISP''s
Hi,
I have 2 internet nic''s with differents ISPs.
eth0 = isp1
eth3 = isp2
My internal network is eth1
# /etc/interfaces
net eth0 detect routefilter,norfc1918,blacklist
net eth3 detect routefilter,norfc1918,blacklist
loc eth1 detect
# /etc/policy
loc net ACCEPT
net net DROP
2008 Dec 04
4
iptables questionson CentOS
Hi,
I know these are a few iptbales questions. NOT CentOS, anyway, I am
running a firewall on centos 5.x.
If you can response, it would be fine.
I want to add a SNAT rule for one user in LAN to access one particular
destination on the internet.
Let's say www.centos.org
I added the below rule. But . it does NOT work
Pls assume 1.2.3.4 is the real ip of the firewall.
ip address
2005 Jul 14
7
Losing Packets after a DNAT in prerouting
I''m trying to setup some DNAT and the packets seem to be disappearing after
the PREROUTING step. The packets are coming in eth2 (both LOG targets in
iptables and tcpdump confirm this). They are then DNATed to an IP that
should cause them to go out eth3. However I never see them go out that
interface. I have tried putting LOG rules into the FORWARD chain with no
success. I''m
1998 Aug 23
4
Problems with smbmount
I have a problem. When I mount my CD (witch is on WIN97 machine) using
smbmount I do not see all files in all dirs. If dir have more then, let say,
100 files (it is not the same every time), I do not see all files.
This is a problem because on my Linux box I do not have CD-ROM, so if I have
to install some packages I first have to copy rpm files on disk, and then
install them witch is annoying.
2003 May 06
2
Compile R into a standalone EXE for WINNT
Hi,
I have an R script (transferred from SPLUS) and would like to compile a
standalone EXE (or DLL)
for WINNT. Would somebody know how this works or how it could be done ?
Thanks so much for any hints and suggestions; best regards
F.
Falk Huettmann
Geography Dept.-Earth Science-
2500 University Drive N.W.
University of Calgary
Calgary AB, T2N 1N4 CANADA
Email: falk at ucalgary.ca
Tel. 403
2006 Jan 09
8
Pri Gateway Hardware
Does anyone have any experience using a PRI gateway, I am looking for a way
to have multiple asterisk boxes use one PRI, and send that over the network.
I herd there are copper gateway devices (like a X100P card, only it
registers with asterisk using sip, and it doesn't have to be physically
connected to the box) Does anyone have any experience with a PRI gateway?
And could tell me the cost
2007 Aug 12
2
Convert factor to numeric vector of labels
Ein eingebundener Text mit undefiniertem Zeichensatz wurde abgetrennt.
Name: nicht verf?gbar
URL: https://stat.ethz.ch/pipermail/r-help/attachments/20070812/6da70dc8/attachment.pl