similar to: Re: routing between networks on same

Displaying 20 results from an estimated 100 matches similar to: "Re: routing between networks on same"

2002 Oct 12
2
logs analise
My logs show thats: A internal client search my proxy (192.168.0.3) Oct 12 12:40:33 massayo kernel: Shorewall:all2all:REJECT:IN=3Deth1 OUT=3D MAC=3D00:e0:7d:82:0f:fe:00:04:75:99:28:63:08:00 SRC=3D192.168.0.215 DST=3D192.168.0.3 LEN=3D63 TOS=3D0x00 PREC=3D0x00 TTL=3D128 ID=3D25902 PROTO=3DUDP SPT=3D3028 DPT=3D53 LEN=3D43 Why OUT is empty? From: Server (DMZ) Oct 12 12:40:34 massayo kernel:
2002 Oct 25
3
Neighbour table overflow
--kXdP64Ggrk/fb43R Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello everyone, I''m using Shorewall 1.2.12-1 on Debian 3.0, with the 2.4.17 kernel. I am seeing some interesting log entries, and after reading the documentation at Google and netfilter.org I have a couple questions. To begin, here are the entries I am
2005 Jul 12
1
Tripplite and newhidups
--zhXaljGHf11kAtnf Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I'm trying to set up a TrippLite Internet Office 750 just like this guy: http://lists.alioth.debian.org/pipermail/nut-upsuser/2005-June/000007.html Here's the output of a few interesting commands stuart@tyro:~+ dpkg-query -l nut nut-usb| tail -n2| awk
2005 Jun 02
1
Logcheck flagging "RIP" requests from Router
I enabled logcheck on a Debian Sarge box and it is including in it's reports hundreds of lines like this: Jun 2 17:56:09 localhost kernel: PUB_IN DROP 4 IN=eth0 OUT= +MAC=ff:ff:ff:ff:ff:ff:00:09:5b:e9:56:a0:08:00 SRC=192.168.13.10 +DST=192.168.13.255 LEN=52 TOS=0x00 PREC=0x00 TTL=1 ID=20692 PROTO=UDP SPT=520 +DPT=520 LEN=32 Jun 2 17:56:39 localhost kernel: PUB_IN DROP 4 IN=eth0 OUT=
2018 Sep 19
1
[Bug 1280] New: meta pkttype incompatible? with ingress
https://bugzilla.netfilter.org/show_bug.cgi?id=1280 Bug ID: 1280 Summary: meta pkttype incompatible? with ingress Product: nftables Version: unspecified Hardware: x86_64 OS: other Status: NEW Severity: major Priority: P5 Component: nft Assignee: pablo at netfilter.org
2005 May 20
1
Shorewall 2.2.5
This will be my last 2.2 release. It contains a couple of small bug fixes that I had laying around. http://shorewall.net/pub/shorewall/2.2/shorewall-2.2.5 ftp://shorewall.net/pub/shorewall/2.2/shorewall-2.2.5 1) Previously, if PKTTYPE=No in shorewall.conf then pkttype match would still be used if the kernel supported it. 2) A typo in the ''tunnel'' script has been corrected
2017 Apr 02
2
[Bug 1141] New: trace aborts using pkttype on ingress
https://bugzilla.netfilter.org/show_bug.cgi?id=1141 Bug ID: 1141 Summary: trace aborts using pkttype on ingress Product: nftables Version: unspecified Hardware: x86_64 OS: other Status: NEW Severity: major Priority: P5 Component: kernel Assignee: pablo at netfilter.org
2007 Jul 26
1
Re : DMZ and LOG
hello Tom >Another very likely cause is that Shorewall-shell is generating a pkttype >test to identify multicast packets. This can be unreliable and can be >avoided by setting PKTTYPE=No in shorewall.conf. After using PKTTYPE=No in shorewall.conf , my syslog is clean now. Do you mean that adding the following line in /etc/shorewall/interfaces is suffiscient? dmz eth1
2004 Jul 21
2
Small Modification to the Shorewall Release Model
After gaining some experience with the new release model, it has become apparent to me that a small adjustment is warrented. I previously announced that updates to the stable release would only contain bug fixes. I''m modifying that slightly to allow for small low-risk enhancements; large and/or risky enhancements will still be restricted to the development release. We have seen this
2014 Jun 26
2
Firewall question
I have a firewall rule to drop packets from certain addresses: (email spam) my /etc/sysconfig/iptables begins as: # Generated by iptables-save v1.4.7 on Thu Jun 26 09:11:09 2014 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1:148] -A INPUT -m pkttype --pkt-type multicast -j ACCEPT -A INPUT -s 223.255.229.0/24 -j DROP -A INPUT -s 218.96.0.0/24 -j DROP -A INPUT -s
2004 Oct 30
4
modules ipt_conntrack ipt_pkttype not found
Hello, I run Shorewall 2.0.3a backport on a debian woody box (with 2.4.18 homemade kernel). When I start shorewall I got the following errors. Oct 30 11:13:12 fwr modprobe: modprobe: Can''t locate module ipt_conntrack Oct 30 11:13:17 fwr modprobe: modprobe: Can''t locate module ipt_pkttype Oct 30 11:13:18 fwr modprobe: modprobe: Can''t locate module ipt_pkttype Oct 30
2004 Sep 26
1
routing between networks on same interface
Hello Tom and others, At first I want to say THANK YOU, for neverending support and development Shorewall firewall. I just upgraded from 1.x version to 2.0.7. I have several networks defined on same interface. These are /30 networks, defined on ethernet interface where hw wifi access point is connected to. I used this configuration to be able to get accounting information about traffic between
2005 Jul 02
6
Port redirection on standalone pc to pop3 proxy AV scanner
G''day all. I''m trying to set up Clam AV scanning of incoming POP3 email to my Thunderbird mail client; I have a standalone laptop with a 56k dialup connection to my ISP. I can''t seem to get port redirection working: I''m trying to redirect incoming POP3 mail from my ISP''s mail server to p3scan which is listening on 127.0.0.1:8110 and will do the AV
2007 Jul 26
2
DMZ and LOG
Hello !! I ve just install shorewall-common and shorewall-shell I can''t defined a network using the CIDR format for my DMZ in /etc/shorewall/hosts fast eth2:172.17.0.0/16 epac eth2:172.18.0.0/16 fsa eth2:172.19.0.0/16 bu eth2:172.20.0.0/16 recto eth2:172.21.0.0/16 dmz eth1:81.91.225.224/27 I receive this error: ERROR: Invalid zone definition for
2004 Oct 07
3
builtin action dropBcast - How to disable? - I''m not subscribed to the mailing list
Hi all, I''m using Fedora Core 2, kernel 2.6.5. I''ve installed shorewall 2.1.9 from rpm package. It seems that there is a builtin action called "dropBcast" drops all broadcast packages on my ethernet interfaces base on package type "pkttype=broadcast". For a particular reason, I need all traffics of broadcast packages are allowed to pass my ethernet
2005 Feb 28
1
Mail server on DMZ
Hello, I have this problem: when my mail server on the DMZ starts a connection to the internet it''s ip (213.58.230.26) is "masqueraded" with the firewall ip (213.58.230.50). I wouldn''t mind but there is a one customer who rejects the connection because it makes reverse dns and finds no dns entry for the firewall ip. How can i correct this? Thanks, MSantos shorewall
2005 Mar 07
10
DNS Name problem with mail server on LAN
Hi, I have a big "name problem" with my internal mail server (10.0.0.152). It is "seen" on the internet through DNAT (213.58.230.27). Also there is a MX record pointing to the machine. Everything works fine from the outside. However i can''t set the mail clients on the lan pointing to the mx record, because this one points to 213.58.230.27 and the firewall
2004 Dec 28
5
Multiple IP´s in one Zone
Hi everybody I have a Problem with Masquerading from my local net (loc) to my VPN (loc2). I can reach every Service from loc2 in loc, but I can''t get reach any service from loc in loc2. Has somebody an Idea where my mistake is ? Without shorewall, it was working. Thanks for helping Lars Technical Information : Shorewall 2.0.13 Suse 9.0 *177.177.77.X The first 3 Counts are changed
2006 Jan 28
3
Shorewall/Xen setup (correct from-address this time)
(if this post gets line-feed-mangled please read http://www.dl.reneschmidt.de/shorewallxenpost.txt - that''s an unmangled version, thank you) Hello, first I would like to thank the Mr. Eastep and contributors for this great piece of software and superb documentation. I have a SOHO server (Debian testing) that I''m using for several purposes so I''ve set up a Xen
2004 Nov 29
2
SFTP
(anonymous post) I have a simple 2 interface firewall setup and all is good, almost. I am hosting virtual websites and DNS behind shorewall no problem. However I am trying to use SFTP via a different port number and have no luck even though Putty works well. Is there anything weird to sftp and shorewall? My lab uses a different firewall (firestarter) and it works OK. I am using; DNAT net