similar to: Routing problem ?

I see support in shorewall for the KAME-tools, how about strongswan ? I have setup shorewall 3.4.4 and strongswan 4.1.3, making this my vpn-gateway for the subnet behind it. # Shorewall version 3.4 - Zones File #ZONE TYPE OPTIONS IN OUT # OPTIONS OPTIONS fw firewall fil ipsec mode=tunnel mss=1400 net ipv4

Hello all, I have a problem with external access to a postfix mailserver running on my firewall as a mail-gateway. My setup with shorewall 2.2.0 rc4 is as follows: eth0 is zone isf - this is an intranet to other companies eth1 is zone loc - local network eth2 is zone net - internet, fix ip adress eth0 and eth1 are bridged shorewall version 2.2.0-RC4 ip addr show 1: lo: <LOOPBACK,UP> mtu

Shorewall 3.4.6 running on SuSE Linux 10.2 Compiling Rule Activation... Shorewall configuration compiled to /var/lib/shorewall/.restart Processing /etc/shorewall/params ... Restarting Shorewall.... /sbin/shorewall: line 665: 6782 Segmentation fault $SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart got this with V3.4.4, updated to 3.4.6 this morning, but that didn''t help.

I am using shorewall firewall. My firewall have two interfaces: External interface 192.168.9.254 and Internal Interface 192.168.1.1. I have a printer (HP) 192.168.1.200. I want to share my printer with PCs in subnet 192.168.9.*. I use static nat : /etc/shorewall/nat 192.168.9.250 eth0 192.168.1.200 No No And i open all ports for net to local:192.168.1.200 and all ports for

We have encountered a number of problems with our firewall recently, and the past 24 hours have left me quite concerned. Here is what we are seeing: 1. Original firewall, a PentiumPro/200 with 96Mb RAM, serving approx 500 client PCs for a 10Mb internet connection. Running Mandrake 9.2, we began seeing severe swapping a few weeks, with kernel mem usage exceeding 200Mb. Given an ip_conntrack

Hi, We have a shorewall firewall running on SUSE 10. We have three nic''s, Lan, DMZ and Internet. We also have a Cisco Pix 506e. We moved from sending all our traffic through the pix to using the Suse box yesterday. The PIX is in the DMZ, with a connection to the LAN switch, the idea being that VPN users can connect to the pix to the lan. The Pix is on the 10.0.1.x subnet, the lan is

Hi Andreas, I don''t know if the WRV200 is running freeswan or openswan. We use the newest US-version of the linksys firmware 1.0.32.2 from 2.5.2007. Another problem is in accessing the vpn-Gateway itself with ssh for instance, I get a freezing windows, whenever I tranfer more than just a few bytes. I can type my login-name and my password, then get a prompt ... but if I call,

Hello Tom, now here''s my dump file as .zip attachment, but named .txt, because the list-server rejected the .zip, then my second try (uncompressed) was rejected because of the size. What I was doing is connecting from remote side of an ipsec tunnel (behind gw 212.168.178.226), from a windows machine with 192.168.246.20 to the firewall-system (remote ip 217.19.188.182 / internal ip is

Hi, We have 2 offices interconnected with a VPN. This is the policy file in both of the Firewalls: fw loc ACCEPT loc fw ACCEPT #fw net DROP info fw net ACCEPT loc net DROP info loc vpn ACCEPT vpn loc

good day to you i have compiled evertything related to ip tables as modules, but still i get this error when trying to use /etc/shorewall/routes can someone tell me the spicific module i need to have? here are my info intranet linux # shorewall version 2.4.2 intranet linux # uname -a Linux intranet 2.6.12-gentoo-r10 #10 SMP Sun Sep 11 15:01:49 SAST 2005 i686 AMD Athlon(tm) XP 2400+

Believe me: Read the FAQ Checked over and over This might be toooooo stupid to be documented. Please bear with me. Any help ? Situation: single card standalone "firewall" (used like a "personal firewall"). Have sshd running on the FW. Want the sshd daemon to be accessible only from 2 LANs: 1) My other home LAN machine 2) IBM intranet machines (9.0.0.0) Whatever I have

Anybody know the proceedure to factory reset the a 7960 phone running 6.3 SIP software? I've tried holding # when booting the phone and nothing, i can do that on my 8.2 phone but this phone i just got with 6.3 isnt working. Also **# doesnt work either.. -- ~Shaun

I´m not suscribed to the list. Hi, i have a little intranet with 2 servers, both of them are running mandrake 10, one of them is dedicated as firewall and router, this one use shorewall 2.0 and has been configured like says on the quick guide for two interfaces. The other one is been used as webserver, mail server and ftp server. I used apache 2.0 as webserver. Thing is that i can access the

Does anyone know of a way to track TCP/IP traffic by TCP/UDP port and/or by process/daemon with CentOS? I know a variety of ways to track it in total (e.g., ifInOctets & ifOutOctets with SNMP), but I'm not sure how to be approach seeing traffic by application, port, or process. One option would be to write something that would sift through different stuff for each daemon (for example,

I am setting to a shorewall system with 4 NIC''s as per the outline specification below. Can anyone please have a look and let me know what I have missed and what I have got wrong as I want to take this system live ASAP but do not want to kill internet access and the hosting for too long ! I have listed below the system outline & have attached the config files that I have changed, if

I have been using shorewall and freeswan successfully for 3 or more years now. But they have all been using the Linux 2.4 kernel. My current configuration is (as the title suggests) using SuSE 9.1 which has a 2.6.5 kernel and freeswan 2.0.4 built-in. After much reading and a lot of trial and error, I did get this combination to work with Shorewall 2.0.9. It is happily talking to an older Mandrake

I have obviously done something on my system to cause it to no longer show Shorewall log entries in the syslogs, but for the life of me I can''t figure out what. Let me first give you some details about my config which will hopefully show why I think logging should be working, and perhaps you can tell me why it''s not. I am using version 2.0.9 from the debian sarge package

Hi. I''m migrating to shorewall(6) mgmt of my various firewalls. Simple configs have been easy with the great docs. I''ve got a slightly more convoluted config, and have gotten ''lost'' in config''ing a SNAT/DNAT/NAT + DMZ + Xen Host/Guest set up with Static IP/29. Having some challenges wrapping my head around the ''best'' Shorewall

Hey First, apologies if this went out twice. I sent the original email from an odd email configuration (essentially from an alias of what I signed up as). I searched and noticed that my post did not appear and I did not get a bounce back so I was confused. I waited a few days before resending. So apologies if this goes out twice. I am not trying to spam. I was hoping someone could help me with

We are trying to configure shorewall as follows: 1. We have shorewall running at gateway (172.16.1.1) with NAT. 2. We have a number of web servers (172.16.1.x/24). These web servers are accessed through port forwarding at the gateway (172.16.1.1) and websites are visible through virtual hosting through a web re-director. 3. Presently the proxy server runs in a transparent mode, i.e., all web