Displaying 20 results from an estimated 400 matches similar to: "Wild cards in "shorewall add" command"
2007 Apr 27
1
Write text in the
Hey Felix,
So basically what you want is a figure containing a block of four plots, with a main title for the figure? If that's the case then something like this should work:
# BEGIN CODE #
par(oma=c(0,0,1,0), mfrow=c(2,2))
for(i in 1:4){
plot(NA,xlim=range(0,10),ylim=range(-5,5))
title(paste("Plot ",i,sep=""))
}
par(mfrow=c(1,1), oma=c(0,0,1,0))
mtext("Main
2005 Jun 26
12
Vpn Trouble
I am trying shorewall as my previous post With alisias on eth1 loc and 4
pptp client vpns.
The odd thing is when I enter one of the vpns in interfaces such as vpn1 it
works.
But if I enter the vpn in the hosts file shorewall blocks the vpns.
shorewall/hosts
#ZONE HOST(S) OPTIONS
loc eth1:192.168.25.0/24
loctw eth1:192.168.50.0/24
locsa eth1:192.168.75.0/24
vpntw
2003 Aug 13
3
a solution to pppd random interface name ?
Hi,
I have multiple ppp interfaces that does not correspond to the same
network usage. Do you know anything about trying to set definitively the
ppp+ name ? or anything to adapt automagically iptables to the real
network which is behind each ppp+ interface ?
I''ve tooken a look into the IFNAME env var... but it doesn''t seems to
work :c/
regards,
--
BeTa
2003 Jan 25
4
multiple ssh tunnels needing different rules
I have a firewall running Shorewall 1.3.13-1 from rpm on a redhat 7.3
box. The box has three nics assigned to zones loc net and dmz. We also
have multiple vpn links accomplished via ssh tunnels, These links all
come from dynamic IP addresses with known private subnets behind them.
There are basically two types of networks these vpns connect, one with
access to almost everything and one with
2004 Dec 05
13
Adding dynamically more than one host at once?
Hi,
it seems not to be possible to add more than one host at once to a zone.
So
shorewall add br0:eth0:192.168.2.10,eth0:192.168.2.11 work
fails, since "br0:eth0:192.168.2.10,eth0" is interpreted as one interface.
--snip --
iptables v1.2.9: interface name `eth0:192.168.2.10,eth0'' must be shorter
than IFNAMSIZ (15)
Try `iptables -h'' or ''iptables
2009 May 29
5
CONNMARK target and connmark match support in Ubuntu kernel
Hi,
as per the shorewall MultiISP documentation ( http://www1.shorewall.net/MultiISP.html
), it says
"Use of this feature requires that your kernel and iptables include
CONNMARK target and connmark match support (Warning: Standard Debian™
and Ubuntu™ kernels are lacking that support!)."
it means MultiISP wont work properly if i am using Ubuntu server. if
yes whats the
2004 Nov 06
2
Upgrade from Hell
For those of you running SuSE 9.1, I do not recommend upgrading to 9.2
at this time.
Refer to http://shorewall.net/myfiles.htm for information on my
configuration:
a) On Ursa:
1) After the upgrade, both of the NICs were recognized as "configured"
in YAST yet neither of them would start; ifup claimed that no
configuration could be found for either interface. Only got them running
2004 Mar 24
2
multipath routing
I have a private lan that is connected to the world via 3 dsl lines. I put
up a linux box that handles all the dsl lines, lan gateway and all is
working well...until...one of the dsl lines goes down. My routing table is:
x.x.x.x dev ppp0 proto kernel scope link src x.x.x.x
x.x.x.x dev ppp1 proto kernel scope link src x.x.x.x
x.x.x.x dev ppp2 proto kernel scope link src x.x.x.x
2004 Feb 13
6
Error: Rate Limiting only available with ACCEPT, DNAT[-], REDIRECT[-] and LOG
I think it would be nice to be able to rate limit an action, too..
suppose I have an action named Accept_good_source :
ACCEPT - - tcp - 1024:65535
ACCEPT - - udp - 1024:65535
and that i want to use it in an action called AllowCVS,
i can''t limit the cvs usage, but only the general use of
Accept_good_source...
same goes for userset...
as each rule will give one iptables command,
I
2011 May 24
1
L2TP ppp+ when using ppp0 for WAN
Hi, i connect to the internet over my eth4 interface using pppoe.
The internet always comes on ppp0.
I am trying to setup an L2TP/IPSEC VPN and i am reading http://www.shorewall.net/IPSEC-2.6.html#RW-L2TP
I notice in the example the interfaces file is given as:
#ZONE INTERFACE BROADCAST OPTIONS
net eth0 detect routefilter
loc eth1
2003 Jan 15
5
HTB. QoS and Shorewall
Group,
I am reading about tc (traffic control) and willing to get my feet wet. As requirement, there should be HTB compiled in the kernel. I grabbed a Mandrake 8.2 distro, and didn''t installed the kernel source.
Anyone knows if the HTB is compiled in Mandrake 8.2, or point a way to find that out? I tried to read the /usr/src/kernel.xxxxx/.config file, but it doesn''t exists.
2004 Oct 01
4
Re: Error: Your kernel and/or iptables does not not support policy match: ipsec
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
claas@rootdir.de wrote:
> Hello,
>
>
> I am trying to get ipsec with kernel 2.6.8.1 and shorewall 2.1.9 running,
> but I still have a problem:
>
> Validating hosts file...
> Error: Your kernel and/or iptables does not not support policy
match: ipsec
>
> I had a look for netfilter patch-o-matic, but I did not find the
2004 Sep 29
12
SPF screening implemented at shorewall.net
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Over the past weekend, I added SPF screening on the MTA at
shorewall.net. SPF is a mechanism for a domain to use DNS to publish a
list of those IP addresses that are used to send legitimate email from
that domain. A receiving MTA can use that published information to
determine if email from a domain is being sent through an MTA belonging
to that
2003 Mar 23
12
Shorewall 1.4.1
This is a minor release of Shorewall.
WARNING: This release introduces incompatibilities with prior releases.
See http://www.shorewall.net/upgrade_issues.htm.
Changes are:
a) There is now a new NONE policy specifiable in
/etc/shorewall/policy. This policy will cause Shorewall to assume that
there will never be any traffic between the source and destination
zones.
b) Shorewall no longer
2005 May 18
3
odd line in current CVS for firewall
>From a diff of my current shorewall firewall script with the new one
from the CVS today :
$ diff -w /usr/share/shorewall/firewall /usr/src/shorewall/s/firewall
[...]
673c910
< for network in $networks; do
---
> for networks in $networks; do
I don''t think that "for networks in $networks" works well.
--
-IAN! Ian! D. Allen Ottawa, Ontario,
2005 Jan 31
3
multiple pppoe connections
My Internet gateway is using ADSL PPPoE connection with dynamic public
IP assigned by ISP. My Internet gateway is Redhat AS3 U2, shorewall
2.0.9
As my ISP provided 4 simultaneous pppoe dailup connection for the same
physical adsl line. My linux server can be configured for multiple
pppoe connection i.e. ppp0, ppp1, ppp2, ppp3
Is it possible of shorewall to assigned say
ppp0''s IP is
2005 Sep 29
7
need help on multiple isp routing
i''ve read your http://lartc.org/howto/lartc.rpdb.multiple-links.html article
as well as Advanced IP Routing (esp. chapter 10.4) and still unable to make
this thing work. am i that helpless? :)
is there anyone to guide me through the multiple ISP setup?
into details. i got 2 dsl connections from different ISPs (A and B), both
connections use PPPoE, both got assigned with dynamic IPs
2009 Jan 06
9
Test
Given that a 4-day silence on this list is almost unprecedented, thought
I had better send a test post. Apologies for the spam.
------------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It is the best place to buy or sell services for
just about anything Open Source.
http://p.sf.net/sfu/Xq1LFB
2008 May 13
2
ppp interfaces for both loc and net
Hi,
I''m in a process of setting up a firewall system, which is going to be
also an ipsec/l2tp and pptp vpn server for some mobile clients.
The problem is, that the system has two ISPs a cable one (no problems
here) and a DSL provider. Because of the DSL provider the system is going
to have one pppN interface for DSL (net zone) and many pppX interfaces for
l2tp/pptp (loc zone)
2004 Sep 03
2
problem with a router machine
Hello everyone:
I have a problem with the shorewall configuration. Let''s me tell you. I have
installed shorewall 2.0.4 into a machine with 2.6.8 kernel. This machine
works like a software-router: it has 2 netcard
eth0 goes to the local network 192.168.0.0/24
eth1 is an interface for ppp0 (there is an ADSL conected)
I have defined the Network Zones (net, loc);
The Network Interfaces