similar to: Question about ip_forward in clear_firewall

Hey all, I'm trying to swap to CentOS and I have just about everything working except ip_forwarding. I have FORWARD_IPV4="yes" in my /etc/sysconfig/network file but /proc/sys/net/ipv4/ip_forward does not = 1 (also tried to set it to ="true" and just =true). All the firewall (iptable) rules are in place. Why won't ip_forward stay enabled? I'm using the latest DL

Hello, I have a pretty standard two-interface setup with masquerading, so the local network can connect through the firewall to the Internet. On the firewall box (trevor), eth0 is connected to a cable modem and eth1 is connected to the local network via a crossed cable. There is one other machine on the local network (brian), whose eth0 is at the other end of the crossed cable. I used to have

I have followed the instructions at http://shorewall.net/FAQ.htm#faq2 along with some coaching on IRC from _Omache to get a machine (with IP address 66.93.22.233) to forward all port 25 traffic to another host in my network (with IP 66.93.22.254). This has not worked. I have tested by trying `telnet 66.93.22.233 25`, expecting to see the SMTP banner on 66.93.22.254. Of course, I don''t

Hi all, This is your standard "I can''t *see* the internet" problem, except I think I''ve exhausted all the standard solutions. The only thing different is that my house experienced a power outage and now (after the FW rebooted) local machines can''t "see" out. I''ve got a 2-interface setup, using Shorewall 2.0.15 (installed via Debian).

Hi, i have one firewall/gateway server with two interfaces and a routing problem (?). eth0: external interface eth1: internal interface. Both ip address are valid. Services like DNS, HTTP is configured to run using eth1 ip address. The problem is when i try to connect from internet to firewall, i can´t see eth1 ip address... only eth0 ip address. So, when i try to connect to web

Hi, Sorry, not an experienced shorewall user, this is my first basic setup. This starts to drive me crazy. I wanted to use DNAT to forward port 33890 to an internal machine (windows) port 3389. To reach my workstation when I''m not home. In my rules : DNAT:debug net loc:192.168.0.11:3389 tcp 33890 - pub.lic.ip.add #SECTION BLACKLIST #well known port scans DROP net

I thought that the below email would be of interest to LARTC readers. I wasted quite a bit of time tracking down this "feature" (bug?). Any comments that shed light on this would be appreciated. In short, "tc filter" + htb + bridging works only with ip_forward off. Andrew Athan ----------------------------------------------------------------------- All: It seems that

Is there a way to add a rule to the nat table (CentOS 5.7) that would alter the port number of tcp packets destined for the server itself? I have ip_forwarding enabled, but the packets don't seem to hit the prerouting chain. I have the following redirect rule in the prerouting table. I also tried DNAT, but if the packets don't hit PREROUTING, it won't work either. iptables -t nat

https://bugzilla.netfilter.org/show_bug.cgi?id=531 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |netfilter at linuxace.com AssignedTo|kaber at trash.net |netfilter-buglog at lists.netf

https://bugzilla.netfilter.org/show_bug.cgi?id=531 Phil Oester <netfilter at linuxace.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #2 from Phil Oester <netfilter

I''m trying to use my VPS server (single interface of course) as somewhat of a VPN gateway to my other location (which is not accessible directly from some places) where the openvpn server is running, and am kind of lost as to what to try next. I tried a redirect rule, but apparently shorewall didn''t like that (it just failed to start). I tried adding the rules via

Sorry, I guess I haven''t looked passed "Otherwise". All the exact output in the attached file. Ping to the same address from firewall works perfectly A added a few unnecessary ACCEPTs to the 2-zone setup etc after I could not get the ping through the first time Cheers Alex

Hi I have a problem with Shorewall on my two-interface connection. I run Debian unstable. The setup looks like this: Internet -------- router ------- server 213.237.12.137 192.168.1.3 192.168.1.2 192.168.0.7 --- local net 192.168.0.{...} I can ping the server from the local net, and the local net from the

Our phone operators work off of an Asterisk queue. They take calls from customers and take orders with our back end systems. What I need to be able to do is tie the orders taken to the specific CDR record that reflects the call from which the order originated. The typical/sample CDR table doesn't have a primary key. I can add an auto-generated PK, but the CDR is not written until the

A user has encountered a NULL pointer kernel oops in btrfs when encountering media errors. The problem has been identified as an unhandled NULL pointer returned from find_get_page(). This modification simply checks for a NULL page, and returns with an error if found (the extent_range_uptodate() function returns 1 on errors). After testing this patch, the user reported that the error with the

I have a debian woody machine acting as a firewall for a small network. I am trying to do a simple DNAT to port 80 on the protected webserver and masquerade all traffic from the protect subnet outbound. After having read the FAQ and various posts regarding problems with DNAT I''m afraid I''m no closer to a solution. Based on the output from "shorewall show nat" I

The error message is the usual panic error - 3.0.11 and FreeBSD 4.8. Samba 3.0.8 ran fine with the same config (admittedly there were a few roaming profile sync related crashes, which is why I was upgrading). Now however I can't even connect - it crashes immediately, respawns and crashes again. My Samba server is a domain member of a Win2003 domain controller used for roaming profile

that was my first idea. and how should an other user know which number he should dial? user a: soft phone extension 100 hardware phone extension 101 On 06.02.19 15:25, Mitch Claborn wrote: > You can do this in the dial plan. Register the devices separately and > include both addresses in the Dial() command. > > > Mitch > > On 2/6/19 8:16 AM, basti wrote: >> In

To all, I''ve just recently finished my "Security Gateway Server" project which separates a 10 laptop WLAN subnet from our main LAN/Internet network. I used Debian Sarge with kernel 2.6.9/ipsec-netfilter patched, and Shorewall 2.2.0-RC3 on a Asus P4S533, 2.4 GHz PenIV and 512MB memory. The Toshiba A60-S166, PenIV, 2.4G laptops run Windows XP Pro and have internal Atheros based

Asterisk 16 latest DAHDI 3.0.0 latest Excerpt from chan_dahdi.conf is shown below. I'm trying to enable fax detection on inbound calls so that I can take appropriate action in the dial plan. "dahdi show channel 1" shows "Fax Handled: no". Does that mean that I don't have it configured correctly? [channels] ; Span 1: WCTE2/0/1 "WCTE23X (PCI) Card 0 Span