similar to: Hosting Starcraft games

Hi I'm trying to set up the dict/expiry plugins, but the dict server always tells me it can't find the modules although they should be there and compiled in. System is: Centos 5.2 64 bit, Using rpm from http://atrpms.net/dist/el5/dovecot/ dovecot --version 1.1.3 Relevant config: dict { quotadict = mysql:/etc/dovecot-dict-quota.conf expire = mysql:/etc/dovecot-dict-expire.conf }

Hello, I have 2 ISP uplinks (zones: inet1 and inet2), each with a fixed IP on the outside and a routed subnet (/25 and /26) on the inside. So, behind the firewall i have 2 networksegments (lan1 and lan2) with public IP-addresses. The segments are completely isolated from eachother: hosts in zone "lan1" connect only to "inet1" and hosts in zone "lan2" only connect

I have the following situation: A Linux 2.4.22 server: Physical ethernet: lan1 - Ethernet port (Internet) lan2 - Ethernet port (Cisco Switch, Trunk port) Tunnel: tap1 - OpenVPN in tcp-server mode VLAN's: lan2.201 lan2.202 lan2.203 tap1.201 tap1.202 tap1.203 Bridges: br201 (lan2.201, tap1.201) br202 (lan2.202, tap1.202) br203 (lan2.203, tap1.203) On the other end, the same type of server:

This article describes how to implement "Port Knocking" in Shorewall. http://shorewall.net/PortKnocking.html -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key

Thank you for your support. The next question: Is there a kind of common chain applied before ACCEPT policy? I want to DROP or REJECT Netbios traffic on most interfaces but do not want to repeat those rules in the rules file. Thanks, Boi -----Th?ng ?i?p chuy?n ti?p----- > From: Tom Eastep <tmeastep@hotmail.com> > To: Le.Hong.Boi@sg.netnam.vn > Subject: Re: Shorewall 1.4.6: common

here is my config file - # Samba config file created using SWAT # from ws09573.rb.net (10.27.52.177) # Date: 2002/10/08 10:25:55 # Global parameters [global] client code page = 437 workgroup = domain1 netbios name = server1 server string = ares interfaces = lan4 127.0.0.1 bind interfaces only = Yes security = DOMAIN encrypt passwords = Yes update encrypted = Yes allow trusted domains

Hello! We''re using Shorewall 1.4.2 and running into an interesting problem when we try to enable logging of traffic that netfilter classifies as "related" to an existing connection: there doesn''t seem to be a way to do it. Places where we''ve run into this problem are: (1) Attempting to log individual active or passive FTP data connections separately from

breakdown of what iam doing ok i have access to 6 ips and i want to run all of them through my firewall ifconfig eth0 209.159.32.162 netmask 255.255.255.0 up ifconfig eth0:1 209.159.32.163 netmask 255.255.255.0 up that sets up the network card to have 2 address well in shorewall i tried to add eth0:1 to my interfaces well it says that Determining Zones... Zones: inet inet2 loc cust vpn1

e.g. string-matching CodeRed or Nimda viruses before they hit your Web server. The following rules achieve this: # DROP HTTP packets related to CodeRed and Nimda # viruses silently iptables -t filter -A INPUT -i $EXT_IFACE -p tcp \ -d $IP --dport http -m string \ --string "/default.ida?" -j DROP iptables -t filter -A INPUT -i $EXT_IFACE -p tcp \ -d $IP --dport http -m string \

In the docs at http://www.shorewall.net/Shorewall-perl.html, "Your ipsets must be loaded before Shorewall starts. You are free to try to do that with the following code in /etc/shorewall/start" implies that code in /etc/shorewall/start is executed BEFORE Shorewall starts. In the default /etc/shorewall/start # /etc/shorewall/start # # Add commands below that you want to be

Hi all !! I would to like to mark and route some kind of traffic (ie: outbound www, now by simplicity) ---inet1--------eth0------------| | | linux | --eth1------- clientes ---inet2(90.0.0.1)--------eth2-| | I have eth0 and eth1 bridged (eth2 is not bridged). I would to route www outbound clients

Hi all !! I would to like to mark and route some kind of traffic (ie: outbound www, now by simplicity) ---inet1--------eth0------------| | | linux | --eth1------- clientes ---inet2(90.0.0.1)--------eth2-| | I have eth0 and eth1 bridged (eth2 is not bridged). I would to route www outbound clients

i am trying to setup our hp unix server with samba 2.2.5 to authenicate via our ad user directory. Our NT structure is setup as follows: Active directories in mixed mode - 6 domain controllers one BDC here is a copy of my samba.conf # Samba config file created using SWAT # from ws00478.rbinc.com (10.27.52.184) # Date: 2002/10/04 08:38:08 # Global parameters [global] client code page = 437

hi, there is no support for patch-o-matic netfilter modules. what i have to do if i want to use several patch-o-matic modules? which parts of code has to be changed and will that changed be included into the main shorewall tree in future or not? best regards claus

I am having an issue with winbind/samba and my groups. when I type the following: $ groups ntdomain\\jfountain I get the following nothing. When i type this (logged in as jfountain) $ groups I get the following: $ 50000 I am assuming this means domain admins. when i type $./wbinfo -r jfountain I get the following: 50016 50017 50018 50019 50020 50021 50010 50022 50023 50000 I

Hi All! Been quite a few years and lots of water under the bridge but here I am back! I have a customer that has now decided they need a bit more bandwidth over and above their fixed line! They are not in a good area for ADSL because of copper theft and being a bit to far from the closest DSLAM! They have installed a wireless link and I have made certain that put it behind my simple iptables

How do I allow traceroute to reach my server? Pings work fine but traceroute stops at the last hop before my server. If I shut off the firewall it reaches it fine. PING danicar.net (24.222.246.120): 56 data bytes 64 bytes from 24.222.246.120: icmp_seq=0 ttl=237 time=104.0 ms 64 bytes from 24.222.246.120: icmp_seq=1 ttl=237 time=74.9 ms 64 bytes from 24.222.246.120: icmp_seq=2 ttl=237 time=90.6

I have a script for dual internet connections that does this: ------------------------- #!/bin/bash IF1=eth1 IP1=203.219.190.106 P1=203.219.190.105 P1_NET=203.219.190.104 IF2=eth2 IP2=220.245.224.46 P2=220.245.224.45 P2_NET=220.245.224.44 IF0=eth0 P0_net=192.168.0.0 TABLE1=inet1 TABLE2=inet2 ip route add $P1_NET dev $IF1 src $IP1 table $TABLE1 ip route add default via $P1 table $TABLE1 ip

I know winbind (i think) is working fine. i can log into a unix box with my NT userid but when i try to access shares on my samba server, i get these errors: [2002/10/23 08:47:01, 0] lib/util_sec.c:(111) Failed to set gid privileges to (-1,-2) now set to (0,0) uid=(0,0) [2002/10/23 08:47:01, 0] lib/util.c:(1092) PANIC: failed to set gid [2002/10/23 09:17:08, 0] lib/util_sec.c:(111) Failed

hi list, oh it''s not really a problem. Each time i fire shorewall, i run a custom iptables script: (for the openvpn machines to have route back from my bridge/fw - $SOURCEIP is the ip of my OpenVPN/Fw/bridge) iptables -A POSTROUTING -t nat -s 10.8.0.0/16 -j SNAT --to-source $SOURCEIP i wish to better integrate it within shorewall, so is there any config files that could achieve the