similar to: One NIC, filtering access

For those of you going to LinuxFest, I''ll be speaking today at 10:00 in G-106. And if you miss the talk but see me wandering around the campus later, don''t hesitate to flag me down to say "Hi". -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net

This one is really throwing me. Thanks in advance for any advice. I''m working on a 4 port firewall system. It is running heartbeat+drbd. Primary box looks like this: eth0 -> net/cicso router 192.168.144.2/29 eth1 -> drbd/heartbeat crossover cable 192.168.254.253/30 eth2 -> dmz 192.168.144.10/24 eth3 -> loc 192.168.101.2/24 The IP''s

Hello - I am not a subscriber to the mailing, please email me with help at mfabache@yahoo.com My shorewall (v2.0.1) has been working wonderful for the past year. I just added my Vonage and cannot get the Phone Adapter to sync up (2 blinks (looking for IP)) All I have done is run an ethernet cable from the WAN outlet on the phone adapter to a lan port on the router. After googling, I found

Hi all, I have set up a working OpenVPN2 connection between my Server and my gateway at home. Now I want all traffic to be routed through this VPN connection. Currently everything is going through eth1 to the internet (to the gateway of the University which forwards it to the internet :-). We must use a prox-server and because of this I am not abel to watch the real-Media streams on

I''m running a Fedora Core 1 Samba server and Shorewall 2.0.1 Connections to Samba shares from both loc hosts and the fw host are usually impossible, unless I boot the Server and connect a loc machine to a Samba share before starting Shorewall. This requires manually toggling the startup_disabled filename and starting Shorewall manually after each boot. I used the two-interface

Hello, I''ve checked the FAQ, and it tells that there is a GUI interface , does that applis to version 1.4 as well as version 2.0 Sorry if it is a silly question, but just wanted to be sure Kind Regards Samer _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it''s FREE!

I would like to place an exchange 5.5 server in my DMZ. Can anyone tell me how I can set this up to allow LAN clients to be able to connect to Exchange and also so I can admin the box from the LAN with Terminal Services? Thank you.

First of all, My apologies for this maybe slight OT post, but I have so much confidence and read so much good replies on this list, that I am still asking my question. I''m looking for a linux distribution to use on our school''s homemade routers. The routers are small miniITX based systems with 2 network interfaces. I added a 4 port D-Link network card in some cases, when I

I am a new user of shorewall, and am having some difficulty getting it set up on a new Fedora Core 3 system. When I run the shorewall script in the /etc/init.d the following errror message is received. tarting shorewall: ./shorewall: line 26: 10555 Terminated $exec start >/dev/null 2>&1 [FAILED]

I just setup the Shorewall in my school, but now all clients can''t through to internet, all servers can through to internet with NAT, when I disabled NAT that all servers can''t through to internet. Below is my school network: internet ---> shorewall ----> loc ---> ciso router ---> loc1 Below is my config files: policy: # If you want to force clients to

Im new to shorewal but have read the docs includint the ping section of the FAQ but I cant seem to get the fw to respod to pings.... my policys are ... loc net ACCEPT info net fw ACCEPT info loc loc ACCEPT info fw net ACCEPT info net all DROP

1 small question i have 4 network cards on my firewall eth0 inet eth1 internel network eth2 customer network eth3 freeswan vpn is there a way that i can connect the eth2 and eth1 network together so that i can access the servers off eth1 from eth2? Marshal McInnis Tech / Web Designs 1-205-344-4455 Ext 208

Tom, I am NOT subscribed (yet). I dropped SuSeFirewall2 in favor of shorewall to get past the configuration hurdles I as experiencing. At the moment, when my SuSe 9.1 starts up, I can see shorewall processing the rules, policies, etc. and I see no errors and then moves on with the rest of the SuSe boot process . However, no traffic passes through using the rules. I run an iptables -L and I

Hello, on my old system I''m using ipchains. Can anyone help me with converting rule /sbin/ipchains -A forward -j MASQ -s source_addr -d destination_addr 443 -p tcp to shorewall. I know that I can write eth0 source_addr to /etc/shorewall/masq file but I can''t found where I can specify the destination address. The reason for this is to allow one user (computer) access only to

I did some looking on the mailing list archives and can''t seem to find exactly what I need, I''m also having troubles figuring this out on my own, so if anyone has any advice, tips, whatever, that would be great. I''ve got a machine with 3 network cards in it, one for a DMZ (with 3 machines on a switch each with a real IP address), one for the local network on a

Hi, I''m having problems with new Shorewall installation on Fedora Core 3 (had same problem with Core 2 and upgrade did not help even iptables was upgraded from 1.2.9 to 1.2.11). I''ve followed two nic example, but starting Shorewall drops all connections and don''t permit any outgoing requests, even with "all allowed" policy. Policy file is below. Current setup

I have been given a set of "firewall rules" to open my firewall for DCC to support my spam filtering. (I have done many web searches trying to find info relating to DCC with Shorewall, to no avail. The problem is that I am clueless on how these "rules" translate into the shorewall rule format. Could someone please help me translate these? allow udp local gt 1023 to remote

Hello, First let me say how much I appreciate Shorewall. I just downloaded shorewall-1.3.14.tgz, built and installed it without error, and had it working with only minimal fiddling with the config files. I''m having trouble getting NFS to work with Shorewall. I followed the info on the "Ports required for Various Services/ Applications" page but I couldn''t get it to

Hi, I am using Shorewall in Adamantix. At the moment everything flow fine, my question is that how can I filter the access by computer mac address, I had read the documentation maybe I am ''stupid enough to spot the guide, if so please show me''. What is the rules line if I want to 1. limit ~01-01-01-01-01-01,~02-02-02-02-02-02,~03-03-03-03-03-03-03 to access 202.202.202.202

Hi, I''ve installed Emule (p2p program) on my client box but I can''t access the servers due to the firewall. I''m getting this blocking errors: Jan 22 01:26:07 servidor kernel: Shorewall:net2all:DROP:IN=eth1 OUT=eth0 SRC=213.22.49.86 DST=192.168.0.3 LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=50538 DF PROTO=TCP SPT=46408 DPT=4662 WINDOW=5840 RES=0x00 SYN URGP=0 My rules file