similar to: Off topic

Hallo Juergen, hoffe das ich Dich auf diesemm Wege ausfindigig gemacht habe. Wenn Du der Richtige bist (aus Salzgitter), dann melde Dich doch mal. Grüße von Familie Horak

Hello, I have searched the list but couldn''t find the right answer. I want to drop an established DNAT connection but could not manage it yet. Someone earlier said to bring down the public interfaces, stop shorewall, bring up the public interface and then start shorewall again but this won''t work. I also saw a message from Tom that someone then should unload all iptables

How would i allow xwindows and xdmcp through would it be ACCEPT net -> fw all 117 and ACCEPT net -> fw all 6000:6100 ? and for that matter how would i stop x traffic from leaving the fw machine? REJECT fw -> net all 6000:6100 ?

This is a bug-fix roll-up. Problems corrected since 1.4.6: 1) Corrected problem in 1.4.6 where the MANGLE_ENABLED variable was being tested before it was set. 2) Corrected handling of MAC addresses in the SOURCE column of the tcrules file. Previously, these addresses resulted in an invalid iptables command. 3) The "shorewall stop" command is now disabled when

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 1.) This is just a curiousity question. And I don''t know if this a Gentooism or not. In regards to when a package is determined "Stable". Shorewall is my example. I''m running Gentoo linux and I have it setup to only allow "emerging" of "stable" pkgs. "I have no idea how they (Gentoo, or the

Hello, I''ve "emerged" Shorewall 2.0.7 onto my Gentoo pc. Going through the 2 interface quickstart guide I download the 2.0.1 interface sample and untar it. "tar -zxvf two-interfaces.tgz" Maybe a dumb question but I can''t find anything on Google or the Shorewall mail archives that say anything about this. So I''m assuming its me. :P But the

I regret to announce that effective immediately, I will no longer be answering Shorewall questions during local business hours. I normally work from 7:00AM - 4:00PM, Pacific Time (GMT -0800). -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net

Which CPU is best for Shorewall, a PIII-450 Celeron or a PII-266??? ================================== Joakim Hellström Chief System Engineer United Computer Systems Scandinavia AB Klostergatan 56 S-582 23 Linköping, SWEDEN Phone 1: +46 (0)13 13 97 92 Phone 2: +46 (0)13 13 96 00 (recep.) Fax: +46 (0)13 13 97 35 GSM: +46 (0)708 13 97 35 URL: http://www.ucs.se

The kernel has just been upgraded on my server to 2.4.24 by the datacenter, but I noticed in the messages log the following messages when restarting shorewall: Jan 7 11:24:00 hera modprobe: modprobe: Can''t locate module iptable_nat Jan 7 11:24:00 hera modprobe: modprobe: Can''t locate module iptable_nat Jan 7 11:24:02 hera projnet1: Shorewall Restarted Should I be worried?

Hi Tom, It works fine without modify a lot the config. Just have add a virtual adress 10.0.100.2 in loc and a dnat between 10.0.100.2 and 10.1.100.2. Shorewall is very very powerfull. Super Thank''s again Franck

Hello, I''ve shorewall running a three interfaces firewall (net, loc, dmz) and I''ve got performances problems. My measured bandwidth from internet is up to 6.8 Mb/s, and I "only" get 3.5Mb/s on my LAN and 5Mb/s on my dmz. I checked with iperf, and all my interfaces (eth0, eth1, eth2) can actually work at 10 Mb/s. I tried disabling all the rules from loc to net

Hi all, I have seen many posts on the Shorewalllists dealing with H323. Although lots of them indicated that this is difficult process with kernelrecompilation etc. I just tried what seemed to be logical for me. Surprisingly it worked. Configuration: WS1 ----- FW ------ Internet ------- WS2/Shorewall WS1, FW and WS2 run Redhat9 with its standardkernel 2.4.20. FW and WS2 run Shorewall

We have encountered a number of problems with our firewall recently, and the past 24 hours have left me quite concerned. Here is what we are seeing: 1. Original firewall, a PentiumPro/200 with 96Mb RAM, serving approx 500 client PCs for a 10Mb internet connection. Running Mandrake 9.2, we began seeing severe swapping a few weeks, with kernel mem usage exceeding 200Mb. Given an ip_conntrack

Hi! Shorewall Users May I know ..what does it means ? Nov 5 12:43:34 netgw kernel: Shorewall:newnotsyn:DROP:IN=eth0 OUT= MAC=00:05:5d:4e:fc:62:00:d0:95:7a:d5:f1:08:00 SRC=210.59.230.239 DST=211.24.146.50 LEN=52 TOS=0x00 PREC=0x00 TTL=48 ID=36787 PROTO=TCP SPT=80 DPT=20291 WINDOW=65160 RES=0x00 ACK FIN URGP=0 Best Regards, Support

I have allowed ALL of the local users to ping the internet but they currently get the following error and cannot access the internet ! I know it is something I have done wrong (I think it is a routing problem but just cannot find out what) The error is:- Reply from 212.219.13.74: destination host unreachable. My eth1 is 10.0.0.1 and the users can ping that OK My eth0 is 212.219.13.74 (connected

This is probably more of an IPTables question but... Is there any experience with using as gateway/firewall for a larger office, with 50 or more users, mail and web server? Thanks

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The server rebuild was a complete failure. For some reason, neither FC3 nor SuSE 9.2 like the graphics card in the box. I have reinstalled the old hard drive and the server is back on line. - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net

Hello, I am reaching out for a problem I have seem to hit wall on. I am trying to build a rare event model:- Default event occurred in NY/NJ area. Some key statistics: 138 default aka 4bp (.04%). Obviously my logistic and robust logistic models are failing Hosmer GOF tests and so I am thinking about bootstrapping data. I found a great read on R-help, but I was wondering if someone can help me

Hi, I am using Shorewall 2.0.6 on Debian with iptables 1.29. Before I was using Shorewall 2.0.3 and If work correctly, I am not sure that my problems begin after upgrade to 2.0.6, but my problem is that I can''t see some websites on the pc clients ( such as www.microsoft.com ), but some websites yes ( they are not in the pc cache ). My config is Shorewall as gateway/router of

Hi, I run two live c-class subnets on the internet. Last Sunday morning I was hit with a DDoS attack and it hasn''t stopped. I made modifications on my shorewall firewall during Sunday to lesson the impact, as they were hammering me with 180k/5sec traffic both ways (inbound and outbound). One of the primary things which helped reduce their DDoS was enabling "norfc1918" on the