similar to: Shorewall2 - Action commands

I am getting the following message when Shorewall stops can anybody shed any light on this message and where I should be looking? Thanks root@bobshost:~# shorewall stop Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Stopping Shorewall...Processing /etc/shorewall/stop ... IP Forwarding Enabled

I''ve gotten the basic code working on my firewall. So that I can quickly get back online if I screw up, I''m currently calling it shorewall2. That way if it screws up I can just "shorewall restart". /sbin/shorewall2 -- command interpreter /etc/shorewall2/ -- configuration files /usr/share/shorewall2/ -- shared files Both Shorewall and Shorewall2 use the

Hi all, I was trying to test ROUTE specific code with a multi-isp serviced box. There is a bug somewhere, but I''m not able to understand what the real problem is: when I issue a "shorewall show capabilities" I get: Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules... Shorewall has

Hi! I don;t know what i am doing wrong because i have still Low ID on aMule. I have action.AllowaMule and accept tcp 4662:4771 and udp 4672. Thanks, Mitja

Currently I have shorewal 2.2 installed om my debian 2.6.8 kernel. The firewall machine can access the internet via a ethernet modem fine. The firewall can ping the local network. The local network can ping the firewall server, see the samba files. Howeven teh local network cannot access the internet through the firewall Any suggestions? Rob van Overbruggen Settings and stats: Server: Eth1 :

Hi all, I have a problem with a new Shorewall box I''m trying to migrate from iptables rules to shorewall 2.2.0. I have a 3 interfaces setup: - eth0 ---> internet (ip address) - eth1 ---> remote office (10.0.0.0/8) - eth2 ---> lan (192.168.16.0/24) I''m using a very simple and common setup, with just a few DNAT rules in my /etc/shorewall/rules file, and about twenty

I am running a Redhat FC2 server, which runs postfix for mail, Squid for proxy and samba as Domain Controller and file server. I installed shorewall-2.1.11-1. In the shorewall rules /etc/shorewall/rules I added the following for samba ACCEPT LAN $FW:192.168.100.1 tcp 139,445 ACCEPT LAN $FW:192.168.100.1 udp 137:139 ACCEPT LAN $FW:192.168.100.1 udp 445

Hi all, I''m using Gentoo Linux Distribution and I''ve upgraded my firewall from Shorewall 1.4 to 2.0.4, however my LANs stop having internet access. I have a server with shorewall 2.0.4 installed and 3 interfaces. eth0 and eth1 are interfaces to a LAN and to my laptop and eth2 is the net interface. I have masq like: eth2 eth0 eth2 eth1

I use shorewall 2.0.9 I have a mac filter running on my eth2(wifi) 192.168.0.1 is eth1(loc). My policy file allows trafic from wifi to loc and loc to wifi. Also fw to wifi and fw to loc. I also use AllowSMB loc to fw and AllowSMB wifi to fw. Any ideas? Shorewall:eth2_mac:REJECT:IN=eth2 OUT= MAC= SRC=192.168.0.1 DST=192.168.1.255 LEN=241 TOS=0x00 PREC=0x00 TTL=64 ID=6188 DF PROTO=UDP SPT=138

Hello, I''m working in configuring a very restrictive firewall to stick between our techroom and our internal network. Basically nothing should be allowed into the techroom and only a limited amount of traffic is to leave the techroom. Below are a few log entries I looking to get explained. DHCP is handled by the firewall, DNS is handled by servers side our techroom. my rules file

Hello, You will find in attachment the layout of my current physical configuration. For now, the Cable ISP is not used. Since it is a dynamic ISP, my mailserver is rejected and my domain name registers on blacklists like ORDB and al. I want it to be used as a default gateway except for my mail server that would be seen as coming from my "honest" ADSL ISP. Here is

Hi, I have a working test install of Shorewall 2.0.7 on a 32 bit install of Gentoo, it''s working like a champ, so i am making an install on a nice new Opteron server, using 64bit Gentoo. I have run into a problem which going by your FAQ might be due to a missing module, but after a couple of hours of fiddling I''m stumpted - I can''t see any options in the 2.6.8 kernel

Hi, I install shorewall firewall on my server and after that I have big problem with SMTP, I can send messages with outlook to server but that messages don`t go out from server (Currently I have over 800 messages in the mail queue) My server is on WHM/cPanel and EXIM.... When I click on "Delivery Now" for some message in WHM I get error: Message 1BtoLi-00033G-RN is not frozen LOG: MAIN

What I''m doing: I have Shorewall on a SuSE 9.0 machine, which is the firewall/router on the network. External interface is eth0 172.16.1.1, internal interface is eth1 10.40.1.1. (I used the Two-interface Linux System Quickstart Guide). All works well with that configuration. I also use PPPD for dial-in clients, and have two modems for incoming calls. Recently I added VPN interface

Hy shorewall users :)) I have the following config in my shorewall: DNAT net:200.137.193.2 loc:192.168.0.55 udp 135,445 - 200.137.193.38 DNAT net:200.137.193.2 loc:192.168.0.55 udp 137:139 - 200.137.193.38 DNAT net:200.137.193.2 loc:192.168.0.55 tcp 135,139,445 - 200.137.193.38 The IP

Skipped content of type multipart/mixed-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 186 bytes Desc: OpenPGP digital signature Url : http://lists.shorewall.net/pipermail/shorewall-devel/attachments/20050604/bee263f3/signature.bin

>-----Original Message----- >From: Ama Kalu [mailto:ama.kalu@cwlgroup.net] >Sent: Wednesday, November 19, 2003 9:07 PM >To: ''Tom Eastep'' >Subject: RE: [Shorewall-users] logwatch > >Thanks Tom and Andrew, > >About 2 months ago, I setup the most current (at the time) version of >logwatch, it required a service filter for IPTABLES which I did not have

Hi, I plug my laptop in different networks and use the following hack to configure automatically shorewall for trusted/untrusted networks: In /etc/shorewall/params: # none is a dummy zone associated to the loopback interface NONE="none:0.0.0.0" # Network scheme, automatically detected by intuitively NETWORK_SCHEME="$(cat /etc/network/scheme 2>/dev/null)" case

Hello, I am using Shorewall version 2.0.1 with kernel 2.4.20. Nightly, LogWatch emails a portion of the logs for my review. I notice that there are tons of dropped packets from port 445, somedays as many as 7,000. See sample below: >From 24.226.192.22 - 2 packets To 24.227.147.124 - 2 packets Service: microsoft-ds (tcp/445) (Shorewall:net2all:DROP:,eth0,none) - 2 packets My question is,

Hi All, I need to be able to make sense from my shorewall logs. I have installed logwatch and it is mailing me reports but the level of detail is just not there. I have set the detail variable to High=10 but I get entries only from the DNS service about denied updates. What am I getting wrong? Tom, will you be kind enough to send me your logwatch config files? Thanks in advance. Ama