similar to: Problem getting dcgui-qt to work through shorewall

At the current time I am not subscribed to the mailing list. I have a blacklist that I got from www.peerguardian.net that is rather large ( 81 kb). When shorewall start command is issued it takes about 20 mins for it to load. Is this normal or should I do this another way? Also I noticed something very strange with shorewall .. I have cron do a shorewall restart command every 24 hours and

(anonymous post) I have a simple 2 interface firewall setup and all is good, almost. I am hosting virtual websites and DNS behind shorewall no problem. However I am trying to use SFTP via a different port number and have no luck even though Putty works well. Is there anything weird to sftp and shorewall? My lab uses a different firewall (firestarter) and it works OK. I am using; DNAT net

Believe me: Read the FAQ Checked over and over This might be toooooo stupid to be documented. Please bear with me. Any help ? Situation: single card standalone "firewall" (used like a "personal firewall"). Have sshd running on the FW. Want the sshd daemon to be accessible only from 2 LANs: 1) My other home LAN machine 2) IBM intranet machines (9.0.0.0) Whatever I have

I must have something configured wrong somewhere. I''ve enabled proxy-arp on my shorewall 2.0.7 firewall. Works fine for what its supposed to do, I can see all the machines through it great. However, whenever its enabled, the network on the DMZ goes screwy. I''ve narrowed it down to this: when proxy arp is enabled for that interface, like such: echo 1 >

Hi Tom Here is the output of shorewall status Thanks Lars [H[2JShorewall-2.0.13 Status at - Thu Dec 30 21:43:44 CET 2004 Counters reset Thu Dec 30 15:38:17 CET 2004 Chain INPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 38383 11M ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 DROP !icmp --

I have had a web server listining sql-1433, www 80, ftp-21 using proxy arp with sub-netting in a three interface DMZ. All these ports are in the rules file as ACCEPT. With one exeception that 1433 allows a few host from the net. 21 and 80 allow all net to dmz connections. The policy is DMZ to net ACCEPT This has been working great for about a month or more until I rebooted the

Currently I have shorewal 2.2 installed om my debian 2.6.8 kernel. The firewall machine can access the internet via a ethernet modem fine. The firewall can ping the local network. The local network can ping the firewall server, see the samba files. Howeven teh local network cannot access the internet through the firewall Any suggestions? Rob van Overbruggen Settings and stats: Server: Eth1 :

sorry, i''m confuse where to post my problem.. i was post to shorewall-users, but must read to support.html this''s my problem ----------- i have squid running on DMZ zone and my network using ProxyARP on eth1 and eth2 mylinuxbox slackware 9.2 my network can access to internet normal, but can''t redirect to squid server from firewall. sometimes my network can connect

Hi Guys, I need some help. I''ve been using shorewall for a while now and it''s been running beautifully, but I''m now experiencing some problems. It seems that connections are getting dropped much like the behavior described by the NEWNOTSYN=no option in the shorewall.conf file, but I have NEWNOTSYN=Yes in my file. The messages I see in my logs are things like:

Using Mandrake 9.2, shorewall 1.4.6c. Everything was working fine until one of the web servers I manage content for (my astronomy club, http://www.starastronomy.org) was "upgraded" to the newset win2K. All of a sudden I can FTP into the machine, but I can''t "ls" or "put" files. I *can* do these things if I turn off my policy of "DROP" for net to fw

I am having a problem that I really just don''t get.... I have this in my rules file: DNAT net loc:192.168.1.2 tcp 21 21 Everything worked fine earlier today.. Now it is dropping packets destined for Port 21 /var/log/messages: Dec 14 00:36:39 pcp08479598pcs kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:0b:6a:3f:e6:72:00:01:5c:22:92:42:08:00 SRC=24.210.36.92 DST=68.57.216.61

I have problem getting answer on http request from all my local subnets but not from local subnet. Ping and requests on ports 21 22 23 25 110 works fine. I logged port 80 in rules files and I got accept entry same for local subnet and other subnets. Local subnet is 192.168.6 Dec 29 09:52:40 zinfsrv2 kernel: Shorewall:loc2fw:ACCEPT:IN=eth0 OUT= MAC=00:09:6b:07:ca:cc:00:10:b5:fa:bd:71:08:00

Hi folks, I notice recently there are a lot of this: Jan 18 20:36:22 server kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:09:6b:a5:b1:65:00:07:50:e6:9a:40:08:00 SRC=202.147.243.4 DST=202.159.252.231 LEN=576 TOS=0x00 PREC=0xC0 TTL=58 ID=62481 PROTO=ICMP TYPE=3 CODE=1 [SRC=202.159.252.231 DST=202.147.243.4 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=14923 DF PROTO=TCP SPT=80 DPT=1248 WINDOW=6432

For the last couple of days, I''ve been seeing a bunch of these from 8 different domains from Germany to South Korea, etc. Can anyone give me an idea as to what may be going on? Jan 24 09:37:18 omega kernel: Shorewall:net2all:DROP:IN=ppp0 OUT= MAC= SRC=xx.xxx.xxx.xxx DST=xxx.xxx.xxx.xxx LEN=44 TOS=0x00 PREC=0x00 TTL=49 ID=47415 DF PROTO=TCP SPT=53121 DPT=25 WINDOW=5840 RES=0x00 CWR

I''m attempting to setup Squid as shown on: http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat 7.2 on the server in the DMZ. I''m not seeing the requests come in to the server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the firewall, the local traffic I''m trying to

Ok, I give up. I tried, really hard, before asking but I must be the most stupid shorewall user on the planet :( My laptop runs a single eth0 interface and knows Net and Firewall as zones and the default "inbound" policies are Net->Any DROP and >ny->Any REJECT. Now at home I have my trusted 192.168.174.240/29 subnet which hosts my very trusted 192.168.174.242 host and I

Is it just me, or have there been an excessive number of TCP port 9200 port scans ? Port 9200 seems to be associated with WAP & Lexmark printers, but what else ? I know Tom does not like identification, but most sources seem to resolve to Asia. Is there a new Trojan loose ? An example: Oct 7 19:16:18 mybox kernel: Shorewall:net2all:DROP:IN=eth0 OUT=

Hello all, Running the "ancient" 1.4.7-RC1 version I have a problem with port forwarding. I have for a number of external fixed IP addresses forwarding to an internal terminal server - this works :-) DNAT net:111.22.33.44 loc:192.168.1.11 tcp 3389 DNAT net:222.33.44.55 loc:192.168.1.11 tcp 3389 Now I need to forward port 80 from one external address to an

Greetings, Yet another strange pattern of traffic is being halted at the shorewall firewall, but I have no idea what this is. IANA shows the ports unassigned, and a net search yields only some of the same questions - what is this port? There are two machines as SOURCE, on the same class C network, adjacent, even, sending one connect attempt to TCP port 32230 every five minutes. I''m

I have what strikes me as an odd problem with shorewall. Let me describe my setup. My desktop (alfred) is connected to the network through an ADSL modem. I am running rp-pppoe, and this works perfectly. I have a small home network, with two LANs; an Ethernet LAN (including a machine running Windows XP), and a WiFi LAN, including the laptop (william) I am using now. All the computers except for