similar to: Redhat 8

Hello Group I am trying to set up a demo of Squid at my location to to a person that has proxy ports blocked on his firewall at his location by having him set his IE Browser set to use proxy server 64.42.49.235 port 80. My thinking was to set up a rule in shorewall which redirects port 80 to 3128 as in a local setting. My test server is running rh 7.3, Shorewall 1.3.14 with one interface

Is there a way to listen on port 25 for repeated dictionary attacks to harvest email address and blacklist that Ip with shorewall? Thanks, Mike

Hello all -- I am trying to get Shorewall, ipsec and RedHat ES version 3 to cooperate. Before posting any specific problems, I thought I''d find out if I have the right stuff to work with. (I''ve gotten ipsec to work flawlessly with Shorewall using RH 8 and 9 kernels, so I have some experience with it. Shorewall 2.0.12 works fine on this ES 3 box, except for the ipsec part)

Hello, You may recall some of My Dmz question around Thanksgiving. While I have configured a Proxy arp Dmz. I would like to practice with the routed setup you suggested Tom as your network was simular. Here is one of your quotes "The configuration of eth2 is largely irrelevant but you certainly don''t want to confuse things by assigning any default gateway out of that

I have openvpn set up and can get to every computer in the office side of the net work using the open vpn example as reference to "office" However from the office to the remote vpn pinging or searching for computers above 128 ip''s show timeouts and searching for computers with windows shows timeouts above 128. example ping from home to office "ping 10.19.227.129" or

Hi All, i am trying to install Shorewall 2.0 on debian 3.0. But when i try apt-get i am getting older version i.e. 1.2. Can someone send me a pointer on how to install shorewall latest version on Debian 3.0 please. i searched google and on this site but could find any. i am not in this list, pl include me in ur replies. Appreciate ur help, -Balaji

I have had a web server listining sql-1433, www 80, ftp-21 using proxy arp with sub-netting in a three interface DMZ. All these ports are in the rules file as ACCEPT. With one exeception that 1433 allows a few host from the net. 21 and 80 allow all net to dmz connections. The policy is DMZ to net ACCEPT This has been working great for about a month or more until I rebooted the

http://shorewall.net/pub/shorewall/Beta ftp://shorewall.net/pub/shorewall/Beta -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net

The 2.6 kernel series includes Netfilter ''physdev'' match support. That support makes it feasible for Shorewall to support bridge/firewall configurations. I''m looking for early testers of such support. Requirements: a) Willing to run Shorewall 2.0.0-RC1 or later (RC1 will be released in a day or so) plus private updates. b) Running a 2.6 kernel or a 2.4 kernel with

I just installed Fedora Core 3 uname -r 2.6.9-1.667 I got the latest shorewall''s rpm: http://www.shorewall.net/pub/shorewall/2.2/shorewall-2.2.0/shorewall-2.2.0-1 .noarch.rpm Made my changes Attempted to run shorewall and got: [root@demo shorewall]# shorewall start ERROR: Can''t find iptables executable I haven''t seen this before. I tried to go through all the

Hello, Have a question I am new to squid, although I have about 100~150 hours of study in the last month to move up quickly. I have set up rh 7.1 on a 300 mgz intell celeron 128mb ram 8gb hd. shorewall 1.2.9 running webmin with openssl access and squidGuard filter. I set it up this weekend to work with a fairly small network that masquerades through shorewall. It serves 60 windows boxs most

The bridging documentation (http://shorewall.net/2.0/bridge.html) has been expanded and there is a refresh of the bridging code (ftp://shorewall.net/pub/shorewall/Bridging and http://shorewall.net/pub/shorewall/Bridging). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net

Group, I am reading about tc (traffic control) and willing to get my feet wet. As requirement, there should be HTB compiled in the kernel. I grabbed a Mandrake 8.2 distro, and didn''t installed the kernel source. Anyone knows if the HTB is compiled in Mandrake 8.2, or point a way to find that out? I tried to read the /usr/src/kernel.xxxxx/.config file, but it doesn''t exists.

We''ve just upgraded to a new firewall machine, and a new version of Shorewall. We''re now on 2.04; previous version was 1.3.9b (!). So I''m pretty sure whatever problems we''re having are related to the big version jump. We''re using config files that exactly match our old (working) configuration (IOW, these are things which _were_ working on the old

We had a running ipsec shorewall system to all of our remote offices. We added a dmz to the firewall and implemented proxy arp for that dmz. We have checked everything two or three times and cannot figure out why the vpns will no longer come up. We are using shorewall version 2.2.3 from the debian stable sarge distribution. We noticed the errata that for 2.0.0 there was a problem with proxy

Hi, One person, trying to access my website has troubles doing so. All other users do not have a problem. I have a cable modem, with a shorewall 1.4 machine behind it. On the second interface of the shorewall machine I have a few machines, of which one is the webserver. Checking the logfile I see the following messages: Aug 30 21:24:16 gatekeeper kernel: Shorewall:rfc1918:DROP:IN=eth1

Hi all, I''m trying to set up a transparent proxy with dansguardian, and running into some strange issues with the squid setup without dansguardian. I have used shorewall for quite some time, and I''m stumped as to why I can''t get this to work. Here is a brief synopsis of my network. loc --> gateway/firewall--> net I have the following policies: #firewall to

This is a rollup of two fixes: a) A fix for obscure [re]start errors involving the /etc/shorewall/masq file. b) A change which allow ''maclist'' with Atheros WiFi cards. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net

From: non-list-member With shorewall 2.0.2c on a kernel 2.6.5 I am finding that the report_capabilities() is being called before load_kernel_modules(). This leads to some problems, one of which is that the reported capabilities is wrong on the first "start" command. If you then "stop" then "start", things go better (now that the kernel modules are loaded). Some