similar to: RULES

On my windows machine I use a software fire will called ZoneAlarm. One feature I like Is the ability to block applications from using the net. I''ve looked with Shorewall and wonder if it does, or was ever meant to. Not a complaint, a curiosity. Kev -------------- next part -------------- A non-text attachment was scrubbed... Name: winmail.dat Type: application/ms-tnef Size: 1572 bytes

Hi, I am using Shorewall in Adamantix. At the moment everything flow fine, my question is that how can I filter the access by computer mac address, I had read the documentation maybe I am ''stupid enough to spot the guide, if so please show me''. What is the rules line if I want to 1. limit ~01-01-01-01-01-01,~02-02-02-02-02-02,~03-03-03-03-03-03-03 to access 202.202.202.202

Hi, At the moment I am controlling my LAN client access to the Inet by their MAC address. Currently I am putting their MAC address in the rules file - now the number of the PC that I want to manage is getting more and more and it is not practicle to do this way anymore. My question is, how can I have their MAC address in other separate file? Regards http://www.debian.org/consultants/#Malaysia

Hello, I''m working in configuring a very restrictive firewall to stick between our techroom and our internal network. Basically nothing should be allowed into the techroom and only a limited amount of traffic is to leave the techroom. Below are a few log entries I looking to get explained. DHCP is handled by the firewall, DNS is handled by servers side our techroom. my rules file

I want smtp requests from the internet to address 202.1.2.3 are to be forwarded to 192.168.1.109, so I set ORIGINAL DEST is 202.1.2.3 but when I restart it show error: iptables v1.2.11: invalid TCP port/service `210.0.214.212'' specified Try `iptables -h'' or ''iptables --help'' for more information. ERROR: Command "/sbin/iptables -A net2loc -p tcp

Hi, How can only allow http,ftp,smtp define on outgoing rules ? Thanks _______________________________________ YM - 離線訊息 就算你沒有上網，你的朋友仍可以留下訊息給你，當你上網時就能立即看到，任何說話都冇走失。 http://messenger.yahoo.com.hk ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and

I have a firewall running Shorewall 1.3.13-1 from rpm on a redhat 7.3 box. The box has three nics assigned to zones loc net and dmz. We also have multiple vpn links accomplished via ssh tunnels, These links all come from dynamic IP addresses with known private subnets behind them. There are basically two types of networks these vpns connect, one with access to almost everything and one with

Hello - I am not a subscriber to the mailing, please email me with help at mfabache@yahoo.com My shorewall (v2.0.1) has been working wonderful for the past year. I just added my Vonage and cannot get the Phone Adapter to sync up (2 blinks (looking for IP)) All I have done is run an ethernet cable from the WAN outlet on the phone adapter to a lan port on the router. After googling, I found

Hi all, I have seen Shorewall places the state verification rules (-m state --state ESTABLISHED,RELATED) as the first rule in a zone2zone chain. This means that state checking is done after all the rules involving from this zone to this zone. As you could have a lot of them, wont be better to place them just after checking the state is not invalid? This will mean a lot of packages will be

Hi People, what files is processed first?, balcklist or rules, i want to globally filter imesh, but at the same time allow managers to connect, i.e. , imesh work on port 1214, i have this: /etc/shorewall/blacklist #ADDRESS/SUBNET PROTOCOL PORT 192.168.0.0/16 tcp 1214 192.168.0.0/16 udp 1214

I attached a copy of my rules file and I was wonndiering if there is some commands that I don''t need. I am running a webserver,email server,samba server. Thanks --------------------------------- Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now-------------- next part -------------- ############################################################################## #ACTION

Hi people, I am running the latest version of Debian ''Sarge''. I have installed hopefully the latest version of shorewall, as followed by the website. The firewall has been installed with no problems, runs ok, but I have found a strange problem, maybe it me *shrug* My setup: Internet<-->cablemodem<-->Debainfirewall<-->hub<-->windowspc I am cable, and

Hi all, I Try use shorewall rules with time element but its never works, the rules look like this HTTPS(REJECT) loc net:69.63.181.11,69.63.181.12,69.63.184.142,69.63.187.17,69.63.187.19 localtz&timestart=20:00&timestop=20:10&weekdays=Mon,Tue,Wed,Thu,Fri This rules for block https access to facebook site at working hours & day My system is Debian lenny, shorewall 4.4.4.2 kernel

I have two external interfaces in a Multi-ISP config. I allow access to port 81 for a webcam, but I only want that to work for one of the interfaces, and I want to limit the connections to it by maximum time for one user, or failing that, maximum connections, as people just leave it running on their desk all day (it''s a Caribbean beach so people sit and dream). ow do I do that as

Hi -- I was happily running Shorewall 1.4 for quite a while, then upgraded recently to 2.0.13 (Debian Linux, Exim4, Squid, no DMZ) and can''t get Shorewall working. When I start it, my ssh and pop3 access is immediately blocked locally. This is a very simple setup. No dmz, just ETH1 to the Internet and ETH0 local, with IP Masq. Turned ON. I would appreciate it if someone who has a

Although Shorewall provides safeguards against it, people seem to regularly shoot themselves in the foot when doing remote system administration. I''ve been thinking about this problem and wonder if a change to the way that "shorewall stop" behaves might help. Today, "shorewall stop" stops all traffic except to/from those destinations listed in

Dear Shorewall Users :-) I''ve been playing with shorewall for some time now - I found it really interesting and easy tool to organise all the rules and so on (beforethat I''ve been using simple iptables rules in shell script ;-) Generally it''s quite easy to be used, but anyway found one problem which I cannot handle myself - or in other words - cannot find appropriate

So I finally got shorewall up with my linux box, which pipes out to a switch, and then my machines... Problem now is on my one machine, I have a remote admin server running on port 4899... So since I''m using masq, I added a DNAT entry in my rules instead of an ACCEPT DNAT net loc:192.168.1.3 tcp 4899 So when I try to access my remote admin using my external IP, even from inside, I

Dear all, I am using shorewall 2.0.3a is this redirection rule forward all requests coming to IPADDRESS:80 to 192.168.0.5:80 Rule: DNAT net loc:192.168.0.5 tcp 80 - IPaddress Regards, - sree

Did I just read completely past this or is this an undocumented feature? Either way, thanks. BTW for my first attempt at a Linux firewall, this proved to be a challenge, but worth it. And most of the problems I''ve had are I/O (idiot operator) errors. Keep up the good work. Kev --- Message: 10 Date: Mon, 24 Feb 2003 06:20:00 -0800 From: Tom Eastep <teastep@shorewall.net> Subject: