Displaying 20 results from an estimated 7000 matches similar to: "routing thru shorewall"
2002 Sep 03
6
samba and NIS?
Hi,
I have a few questions. My goal is to run
NIS and samba so I have a central point of passwd control
and just one place to change passwords. I will eventually
have 5 samba servers so this is quite important to me as
I don't want to have to change passwords and setup passwords
on 5 servers when changing or adding new users.
Can this be done? So that if a user changes his password
for
2003 Apr 02
3
/var/spool/samba full of print jobs
Hi,
madly looking for an answer to this but haven't
found it in the smb.conf man pages yet...
I'm using samba for my print server. I use
printing = cups with samba.
Currently it looks like all print jobs
are being retained in /var/spool/samba and
it has just filled my var fs :-( and no
one can print. I can't seem to find
any parameters associated with pruning
the jobs, or how long
2004 Oct 20
11
Shorewall, Freeswan and SuSE 9.1
I have been using shorewall and freeswan successfully for 3 or more
years now. But they have all been using the Linux 2.4 kernel. My current
configuration is (as the title suggests) using SuSE 9.1 which has a
2.6.5 kernel and freeswan 2.0.4 built-in.
After much reading and a lot of trial and error, I did get this
combination to work with Shorewall 2.0.9. It is happily talking to an
older Mandrake
2003 Jan 13
4
DMZ hosts gateway
Hi everyone,
I have a question regarding the default gateway for hosts on DMZ zone. I moved servers from parallel to the DMZ (outside the firewall, directly connected to I-net) to inside DMZ. The default gw for these servers was the DSL router(bridge) of my ISP.
What should be the default gw (for the hosts inside the DMZ), when hosts are inside the DMZ now - still the DSL router (external
2002 Feb 28
2
Problem with FreeSwan and Shorewall on a LEAF(Oxygen) based router.
Hello,
I seem to have the Freeswan IPSEC tunnel working between my two sites,
but I am still having a problem that looks to be because of something I have
configured wrong in my shorewall setup..
I have a LEAF Oxygen < 1.9 heavily modifed firewall setup.. Using
FreeSwan 1.91, and Kernel 2.4.8. Modified to use IPTables and
standard Debian network/interfaces. I am also using Shorewall
2004 Jan 07
1
Forward some traffic to VPN
Hi. I am trying to force some traffic that goes to address 203.7.93.94
through a VPN tunnel. I use freeswan 1.98b and Shorewall 1.4.6c in one
machine. The 203.7.93.94 is in the DMZ on the other end. (Both ends use
the same shorewall and freeswan).
I have successfully set up a tunnel between the two network (using a
point to point topology, not hub).
I added a static routing that redirect
2004 Aug 22
6
LAN to DMZ zone issues.
Hello all,
Name is Andrew and in desperate need of some info.
Setup:
- Mandrake 9.1 with three interfaces
(eth0 --> WAN) C-class /28 network (with tree virtual addresses which I
am DNAT-ing to the DMZ)
(eth1 --> LAN) A-class 10.0.0.0/8
(eth2 --> DMZ) A-class subnet 10.1.123.0/24
- Running stock Shorewall ver: shorewall-1.3.14-3.1.91mdk
Dilemma:
- LAN can not access the DMZ zone
2003 Jan 22
5
Proxy arp and pptp
Hi all!
I''ve set up a Linux box with shorewall doing proxy arp as per http://www.shorewall.net/shorewall_setup_guide.htm#ProxyARP the 5.2 (non routed) example. Everything is working great except for one thing, and that leads me to my question: is there a conflict between proxy arp and pptp? I''ve set the apropriate ACCEPT rules to allow tcp port 1723 and protocol 47 to the host
2002 Nov 20
8
Proxy ARP
Hi all!
I posted earlier about the proxy arp configuration =
http://shorewall.sourceforge.net/shorewall_setup_guide.htm#NonRouted, =
and was probably not sufficiently knowledgeable on the subject. I''ve =
gone through a bunch of documents on proxy arp, subnetting with proxy =
arp and the documentation at shorewall, and have come up with a setup =
that would be perfect for the job at hand
2006 Feb 06
6
(no subject)
We had a running ipsec shorewall system to all of our remote offices. We
added a dmz to the firewall and implemented proxy arp for that dmz. We have
checked everything two or three times and cannot figure out why the vpns
will no longer come up.
We are using shorewall version 2.2.3 from the debian stable sarge
distribution. We noticed the errata that for 2.0.0 there was a problem with
proxy
2003 Feb 04
1
Totally SNAT confused :)
Hi !
I have setup a complete shorewall now with DMZ, and Private zones and
masq, rules, port-forwarding etc. worx like expected.
BUT
I have a wish to use a couple of more public IP''s and relate those to
inernal servers on the DMZ zone and i am now so confused about it. I have
searched this archive for SNAT port allow
Setup:
3 public adresses on the WAN nic. lets call them 80.80.80.80 -
2003 Jan 02
1
mail server in dmz
Hi, in a three interface firewall I have
eth0, loc, 10.1.5.1/16
eth1, int, 200.41.61.228/29
eth2, dmz, 192.168.1.1/24
(un)fortunately I got a group of public ip?s to use, so here is my problem
in the dmz I have 192.168.1.3 redirected from eth1 alias 200.41.61.226 (a web server,
works perfect).
I am trying to set up a mail server also, a different machine, so I can?t use proxyarp, as
with this,
2004 Nov 16
4
Query re Tom''s firewall (see http://www.shorewall.net/myfiles.htm)
On the firewall, what is the rationale for giving eth1 an IP address
that is also assigned eto eth0? (Rather than a private one.)
--
Taso Hatzi
caesar 17 <<-salad
cjbx jc vdwwjar jc xi jc jd
salad
2002 Sep 29
7
[Fwd: Building custom _updown script for freeswan to make it talk with shorewall]
Tuomo Soini wrote:
> You don''t happen to read shorewall-devel mailinglist ?
I read it -- I just didn''t know what to make of your post and it arrived
while I was on vacation.
What exactly are you trying to accomplish that Shorewall isn''t doing for
you now?
e.g.
/etc/shorewall/zones
rw Roadwarriors Road Warriors
/etc/shorewall/interfraces
rw ipsec+
2003 Jan 05
2
Shorewall DMZ - Proxy ARP or Static NAT
Hi All,
>From the documentation I have read on Shorewall, the preferred approach
seems to be, to use Proxy ARP instead of Static NAT for hosting web servers
in the DMZ Zone. But I have also read that this could cause problems for VPN
configurations.
I essentially have multiple public IP''s, which I want to map to private
addresses in the DMZ. I also intend to setup a gateway between 2
2005 May 17
1
Adaptation - Architecture Question
I have been studying Tom''s configuration at:
http://www.shorewall.net/myfiles.htm -and-
http://www.shorewall.net/NAT.htm
I am using SBC as an ISP and also have 5 "real" IP addresses and because
of other issues, have to re-do my set-up. If I have a block at .120/29
assigned to me, what SBC does is give you 5 usable addresses, in my case
.121 is the SBC modem/router and
2003 Jan 14
1
Question on Shorewall with FreeSwan
I am new to Shorewall and FreeSwan, please excuse my ignorance I was
wondering if someone could help me.
I had help getting my FreeSwan running with the following iptables
commands:
iptables -I FORWARD -s 0/0 -d 192.168.1.0/24 -i ipsec0 -o eth1 -j
ACCEPT
iptables -I FORWARD -s 192.168.1.0/24 -d 0/0 -i eth1 -o ipsec0 -j
ACCEPT
If I manually run this FreeSwan works, however I am not sure
2003 Jan 14
1
Firewalling multiple FreeSwan connections
Hi all!
I have got a vpn connection set up using FreeSwan and shorewall.
Everything works fine but I want to add another subnet to the whole. This
means that 1 box will get two net-to-net connections.
I want to limit the services on one subnet however. Cuurently I have
defined a vpn zone for the current connection and allow all vpn<->loc
traffic.
How would I go about in tightening the
2005 May 06
1
NAT and DMZ
Hi,
I have this case:
My Shorewall is a internet gateway:
(fw) eth0 -> 200.209.100.0/30
(loc) eth1 -> 192.168.0.0/24
(dmz) eth2 -> 200.209.100.8/30
In the DMZ, I have another linux, with a web server too.
eth0 -> 200.209.100.10/30 - running Apache at port 1700
eth1 -> 192.168.0.0/24
My problem is:
I need to make a NAT, from my local
2003 Nov 05
3
help for managemen 4 ip public
Dear, All
I have 4 ip public in my router
1. For Connection to gateway
2. For gateway Wireless Lan (with ip public)
3. For DMZ
4. For Downtream ISP
------------------History
I have two way for connection Internet 1 by Leased Line 128 Up/Down and 256 Down With DVB and i have client with wireless Network.
I need Client wireless network can use DVB Network for connection with port 80.
What can i