similar to: Shorewall / nmap question

In our LAN a Linux-router connects 2 subnets. On this router dhcrelay is running. For several reasons we have to run a firewall on this box. But what is the right way to configure dhcrelay using Shorewall??? Thanks. -- Ad Koster <lidad@zeelandnet.nl>

In our company's W2K-domain we decided to put all roaming profiles on Samba-servers (RH 9.0 / samba 2.2.8) The Samba-servers are configured for using DOMAIN-security. Part of our /etc/smb.conf look like [Profiles] path = /usr/local/samba/profiles comment = Profile-share browseable = no writeable = yes create mode = 0600 directory mode = 0700 We simply copied al the "old"

Petr, It works perfectly! But I still have a question; I have fit the following data; x,y,z 1,10,11 2,11,15 3,12,21 4,13,29 5,14,39 6,15,51 7,16,65 8,17,81 9,18,99 10,19,119 >dat.lm <- lm(z~I(x^2)+y, data=dat) >dat.lm Call: lm(formula = z ~ I(x^2) + y, data = dat) Coefficients: (Intercept) I(x^2) y 1.841e-14 1.000e+00 1.000e+00 How do I create the

I understand that I need to have a (in this case) square matrix with all the data. But the question now is; - can the contourplot not interpolate the missing values or alternatively - I have fit a model to the z data (z = 100 + 0.5x + 0.5y). How can I make from this model a "square" matrix z to make a contour plot? Kind regards, Darius Blaszijk ----- Original Message ----- From:

It seems to me that ipsecnat tunnel type is not complete. Latest drafts of ipsec nat-traversal use udp port 4500 for nat-traversal communications. (It''s called port floating). That is needed to get rid of ugly ipsec passthru devices. Now ipsecnat opens port udp/500 from any source port. And I think ipsecnat won''t work at all with gw zone defined? I''m not sure about

Having some major troubles with smb and making it a PDC For 2 weeks now I have been testing, and retesting. At one point I had it all working except for password changing. Has anyone goten Samba 3.0.4 to work correctly as a PDC with an smbpasswd back ground (not pam or ldap). If so could you please send me a working copy of your SMB file (only core components needed, no need for shares or

Hi, I''m trying to enable ssh (when that works, want to add:pop3s,smtp,web) from the internet to the firewall but it does not work. I managed to DNAT ftp to a host in the loc network (192.168.0.50) successful but I don''t know why SSH: Does not work for me: ACCEPT net fw tcp 22 Works from the loc network: ACCEPT loc fw tcp 22 I have tried also with (no success): AllowSSH

The rule: ACCEPT loc $FW::3128 tcp www doesn''t work propertly, the http access does not redirect to squid but directly exit. what''s wrong? Thanks ------- Dario Lesca (d.lesca@ivrea.osra.it) -------------------------------------- @@@@@@@ this is my shorewall-1.2.13 config: #[/etc/shorewall/common.def]-----------------------------------------------

I''m beginning to believe that the use of the last column in the rules file to designate redirection/forwarding is too subtle for many users. For 1.3, I think I''ll do something like the following: Current rule: ACCEPT net loc:192.168.1.3 tcp 80 - all New rule: FORWARD net loc:192.168.1.3 tcp 80 Current rule: ACCEPT net fw::3128 tcp 80 - all New rule: REDIRECT net

I have just set up Samba 3.0.4 from scratch, I am running Mandrake 10, and did not install its default 3.0.2a. When I try and jpoin a domain, everything works right up to the add user portion. >From the XP machine I am able to complete the following steps 1. Enter windws username and domain information 2. Add the machine name to the domain (it is created on the linux box, and entered into

Greetings; My syslog is getting 100s of thousands of messages like the following (these are just a sample); (BTW I am running Debian/lenny) > May 11 12:41:31 gatekeeper kernel: BANDWIDTH_IN:IN=eth1 OUT=eth0 SRC=192.168.0.4 DST=64.15.118.171 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=37901 DF PROTO=TCP SPT=1307 DPT=80 WINDOW=17640 RES=0x00 ACK URGP=0 > May 11 12:41:31 gatekeeper kernel:

I did not subscribe to the list. I''ve been using shorewall for some time and I appreciate it very much. I think it would be useful to have an option to generate a script of the commands Shorewall is about to issue, instead of issuing the commands directly. This script could then be used for revision, modification, and could also be used on another system. I thought about modifying

Sorry to barge in on an old thread. I''m having the same trouble as the gent who started this thread. I''ve tried the options described and can''t seem to get the tunnel to pass packets through it. I''m using the Netscreen Remote VPN client (Safenet derivative) on a windows machine, trying to connect to a Netscreen 5xp at the other end. The connection fires

Dear list, I want to rate-limit a couple of customers in both up and down directions. They get a different speed for traffic staying on our network than for traffic towards/from the internet, so that''s a master class and 2 child classes per customer per interface. I made a test setup with cbq which worked, but wasn''t too reliable I measured a tolerance of about 30%. I read

Hello Tom, I''ve been using Shorewall for years without problems. My previous version of shorewall was 1.4.6b-1. Everything worked just fine. Today I upgraded using rpm to 2.0.8-1. After update no one can connect to any interface from net. Server can connect to outside world fine and those described in routestopped have no problem connecting. Any help correcting this problem would be

While I''m in temporary retirement, I''ve decided spend a little time experimenting with new things and making some updates to the web site. The biggest result of this effort to date has been: http://shorewall.sf.net/Shorewall_Squid_Usage.html This outlines how to use Squid as a transparent proxy running on the firewall, in the DMZ or in the local network. In the latter two

Hello, I would like to make a contourplot of the following data; > x <- 1:10 > y <- 1:10 > z <- 100:110 By doing >contour(x,y,z) I get the following error; "Error in contour.default(x, y, z) : no proper `z' matrix specified" How do I fix this?? Kind regards, Datius Blaszijk [[alternative HTML version deleted]]

Hi, I''ve attached a patch which fixes a logging problem with log_rule_limit in custom actions. E.g. this action: ,----[ Whitelist ] | if [ -n "$LEVEL" ]; then | run_iptables -N ${CHAIN}Add | log_rule_limit $LEVEL ${CHAIN}Add WhitelistAdd DROP "$LOG_LIMIT" $TAG | run_iptables -A ${CHAIN}Add -j DROP | run_iptables -N ${CHAIN}Del | log_rule_limit

[This email is either empty or too large to be displayed at this time]

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=78 Summary: -m psd -j TARPIT returns all ports open from nmap Product: iptables userspace Version: unspecified Platform: i386 OS/Version: RedHat Linux Status: NEW Severity: normal Priority: P2 Component: unknown AssignedTo: