Displaying 20 results from an estimated 1000 matches similar to: "Shorewall / nmap question"
2002 Nov 29
1
configuring dhcp-relay / Shorewall
In our LAN a Linux-router connects 2 subnets. On this router dhcrelay is
running.
For several reasons we have to run a firewall on this box. But what is
the right way to configure dhcrelay using Shorewall???
Thanks.
--
Ad Koster <lidad@zeelandnet.nl>
2003 Jul 27
2
Storing W2K roaming profiles on a Samba - server
In our company's W2K-domain we decided to put all roaming profiles on
Samba-servers (RH 9.0 / samba 2.2.8)
The Samba-servers are configured for using DOMAIN-security.
Part of our /etc/smb.conf look like
[Profiles]
path = /usr/local/samba/profiles
comment = Profile-share
browseable = no
writeable = yes
create mode = 0600
directory mode = 0700
We simply copied al the "old"
2005 Feb 09
2
[Fwd: Re: Fw: Contour plot]
Petr,
It works perfectly! But I still have a question;
I have fit the following data;
x,y,z
1,10,11
2,11,15
3,12,21
4,13,29
5,14,39
6,15,51
7,16,65
8,17,81
9,18,99
10,19,119
>dat.lm <- lm(z~I(x^2)+y, data=dat)
>dat.lm
Call:
lm(formula = z ~ I(x^2) + y, data = dat)
Coefficients:
(Intercept) I(x^2) y
1.841e-14 1.000e+00 1.000e+00
How do I create the
2005 Feb 08
2
Fw: Contour plot
I understand that I need to have a (in this case) square matrix with all the
data. But the question now is;
- can the contourplot not interpolate the missing values
or alternatively
- I have fit a model to the z data (z = 100 + 0.5x + 0.5y). How can I make
from this model a "square" matrix z to make a contour plot?
Kind regards, Darius Blaszijk
----- Original Message -----
From:
2003 Jan 06
3
ipsec nat-traversal
It seems to me that ipsecnat tunnel type is not complete.
Latest drafts of ipsec nat-traversal use udp port 4500 for nat-traversal
communications. (It''s called port floating). That is needed to get rid
of ugly ipsec passthru devices.
Now ipsecnat opens port udp/500 from any source port.
And I think ipsecnat won''t work at all with gw zone defined? I''m not
sure about
2004 Jun 18
2
Need a working model of smb.conf for a PDC
Having some major troubles with smb and making it a PDC
For 2 weeks now I have been testing, and retesting. At one point I had it
all working except for password changing. Has anyone goten Samba 3.0.4 to
work correctly as a PDC with an smbpasswd back ground (not pam or ldap). If
so could you please send me a working copy of your SMB file (only core
components needed, no need for shares or
2005 Apr 19
14
allow ssh access from net to fw?
Hi,
I''m trying to enable ssh (when that works, want to add:pop3s,smtp,web) from
the internet to the firewall but it does not work.
I managed to DNAT ftp to a host in the loc network (192.168.0.50) successful
but I don''t know why SSH:
Does not work for me:
ACCEPT net fw tcp 22
Works from the loc network:
ACCEPT loc fw tcp 22
I have tried also with (no success):
AllowSSH
2002 May 14
4
Redirect loc::80 to fw::3128 not work
The rule:
ACCEPT loc $FW::3128 tcp www
doesn''t work propertly, the http access does not redirect
to squid but directly exit.
what''s wrong?
Thanks
-------
Dario Lesca (d.lesca@ivrea.osra.it)
--------------------------------------
@@@@@@@ this is my shorewall-1.2.13 config:
#[/etc/shorewall/common.def]-----------------------------------------------
2002 May 14
3
[Shorewall-users] Redirect loc::80 to fw::3128 not work (fwd)
I''m beginning to believe that the use of the last column in the rules file
to designate redirection/forwarding is too subtle for many users. For 1.3,
I think I''ll do something like the following:
Current rule:
ACCEPT net loc:192.168.1.3 tcp 80 - all
New rule:
FORWARD net loc:192.168.1.3 tcp 80
Current rule:
ACCEPT net fw::3128 tcp 80 - all
New rule:
REDIRECT net
2004 Jun 23
1
Problems with 3.0.4 PDC - Trust Relationship failed
I have just set up Samba 3.0.4 from scratch, I am running Mandrake 10, and
did not install its default 3.0.2a. When I try and jpoin a domain,
everything works right up to the add user portion.
>From the XP machine I am able to complete the following steps
1. Enter windws username and domain information
2. Add the machine name to the domain (it is created on the linux box, and
entered into
2008 May 11
13
Message flooding of syslog
Greetings;
My syslog is getting 100s of thousands of messages like
the following (these are just a sample); (BTW I am
running Debian/lenny)
> May 11 12:41:31 gatekeeper kernel: BANDWIDTH_IN:IN=eth1 OUT=eth0 SRC=192.168.0.4 DST=64.15.118.171 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=37901 DF PROTO=TCP SPT=1307 DPT=80 WINDOW=17640 RES=0x00 ACK URGP=0
> May 11 12:41:31 gatekeeper kernel:
2004 Mar 21
3
Feature request: script generation
I did not subscribe to the list.
I''ve been using shorewall for some time and I appreciate it very much.
I think it would be useful to have an option to generate a script of the
commands Shorewall is about to issue, instead of issuing the commands
directly. This script could then be used for revision, modification, and
could also be used on another system.
I thought about modifying
2003 Jan 24
4
AW: AW: Ipsec passthrough
Sorry to barge in on an old thread. I''m having the same trouble as the
gent who started this thread. I''ve tried the options described and can''t
seem to get the tunnel to pass packets through it. I''m using the
Netscreen Remote VPN client (Safenet derivative) on a windows machine,
trying to connect to a Netscreen 5xp at the other end. The connection
fires
2004 Jan 19
5
a couple of questions regarding htb
Dear list,
I want to rate-limit a couple of customers in both up and down
directions.
They get a different speed for traffic staying on our network than for
traffic towards/from the internet,
so that''s a master class and 2 child classes per customer per interface.
I made a test setup with cbq which worked, but wasn''t too reliable I
measured a tolerance of about 30%.
I read
2004 Sep 20
2
After upgrade people can no longer connect
Hello Tom,
I''ve been using Shorewall for years without problems. My previous version of
shorewall was 1.4.6b-1. Everything worked just fine. Today I upgraded using
rpm to 2.0.8-1. After update no one can connect to any interface from net.
Server can connect to outside world fine and those described in routestopped
have no problem connecting. Any help correcting this problem would be
2003 Jan 09
19
New on the Web Site
While I''m in temporary retirement, I''ve decided spend a little time
experimenting with new things and making some updates to the web site. The
biggest result of this effort to date has been:
http://shorewall.sf.net/Shorewall_Squid_Usage.html
This outlines how to use Squid as a transparent proxy running on the
firewall, in the DMZ or in the local network. In the latter two
2005 Feb 08
3
Contour plot
Hello,
I would like to make a contourplot of the following data;
> x <- 1:10
> y <- 1:10
> z <- 100:110
By doing >contour(x,y,z) I get the following error;
"Error in contour.default(x, y, z) : no proper `z' matrix specified"
How do I fix this??
Kind regards, Datius Blaszijk
[[alternative HTML version deleted]]
2005 Mar 01
1
Logging patch
Hi,
I''ve attached a patch which fixes a logging problem with
log_rule_limit in custom actions. E.g. this action:
,----[ Whitelist ]
| if [ -n "$LEVEL" ]; then
| run_iptables -N ${CHAIN}Add
| log_rule_limit $LEVEL ${CHAIN}Add WhitelistAdd DROP "$LOG_LIMIT" $TAG
| run_iptables -A ${CHAIN}Add -j DROP
| run_iptables -N ${CHAIN}Del
| log_rule_limit
2005 Feb 01
5
Shorewall configuration - ''run_iptables''-problem
[This email is either empty or too large to be displayed at this time]
2003 Apr 16
0
[Bug 78] New: -m psd -j TARPIT returns all ports open from nmap
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=78
Summary: -m psd -j TARPIT returns all ports open from nmap
Product: iptables userspace
Version: unspecified
Platform: i386
OS/Version: RedHat Linux
Status: NEW
Severity: normal
Priority: P2
Component: unknown
AssignedTo: