similar to: A note of thanks

This one is a bit complex so if no help is forthcoming, I understand. I have 2 shorewall firewalls (1.3.13) up and running. (both machines running Gentoo Linux 1.4_rc2) I have freeswan (1.98) running on each of them. I have squid setup as a caching/filtering server on each of them. Each of them was originally setup using the Two-interface Quick Start Guide. Then the Squid guide and then the IPSEC

Evening all, First: Obligatory thanks to Tom. Shorewall is GREAT! I''ve got it on 3 machines now and love it. (Just because they are obligatory does not mean they are not heart-felt.) On my main web server, I am constantly scanning my log files for worm-signs. Requests for default.ida, any .exe, there are several others, you probably have your favorite. I got tired of doing it by hand

I''m running a Fedora Core 1 Samba server and Shorewall 2.0.1 Connections to Samba shares from both loc hosts and the fw host are usually impossible, unless I boot the Server and connect a loc machine to a Samba share before starting Shorewall. This requires manually toggling the startup_disabled filename and starting Shorewall manually after each boot. I used the two-interface

I have been overwhelmed today with well-wishing posts. I began by trying to answering each and every one but I soon realized that there were going to be too many. So I want to thank each of you who offered me your best wishes -- I fully appreciate every post. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \

All (Tom especially), Thanks for correcting my hosts file faux pas. I think I now (kinda) know how this file is used. Can I use this to control what subnets can get NAT''ed out and back through the net zone? For instance, with nothing in it every network inside can get out without a problem. If I do specify networks in it, is it true that only those specified can get out and back?

Shorewall 1.4.0 is released and is available at both SourceForge and at the mirror in Washington State. Other mirrors will be updated shortly. The content of 1.4.0 is the same as 1.4.0-RC3 with the exception of the updated version number. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net

I just wanted to publicly thank Thomas Eastep for his wonderful work on shorewall. I hope he gets a much needed rest and returns happy and healthy! May he also go forth and prosper with his great knowledge .... His work deserves to be listed at the top of those lists of top Free Open Source Software success stories. Happy New Year Tom! PS- Thanks also to everyone else on the shorewall project. May

I attached a copy of my rules file and I was wonndiering if there is some commands that I don''t need. I am running a webserver,email server,samba server. Thanks --------------------------------- Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now-------------- next part -------------- ############################################################################## #ACTION

I have the following interfaces loc eth0 net0 eth1 net1 eth2 (net0 and net1 are the two ISP networks) policy loc net0 ACCEPT loc net1 ACCEPT net0 all DROP info proxyarp 209.189.103.204 eth0 eth1 no no params Pellucidar=192.168.124.232 rules DNAT net0 loc:$Pellucidar tcp 22,80,1950,50005 - 209.189.103.204 ACCEPT all all icmp

Hi all, I have a problem to get my Linux machine to masquerade for other computers on the network. My main machine is connect to the ADSL modem on eth0. The machine also has another network card, eth1 which connects directly to the other computer. Both machines can ping each other fine, but I can''t access the net from the other (Windows) system. IP Configuration on the linux

Hello all, What I am doing seems fairly straight forward to me, I just am not sure how to put it into Shorewall''s config files. Here is what I have: I have a single router that takes 5 public IP addresses and routes them to internal IP addresses. In the past, I had control over that router and could port filter at the router, forwarding only the traffic I wanted. However, now, I

Hi Tom and list, Still trying to set up Shorewall logging. I understand that Shorewall require syslog to get logging working, however I have metalog. Is this possible to use metalog as logging facility for Shorewall? I was reading http://www.shorewall.net/shorewall_logging.html and it describes other method ( ULOG ). I understand that I have to compile ULOG support in the kernel... where do I

Hi! I use standard Bering 2.2.2. I am trying to get my FTP-server to work with another portnumber than 21 (On port 21 all works great, but I´m really interested in running two FTP-servers, so I want to figure this one out first). Read the FAQ: http://www.shorewall.net/FTP.html and now I got this setup: In Rules: DNAT net loc:192.168.3.2 tcp 99 In Shorewalls modules.conf (tried

Thank you for the rapid response. I will try and investigate getting answers to some of your points but I'm a little new to Solaris so I'll need some time. Glancing at the configure output, it looks like it built against v0.1.7 of libusb (yes i think that is derived from the one you mention), checking for libusb version via pkg-config... 0.1.7 found checking for libusb cflags... checking

Hi.., is there a function in R to fit bivariate splines ? I came across 'polymars' (POLSPLINE) and 'mars' (mda) packages. Are these the one to use or are there other specific commands? Thanks. Harsh

Good day, I have gone through a couple of the HOWTO''s on how to get this to work, but I am still sitting with a very strange (for me) issue. If two clients connect via OpenVPN (bridged), they can access each other without any problems, but neither of them can access the server, nor any system behind it. I am fairly sure it is a Shorewall issue, but I am very new to Shorewall, having

Hi everyone, I have a licencing question : do one need to buy CAL for every user in a Samba4 domain when there is a Windows Server as a domain member, knowing that the Windows server will be accessed using SMB by Windows workstations? As per http://www.samba.org/samba/docs/using_samba/ch01.html and many other web sites, one of the main advantage of samba is that no user CALs are required. And I

Dear R-users >prob <- c(0.5,0.4,0.3,0.1,0.0) >cal <- prob * log(prob,base=2) >cal [1] -0.5000000 -0.5287712 -0.5210897 -0.3321928 NaN Is there any way to change NaN to zero ? I did come up with this by applying Ripley's relpy to my previous question cal <-prob*log(pmax(prob,0.00000001),base=2) Any suggestion ? Thank you Taka

Hi, Using 4.4.23.2 on a single host. A host x.x.x.x is sending traffic although it blacklisted and blocked rules rules: DROP net:x.x.x.x/21 $FW - - - DROP net:x.x.x.x/22 $FW - - - DROP $FW net:x.x.x.x/21 - - - DROP $FW net:x.x.x.x/22 - - -

Tom, I am NOT subscribed (yet). I dropped SuSeFirewall2 in favor of shorewall to get past the configuration hurdles I as experiencing. At the moment, when my SuSe 9.1 starts up, I can see shorewall processing the rules, policies, etc. and I see no errors and then moves on with the rest of the SuSe boot process . However, no traffic passes through using the rules. I run an iptables -L and I