Displaying 20 results from an estimated 30000 matches similar to: "NFS config problem"
2002 Dec 22
2
maclist option -> sorry good ver.
Setting up MAC Verification on eth0...
Error: Interface eth0 must be up before Shorewall can start
my :
/etc/shorewall/shorewall.conf:
MACLIST_DISPOSITION=REJECT
MACLIST_LOG_LEVEL=info
interfaces:
#ZONE INTERFACE BROADCAST OPTIONS
net ppp0 217.96.90.242 noping
loc eth0 255.255.255.0 routestopped,maclistmaclist:
maclist:
#INTERFACE MAC IP
2006 Sep 05
5
two-interfaces problem
When I install the two-interfaces files in /etc/shorewall on my FC-5 system
(with shorewall-3.2.3) and run "services shorewall restart" I get
------------------------------------------------------
cp -a interfaces masq policy routestopped rules zones /etc/shorewall/
...
[root@alfred shorewall]# service shorewall restart
...
Determining Zones...
ERROR: Zone fw is defined more than once
2003 Oct 22
2
help seeing DMZ from LOC
I have a three interface network (net,loc,dmz).
The internet interface (eth0) has a static IP.
Windows machine in the local network (eth1) use DHCP to get IPs from
the 192.168.10.0/24 netblock.
The Debian machine in the DMZ (eth2) gets a fixed IP through DHCP in
the 192.168.11.0/24 netblock.
The DHCP server is running on the firewall machine (not ideal, I know,
but that''s the way
2004 Sep 22
3
Strange DNAT problems with shorewall 1.4.8
I''ve had some issues with my network, and I''ve had to reconfigure my
Gibraltar CD. It runs shorewall 1.4.8, and I have a 2-interface setup, so
I downloaded the relevant files from the install page.
Masq and such works, but I''m having a problem with my port forwarding. It
works for port 22, but it doesn''t seem to work for any other port.
I''ve turned
2004 Sep 03
2
problem with a router machine
Hello everyone:
I have a problem with the shorewall configuration. Let''s me tell you. I have
installed shorewall 2.0.4 into a machine with 2.6.8 kernel. This machine
works like a software-router: it has 2 netcard
eth0 goes to the local network 192.168.0.0/24
eth1 is an interface for ppp0 (there is an ADSL conected)
I have defined the Network Zones (net, loc);
The Network Interfaces
2002 Aug 22
3
Questions about NAT and MASQ and more
Hello,
I''m working on a Shorewall-1.2 setup on a _remote_ debian (woody)
firewall with several live web and mail servers behind it. I know doing
this remotely is a *really* bad idea, and I''d rather not be in this
situation, but so it goes... Worst case scenario, I lock myself out and
have to drive an hour to get physical access to the machine and restore
service. Anyhow,
2002 May 14
4
Redirect loc::80 to fw::3128 not work
The rule:
ACCEPT loc $FW::3128 tcp www
doesn''t work propertly, the http access does not redirect
to squid but directly exit.
what''s wrong?
Thanks
-------
Dario Lesca (d.lesca@ivrea.osra.it)
--------------------------------------
@@@@@@@ this is my shorewall-1.2.13 config:
#[/etc/shorewall/common.def]-----------------------------------------------
2005 May 29
17
Plans for 2.4.0
Hi folks,
Has anyone tested the changes to multiple ISPs/load balancing or
routestopped in 2.4.0-RC1 yet? We need to talk about what criteria we
will use for determining whether 2.4.0 is ready for release.
I''ve started configuring a firewall at work with the multiple ISPs
support, but its kernel doesn''t have connection marking support, so it''s
going to be a couple of
2011 Jun 21
2
Re: [Fwd: Re: routestopped 4.2 to 4.4]
Le mardi 21 juin 2011 15:32, Tom Eastep a écrit :
> -------- Forwarded Message --------
> From: Tom Eastep <teastep@shorewall.net>
> Reply-to: Shorewall Users <shorewall-users@lists.sourceforge.net>
> To: Shorewall Users <shorewall-users@lists.sourceforge.net>
> Subject: Re: [Shorewall-users] routestopped 4.2 to 4.4
> Date: Mon, 20 Jun 2011 13:37:02 -0700
>
2005 Mar 15
5
unable to filter or log vpn traffic
hi all,
i have a classic net topology with two local zone, a firewall/router
with dsl connection
loc1 (192.168.11.0/24)
----- fw ----- net
loc2 (192.168.12.0/24)
now on the local zone 1 (on a WinXP machine) i have installed
OpenVPN 2.x to make a test connection with a company.
OpenVPN is configured as client to use tun on udp
port 10000 with ip 10.0.0.2, on the other
2002 Mar 07
4
port forwarding not working!
Ok, I hate to be the newbie posting a dumb question, but I can''t get port forwarding to work...
in interfaces I have:
net eth0 detect dhcp
loc eth1 192.168.1.255 routestopped
in rules I have:
#
# Forward FTP connections to 2021 to 192.168.1.3
#
ACCEPT net loc:192.168.1.3 tcp 2021 21
So, the end result should be that
2005 Jan 21
5
Cannot restart shorewall
Hi Tom and other gurus,
I modified SHOREWALL (version 2.0.15) for bridging and I cannot restart it.
I got the following error
...
Processing /etc/shorewall/policy...
Policy ACCEPT for fw to net using chain fw2net
Policy REJECT for fw to loc using chain all2all
Policy DROP for net to fw using chain net2all
Policy ACCEPT for loc to fw using chain loc2fw
Policy ACCEPT for loc to net
2005 Feb 23
13
Snort and Shorewall
Hello
I am looking for a way to have snort to dynamically update my shorewall config.
I have seen software out there but I would like to see if anyone had tried this
first.
Aslo I would like to know if there is a way clear the Netfilter tables when I do
a shorewall restart. The reason being is that when I make a change to my
firewall setting I want all connections to have to re-establish
2005 Apr 19
14
allow ssh access from net to fw?
Hi,
I''m trying to enable ssh (when that works, want to add:pop3s,smtp,web) from
the internet to the firewall but it does not work.
I managed to DNAT ftp to a host in the loc network (192.168.0.50) successful
but I don''t know why SSH:
Does not work for me:
ACCEPT net fw tcp 22
Works from the loc network:
ACCEPT loc fw tcp 22
I have tried also with (no success):
AllowSSH
2004 Oct 11
5
Intermittant Samba glitch
Hi there,
Let me just start by saying that I am a bit of a Linux newbie, but that Shorewall seems an excellant product. The issue I''m reporting wont stop me from using it, it still does 99% of what I need.
Anyway, I have a resonably simple two interface system. My server (HatMannz, P3-900MHz with a RAID-1 array of 80GB IDE drives running Red Hat 9.0) connects to a cable modem via eth1
2003 Apr 17
9
VPN Tunnel
Hi Tom,
I nearly completed the test and installation related to
http://www.shorewall.net/PPTP.htm.
However, there is no serious problem when it is operated as it is in the
general companies, but there is Client Program for MS-Window that is
operated only by Public IP. So I am very concerned about it.
I would like to use Internet through Gateway in (B) as local
computers in (A) receive Public
2002 May 14
3
[Shorewall-users] Redirect loc::80 to fw::3128 not work (fwd)
I''m beginning to believe that the use of the last column in the rules file
to designate redirection/forwarding is too subtle for many users. For 1.3,
I think I''ll do something like the following:
Current rule:
ACCEPT net loc:192.168.1.3 tcp 80 - all
New rule:
FORWARD net loc:192.168.1.3 tcp 80
Current rule:
ACCEPT net fw::3128 tcp 80 - all
New rule:
REDIRECT net
2003 Jan 21
14
Emule + Shorewall
Hi,
I''ve installed Emule (p2p program) on my client box but I can''t access
the servers due to the firewall.
I''m getting this blocking errors:
Jan 22 01:26:07 servidor kernel: Shorewall:net2all:DROP:IN=eth1 OUT=eth0
SRC=213.22.49.86 DST=192.168.0.3 LEN=60 TOS=0x00 PREC=0x00 TTL=57
ID=50538 DF PROTO=TCP SPT=46408 DPT=4662 WINDOW=5840 RES=0x00 SYN URGP=0
My rules file
2002 Oct 18
3
Potential serious problem with Shorewall.
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig05F2F5838E1DC28DCA5557B7
Content-Type: multipart/mixed;
boundary="------------040200040609050204020409"
This is a multi-part message in MIME format.
--------------040200040609050204020409
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Hi,
Using Mandrake 9.0 and
2004 Sep 20
2
After upgrade people can no longer connect
Hello Tom,
I''ve been using Shorewall for years without problems. My previous version of
shorewall was 1.4.6b-1. Everything worked just fine. Today I upgraded using
rpm to 2.0.8-1. After update no one can connect to any interface from net.
Server can connect to outside world fine and those described in routestopped
have no problem connecting. Any help correcting this problem would be