similar to: couple of questions

Displaying 20 results from an estimated 11000 matches similar to: "couple of questions"

2003 Dec 24
3
XML Conversion
I''m working on shorewall_setup_guide.htm -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
2003 Jan 22
5
Proxy arp and pptp
Hi all! I''ve set up a Linux box with shorewall doing proxy arp as per http://www.shorewall.net/shorewall_setup_guide.htm#ProxyARP the 5.2 (non routed) example. Everything is working great except for one thing, and that leads me to my question: is there a conflict between proxy arp and pptp? I''ve set the apropriate ACCEPT rules to allow tcp port 1723 and protocol 47 to the host
2003 Jan 13
4
DMZ hosts gateway
Hi everyone, I have a question regarding the default gateway for hosts on DMZ zone. I moved servers from parallel to the DMZ (outside the firewall, directly connected to I-net) to inside DMZ. The default gw for these servers was the DSL router(bridge) of my ISP. What should be the default gw (for the hosts inside the DMZ), when hosts are inside the DMZ now - still the DSL router (external
2004 Aug 22
6
LAN to DMZ zone issues.
Hello all, Name is Andrew and in desperate need of some info. Setup: - Mandrake 9.1 with three interfaces (eth0 --> WAN) C-class /28 network (with tree virtual addresses which I am DNAT-ing to the DMZ) (eth1 --> LAN) A-class 10.0.0.0/8 (eth2 --> DMZ) A-class subnet 10.1.123.0/24 - Running stock Shorewall ver: shorewall-1.3.14-3.1.91mdk Dilemma: - LAN can not access the DMZ zone
2003 May 28
4
routing thru shorewall
Hi, On my network, I use real IP numbers for all of my hosts. They all get nat''d at the gateway. I use real IPs because sometimes someone needs to connect directly to a host behind the firewall. With my old firewall, I had a trusted-hosts file with trusted host IP numbers in it. My hosts talking to external trusted hosts would not have their IPs nat''d instead they were
2002 Nov 20
8
Proxy ARP
Hi all! I posted earlier about the proxy arp configuration = http://shorewall.sourceforge.net/shorewall_setup_guide.htm#NonRouted, = and was probably not sufficiently knowledgeable on the subject. I''ve = gone through a bunch of documents on proxy arp, subnetting with proxy = arp and the documentation at shorewall, and have come up with a setup = that would be perfect for the job at hand
2010 Mar 19
1
snat
Hi, I have two public ip''s and i want to dedicate one ip for incoming and outgoing to one server. I followed http://www.shorewall.net/shorewall_setup_guide.htm and used the example of the daughter system. I have a machine connected on vmbr0 with address 10.10.10.1 listening on port 80 www. Still I can''t connect to this system. I''m forgetting something? Sincerely,
2004 Dec 21
3
FTP server not on port 21 problems - I do have read the FAQ
Hi! I use standard Bering 2.2.2. I am trying to get my FTP-server to work with another portnumber than 21 (On port 21 all works great, but I´m really interested in running two FTP-servers, so I want to figure this one out first). Read the FAQ: http://www.shorewall.net/FTP.html and now I got this setup: In Rules: DNAT net loc:192.168.3.2 tcp 99 In Shorewalls modules.conf (tried
2004 Nov 21
0
script to shape outbound passive/active ftp traffic
Hi, I just wanted to share my script with the list. I have been trying to shape outbound passive and active ftp traffic without affecting inbound and lan transfers. I have tried to do this for a long time and it seems that I have finally figured it out. Feel free to comment on the below script if there is anything that can be improved. It seems to work flawlessly so far. #!/bin/bash
2004 Aug 08
1
shaping ftp traffic
I am trying to mark outbound passive ftp traffic with iptables and shape it to 35KBytes. I am using the following script on the computer that runs the ftp server. It is not working correctly, it seems to limit ALL traffic. Cant file share or anything. Anyone might know what is wrong? It seems that I might need to add a ''lan limit'' so all traffic that is not marked still
2004 Aug 05
1
marking passive ftp and shaping
I am trying to mark outbound passive ftp traffic with iptables and shape it to 35KBytes. I am using the following script on the computer that runs the ftp server. It is not working correctly, it seems to limit ALL traffic. Cant file share or anything. Anyone might know what is wrong? #!/bin/bash #shaping passive ftp traffic # mark the outbound passive ftp packets on ports 50000-51000
2005 Jan 08
2
static nat address
Hello, > My server is on Mandrake 10.1 off. > eth0 is WAN with static IP connected 512 DSL > eth1 is LAN. I need a little clarification on static nat settings in shorewall. external address - static IP internal address - ? for the internal address should I put my eth1 IP or the general subnet range. For example 192.168.0.0. I am also not sure about : Active for firewall system? yes
2004 Oct 16
2
Re: Shorewall-users Digest, Vol 23, Issue 33
i''ll need to have a virtal server, but why i can do this?
2004 Aug 26
1
Problem : 5 Public IP Address
Hi, I am having problem in getting my fw to connect to the net, I had set allow fw net in the policy. I suspect maybe shorewall having problem because I have 5 public IP alias to my fw, which is eth0, eth0:1-eth0:4. Because before I add more ip to this interface my fw able to connect to the net. How can I set one IP to be bind to this fw, or I had to change the rules from fw to fw:w.x.y.z? One
2005 Mar 07
3
PPPoE with 2 ip''s and shorewall
Hola, Can someone please point me to the right direction on how-to set up proper routing on PPPoE connection and multiple external IP''s. Thank you kindly. ~Andrew Nady.
2002 Sep 23
2
Blacklist and FTP Passive Mode - Continue
Res, I continued testing my FTP and don''t works correctly... 8( #ftp myserver.domain.com Connected myserver.domain.com 220- -=3D MYSERVER =3D- 220-You are user number 2 of 5 allowed. 220-Local time is now 16:46 and the load is 0.03. Server port: 21. 220-This is a private system - No anonymous login 220 You will be disconnected after 5 minutes of inactivity. 500 Security extensions not
2003 Feb 04
1
Totally SNAT confused :)
Hi ! I have setup a complete shorewall now with DMZ, and Private zones and masq, rules, port-forwarding etc. worx like expected. BUT I have a wish to use a couple of more public IP''s and relate those to inernal servers on the DMZ zone and i am now so confused about it. I have searched this archive for SNAT port allow Setup: 3 public adresses on the WAN nic. lets call them 80.80.80.80 -
2003 Nov 05
3
help for managemen 4 ip public
Dear, All I have 4 ip public in my router 1. For Connection to gateway 2. For gateway Wireless Lan (with ip public) 3. For DMZ 4. For Downtream ISP ------------------History I have two way for connection Internet 1 by Leased Line 128 Up/Down and 256 Down With DVB and i have client with wireless Network. I need Client wireless network can use DVB Network for connection with port 80. What can i
2003 Jan 05
2
Shorewall DMZ - Proxy ARP or Static NAT
Hi All, >From the documentation I have read on Shorewall, the preferred approach seems to be, to use Proxy ARP instead of Static NAT for hosting web servers in the DMZ Zone. But I have also read that this could cause problems for VPN configurations. I essentially have multiple public IP''s, which I want to map to private addresses in the DMZ. I also intend to setup a gateway between 2
2004 Oct 06
1
shape outbound ftp with 1 nic
Hi, I am using the following script to limit my outbound traffic. This scipt runs on a box behind my firewall. It limits my outbound passive ftp traffic to 39K perfectly....just like i want. However, i just noticed that it is also limiting uploads coming to my server. Is there something I can change to make it not limit uploads to my server? #!/bin/bash #shaping passive ftp traffic # mark the