similar to: Access to internet execpt some subnets

Hi, I have a setup that consist of 2 firewalls connected over dialup and PPP. Each side of the ppp are protected by shorewall. One side of the PPP masquerades everything not addressed to the local network to its eth0 (the net). fw1 <---- ppp (dialup) -----> fw0 <----- NET When making an http request to a site on the Internet from the machine not directly connected to the net (fw1), the

This is a minor release of Shorewall. In this release: 1. A "shorewall try" command has been added. This command attempts to restart Shorewall using an alternate configuration and if that attempt fails, Shorewall is automatically started with the default configuration. This is useful for remote administration where a failed restart of Shorewall can leave you isolated from

Hola and thanks for any help in advance I installed mandrake 9 a few days ago and wanted to set up some additional rules to shorewall, bu i failed :) What i want to do is basicly route any incomming udp and tcp packets on port 4665 to a workstation behind the router. router with mandrake 9, eth0 (192.168.0.1) internal net, eth1(10.0.0.0) connected to dsl modem and gets a dynamic ip

I just added 802.1Q VLAN support to redhat initscripts. And after support was ready, I tried to restart shorewall. Well it blew into pieces. Seems like shorewall can''t handle device names like: eth0.3 very properly. That''s default naming of vlan devices. eth1 is master device and 3 is id of my test vlan. So when I added to interfaces line: home eth0.3 detect seems like

Does anyone have any information or recommendations for ADSL PCI Cards for Linux boxes? E.g. which ones are supported? How much are they? etc. Dirk -- Please Note: Some Quantum Physics Theories Suggest That When the Consumer Is Not Directly Observing This Product, It May Cease to Exist or Will Exist Only in a Vague and Undetermined State.

Tom, I was upgrading a remote firewall, when upon restart, shorewall found a rule with a wrong zone and decided to not continue and stop itself. The problem now, is I cannot access that firewall over ssh anymore. One suggestion would be to instead of "shorewall stop" to have a basic emergency rule with only ACCEPT:info all all tcp ssh rule instead with DROP all policy. Shorewall could

I have a Windows application that I would like to have running on Linux as it is my platform of choice. This application is a proprietary Visual Basic program. It's name is crisscross real-estate. Using the latest codeweavers-wine I was able to install it on a pre-install windows directory layout and the application is behaving very well except that in at one point in the program I get an

Hi, I have a dynamic network (ospf) connecting different locations over frame relay (wan). Each location frame relay access device is actually a linux box running shorewall,zebra with a sangoma card. As a backup I have added to some locations a DSL line which serves as a gateway to the Internet but also over which I have created VPNs to connect those locations using OpenVPN as a backup.

I set up an ipsec/racoon vpn tunnel test environment. The gateway machines are 192.168.0.30 and 192.168.0.31 on the external adaptor and 10.0.1.1 and 10.0.2.1 internally. The test workstations are 10.0.1.10 and 10.0.2.10. The tunnel seems to be working as in 10.0.1.10 can talk to 10.0.2.10 an vice versa and they can both use the net via NAT, however 192.168.0.30 and 192.168.0.31 cannot directly

Hi @ll , the first file is now translated to German find it here http://www.robowarp.de/smb/trans/net.8.html thx for his work to Mr Stefan G. Weichinger mailto robowarp@gmx.de if you want to be a part of the Translation Team you can view other files translation progress and the readme beyond http://www.robowarp.de/smb/trans/ Best Regards Robert R?gner Hallo, die erste Datei der Samba Doku wurde

Samba DM config below. Directories with setgid: $ll /home4/group total 32 drwxrws--- 7 NIS\nisadmin NIS\audio 4096 Jul 24 14:14 audio drwxrwx--- 2 NIS\nisadmin NIS\dok-sprava 4096 Jul 21 09:23 dok-sprava drwxrwx--- 2 NIS\nisadmin NIS\poj 4096 Jul 23 08:38 poj drwxrwx--- 2 NIS\nisadmin NIS\projekty 4096 Jul 23 09:14 projekty When user creates file/dir directly on linux, the

To all, I have a firewall with 3 NICS. eth0 connects to the Internet eth1 connects to a wired lan eth2 connects to a wireless lan In my rules, I would like to create a zone loc which encompassed eth1 and eth2 and create 2 sub-zones: lan for eth1 and wlan for eth2. Because I only want to open what I need on that firewall and because that firewall is also used for different services (I know

Goodday, First my network layout: dsl router (10.0.0.99) | server (eth0 10.0.0.1, eth1 10.0.1.10) | 3 times windows machine (10.0.1.2, 10.0.1.3, 10.0.1.4) (all with proxy settings 10.0.1.10:8080) Now on the server is mandrake 10 installed with shorewall as firewall. And a apache webserver (and no ftp server). When i turned internet sharing on it started squid which added a line in the

Good day folks, I'm using Samba 2.2.8a [1] on Slackware 9.1 with 2000/XP clients. I'm attempting to have a process by which a user drags a file using Windows Explorer into a share. On the server side, I have a unix process that polls the directory for new files and then reads them and deletes them. I'm having a problem where I can gain the lock but the process is still writing to

I am thinking about a change to our company's phone "layout" and would like to get comments from people who have done something similar. Currently, we have 3 locations - each with their own Asterisk PBX. The corporate office has a PRI. Each remote location has a SIP provider for 5 channels of SIP going to their own PBX. Interoffice calls use the PSTN. Most inbound calls come to

hello, i'm having a wierd problem with 0.31 tftpd-hpa. i'm using xinetd, with this config: service tftp { disable = no socket_type = dgram wait = yes user = root log_on_failure += USERID bind = 10.13.0.254 server = /usr/sbin/in.tftpd

--=-97YF284NV6yShaPqFwb/ Content-Type: text/plain Content-Transfer-Encoding: 7bit I have to say Shorewall is the closest in my mind to a perfect iptables firewall generation script. Thanks Tom for a great product. 2 things that could make it even better in my mind: - instead of using service acronym (don''t know how to call it differently) for rules, it would be great to be able to

I setup some IPSEC between 2 networks. From 1 network I can ping the other networks local connection but not anything beyond that. Network A - 10.0.1.1 (loc) 23.23.23.23 (net) Network B - 10.0.2.1 (loc) 44.44.44.44 (net) I''m on local machine 10.0.1.10 on network A, I can ping 10.0.2.1 but I cannot ping a machine on that network ex. 10.0.2.200. I was thinking it probally has to do

Greetings. I have problem with password expiration problem i cannot handle myself, so i wrote in this list. Recently i discovered that a newly created samba account has already expired password. smbldap-useradd -a -d /home/tommy -G education -s /bin/bash -M tommy -c "Tommy T." tommy smbldap-passwd tommy getent shadow user:*:::::::0 user2:*:::::::0 user3:*:::365::::0

Hi folks, I''m having trouble getting gems to install rails. It just keeps asking me which version of thin I want to install. Until I choose skip or cancel, in which case I''m told that something has gone wrong. Any advice? Thanks kindly, Tommy PS: Gems is 0.94. --------------------------------------------------------------------- tommy@tommy-laptop:~/www/blog$ sudo gem