Displaying 20 results from an estimated 6000 matches similar to: "Access to internet execpt some subnets"
2003 Jan 24
6
icmp: w.x.y.z unreachable need to defrag (mtu 296)
Hi,
I have a setup that consist of 2 firewalls connected over dialup and
PPP. Each side of the ppp are protected by shorewall. One side of the
PPP masquerades everything not addressed to the local network to its
eth0 (the net).
fw1 <---- ppp (dialup) -----> fw0 <----- NET
When making an http request to a site on the Internet from the machine
not directly connected to the net (fw1), the
2002 Mar 20
3
Shorewall 1.2.10
This is a minor release of Shorewall.
In this release:
1. A "shorewall try" command has been added. This command attempts to
restart Shorewall using an alternate configuration and if that
attempt fails, Shorewall is automatically started with the default
configuration. This is useful for remote administration where a
failed restart of Shorewall can leave you isolated from
2003 Jan 08
14
prerouting newbie question/mistake :)
Hola and thanks for any help in advance
I installed mandrake 9 a few days ago and wanted to set up some
additional rules to shorewall, bu i failed :)
What i want to do is basicly route any incomming udp and tcp packets on
port 4665 to a workstation behind the router.
router with mandrake 9, eth0 (192.168.0.1) internal net, eth1(10.0.0.0)
connected to dsl modem and gets a dynamic ip
2003 Jan 26
7
Bug in shorewall
I just added 802.1Q VLAN support to redhat initscripts. And after
support was ready, I tried to restart shorewall. Well it blew into
pieces. Seems like shorewall can''t handle device names like:
eth0.3 very properly. That''s default naming of vlan devices. eth1 is
master device and 3 is id of my test vlan.
So when I added to interfaces line:
home eth0.3 detect
seems like
2003 Jan 06
3
ADSL PCI cards
Does anyone have any information or recommendations for ADSL PCI Cards
for Linux boxes? E.g. which ones are supported? How much are they? etc.
Dirk
--
Please Note: Some Quantum Physics Theories Suggest That When the
Consumer Is Not Directly Observing This Product, It May Cease to
Exist or Will Exist Only in a Vague and Undetermined State.
2003 Jan 29
5
A suggestion
Tom,
I was upgrading a remote firewall, when upon restart, shorewall found a
rule with a wrong zone and decided to not continue and stop itself.
The problem now, is I cannot access that firewall over ssh anymore. One
suggestion would be to instead of "shorewall stop" to have a basic
emergency rule with only ACCEPT:info all all tcp ssh rule instead with
DROP all policy. Shorewall could
2002 Jun 15
2
Invalid property value
I have a Windows application that I would like to have running on Linux
as it is my platform of choice. This application is a proprietary Visual
Basic program. It's name is crisscross real-estate. Using the latest
codeweavers-wine I was able to install it on a pre-install windows
directory layout and the application is behaving very well except that
in at one point in the program I get an
2003 Dec 18
2
newnotsys
Hi,
I have a dynamic network (ospf) connecting different locations over
frame relay (wan). Each location frame relay access device is actually a
linux box running shorewall,zebra with a sangoma card.
As a backup I have added to some locations a DSL line which serves as a
gateway to the Internet but also over which I have created VPNs to
connect those locations using OpenVPN as a backup.
2004 Sep 22
3
2.6 kernel ipsec and shorewall
I set up an ipsec/racoon vpn tunnel test environment. The gateway machines
are 192.168.0.30 and 192.168.0.31 on the external adaptor and 10.0.1.1 and
10.0.2.1 internally. The test workstations are 10.0.1.10 and 10.0.2.10.
The tunnel seems to be working as in 10.0.1.10 can talk to 10.0.2.10 an vice
versa and they can both use the net via NAT, however 192.168.0.30 and
192.168.0.31 cannot directly
2003 Nov 10
2
Samba Translation Dok to German, first file, deutsche Übersetzung Der Samba Doku erste Datei
Hi @ll ,
the first file is now translated to German
find it here
http://www.robowarp.de/smb/trans/net.8.html
thx for his work to Mr Stefan G. Weichinger
mailto robowarp@gmx.de if you want to be a part of the Translation Team
you can view other files translation progress and the readme beyond
http://www.robowarp.de/smb/trans/
Best Regards
Robert R?gner
Hallo,
die erste Datei der Samba Doku wurde
2018 Jul 24
5
Force set group id on samba domain member
Samba DM config below.
Directories with setgid:
$ll /home4/group
total 32
drwxrws--- 7 NIS\nisadmin NIS\audio 4096 Jul 24 14:14 audio
drwxrwx--- 2 NIS\nisadmin NIS\dok-sprava 4096 Jul 21 09:23 dok-sprava
drwxrwx--- 2 NIS\nisadmin NIS\poj 4096 Jul 23 08:38 poj
drwxrwx--- 2 NIS\nisadmin NIS\projekty 4096 Jul 23 09:14 projekty
When user creates file/dir directly on linux, the
2002 Aug 30
1
3 NICS config
To all,
I have a firewall with 3 NICS.
eth0 connects to the Internet
eth1 connects to a wired lan
eth2 connects to a wireless lan
In my rules, I would like to create a zone loc which encompassed eth1
and eth2 and create 2 sub-zones: lan for eth1 and wlan for eth2.
Because I only want to open what I need on that firewall and because
that firewall is also used for different services (I know
2005 Mar 26
11
Do i need a proxy??
Goodday,
First my network layout:
dsl router (10.0.0.99)
|
server (eth0 10.0.0.1, eth1 10.0.1.10)
|
3 times windows machine (10.0.1.2, 10.0.1.3, 10.0.1.4)
(all with proxy settings 10.0.1.10:8080)
Now on the server is mandrake 10 installed with shorewall as firewall.
And a apache webserver (and no ftp server).
When i turned internet sharing on it started squid which added a line in the
2004 Jul 19
2
locks cooperating with a server side process
Good day folks,
I'm using Samba 2.2.8a [1] on Slackware 9.1 with 2000/XP clients.
I'm attempting to have a process by which a user drags a file using
Windows Explorer into a share. On the server side, I have a unix
process that polls the directory for new files and then reads them and
deletes them.
I'm having a problem where I can gain the lock but the process is
still writing to
2008 Aug 11
1
Phone system layout suggestions
I am thinking about a change to our company's phone "layout" and would like
to get comments from people who have done something similar.
Currently, we have 3 locations - each with their own Asterisk PBX. The
corporate office has a PRI. Each remote location has a SIP provider for
5 channels of SIP going to their own PBX. Interoffice calls use the PSTN.
Most inbound calls come to
2002 Oct 29
2
wierd problem concerning directory, symlinks, chroot
hello,
i'm having a wierd problem with 0.31 tftpd-hpa.
i'm using xinetd, with this config:
service tftp
{
disable = no
socket_type = dgram
wait = yes
user = root
log_on_failure += USERID
bind = 10.13.0.254
server = /usr/sbin/in.tftpd
2002 Jan 19
1
Another feature request
--=-97YF284NV6yShaPqFwb/
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
I have to say Shorewall is the closest in my mind to a perfect iptables
firewall generation script. Thanks Tom for a great product.
2 things that could make it even better in my mind:
- instead of using service acronym (don''t know how to call it
differently) for rules, it would be great to be able to
2004 Dec 10
2
Shorewall and IPSEC
I setup some IPSEC between 2 networks. From 1 network I can ping the other
networks local connection but not anything beyond that.
Network A - 10.0.1.1 (loc) 23.23.23.23 (net)
Network B - 10.0.2.1 (loc) 44.44.44.44 (net)
I''m on local machine 10.0.1.10 on network A, I can ping 10.0.2.1 but I
cannot ping a machine on that network ex. 10.0.2.200.
I was thinking it probally has to do
2009 Nov 26
1
password expiration problem
Greetings. I have problem with password expiration problem i cannot
handle myself, so i wrote in this list.
Recently i discovered that a newly created samba account has already
expired password.
smbldap-useradd -a -d /home/tommy -G education -s /bin/bash -M tommy -c
"Tommy T." tommy
smbldap-passwd tommy
getent shadow
user:*:::::::0
user2:*:::::::0
user3:*:::365::::0
2009 Aug 14
7
"sudo gem install rails" not able to install thin dependency
Hi folks,
I''m having trouble getting gems to install rails. It just keeps asking
me which version of thin I want to install. Until I choose skip or
cancel, in which case I''m told that something has gone wrong.
Any advice?
Thanks kindly,
Tommy
PS: Gems is 0.94.
---------------------------------------------------------------------
tommy@tommy-laptop:~/www/blog$ sudo gem