similar to: Forcing ISP ARP cache to refresh immediately

Displaying 20 results from an estimated 1000 matches similar to: "Forcing ISP ARP cache to refresh immediately"

2003 Jan 13
5
Using private & public addresses together i n the Shorewall''s DMZ zone
To rephrase the question, "Can I use masquerading and proxy ARP in the same zone simultaneously?" It''s not a stupid question--I couldn''t see any reason why it wouldn''t work, but I had actually try it out to convince myself that it did (which isn''t a bad thing to do before posting the question to the list, by the way). In any case, the answer is
2003 Jan 14
1
Two web servers on DMZ zone with private ad dresses. How to?
That log message looks like someone (or some program) is trying to browse to moreover.com from your web server machine--it''s not a reply to an external request. You''d see messages like that if you were running some sort of HTTP proxy server (like Squid) on that box (although they''d likely be to multiple IPs, unless your users only browsed to p.moreover.com). It could
2003 Jan 06
5
SMTP traffic gets blocked
Hi, I am trying to configure the SMTP service on DMZ host. Added the rule: ACCEPT wan dmz:66.58.99.84 tcp pop3 - ACCEPT wan dmz:66.58.99.84 tcp 25 - ACCEPT dmz:66.58.99.84 wan tcp 25 - ACCEPT dmz:66.58.99.84 wan tcp pop3 - issued shorewall clear, shorewall restart, but still couldn''t telnet to the mail server
2003 Jan 10
5
Shorewall site search is now available agai n
Hmm--either the indexing process is still running, or it''s broken again. It''s 0443 GMT, and I can''t get the search engine to find anything on the mailing list or the web site (I used ''dns'' as my search term). It''s not that big of an inconvenience, though--Googling for ''site:shorewall.net dns'' does pretty much the same thing.
2003 Jan 09
19
New on the Web Site
While I''m in temporary retirement, I''ve decided spend a little time experimenting with new things and making some updates to the web site. The biggest result of this effort to date has been: http://shorewall.sf.net/Shorewall_Squid_Usage.html This outlines how to use Squid as a transparent proxy running on the firewall, in the DMZ or in the local network. In the latter two
2003 Jan 14
1
Two web servers on DMZ zone with private addresses. How to?
Two quick questions to the group: Anyone seen this before: Jan 14 02:55:45 gw1 kernel: Shorewall:all2all:REJECT:IN=eth1 OUT=eth0 SRC=66.58.99.83 DST=170.224.8.51 LEN=52 TOS=0x00 PREC=0x00 TTL=63 ID=38676 DF PROTO=TCP SPT=1735 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 I mean my web server is trying to replay to some external host 170.224.8.51 (p.moreover.com) for some reason. What could be? It
2003 Jan 06
0
FW: SMTP traffic gets blocked
Anyone, willing to take a lead on this one, since Tom is taking a rest: " I am hosting all servers by myself. I have five static IP addreses with a DSL line. My DSL router from the ISP provider is configured as bridge, so no traffic is filtered. I checked the logs and getting: Jan 5 23:05:12 gw1 kernel: Shorewall:all2all:REJECT:IN= OUT=eth0 SRC=66.58.99.86 DST=216.35.73.164 LEN=68
2005 Jan 04
0
RE: Outlook Web Access behindshorewallfirewalldoesn''t work
Thanks Bradley, Yes, it works fine inside the firewall. And otherwise there is no proxy server. Its just the MS Small Business Server behind the firewall. Let me remove port 80 just to see what happens... bk -----Original Message----- From: shorewall-users-bounces@lists.shorewall.net [mailto:shorewall-users-bounces@lists.shorewall.net] On Behalf Of Bradey Honsinger Sent: January 3, 2005
2003 Jan 08
0
Is this an exploit of some sort?
Those are just late DNS replies--port 53 is DNS, and the IP you gave points to a DNS server (ns1.gci.net). "dig -x" is your friend :) The connection tracking table used by iptables to masquerade your internal network will only "hold open" a UDP connection for a certain amount of time; if no traffic flows in either direction, the entry in the connection tracking table will be
2003 Jan 06
1
SMTP problem
Can someone help me with this problem: My host on the DMZ is inaccessible from the WAN on port 25. I tried to telnet but getting: $ telnet 66.58.99.84 25 Trying 66.58.99.84... telnet: Unable to connect to remote host: No route to host My shorewall/proxyarp is: #address interface external haveroute 66.58.99.82 eth1 eth0 No 66.58.99.84 eth1
2005 Jun 14
0
ARP, EAP, and Wireless Security
I am attempting to discern the efficacy of controlling or filtering ARP (gateway/client) to mitigate unauthorized connections to wifi networks. As such, I am aware that EAP was originally devised to allow for: " the negotiation of an authentication protocol for authenticating its peers BEFORE allowing network layer protocols to transmit over the link" (RFC2284) However, this
2003 Jan 15
5
HTB. QoS and Shorewall
Group, I am reading about tc (traffic control) and willing to get my feet wet. As requirement, there should be HTB compiled in the kernel. I grabbed a Mandrake 8.2 distro, and didn''t installed the kernel source. Anyone knows if the HTB is compiled in Mandrake 8.2, or point a way to find that out? I tried to read the /usr/src/kernel.xxxxx/.config file, but it doesn''t exists.
2005 Jan 04
0
RE: Outlook Web Access behind shorewallfirewalldoesn''t work
Tom Eastep wrote: > On Mon, 2005-01-03 at 15:22 -0800, Boyd Kelly (Coast Systems) wrote: > > Thanks for such a quick reply Tom! > > > > Any suggestions then as to what I might do other than > putting a second > > nic in the SBS and opening it up for web access? I don''t > like the idea, > > but since MS SBS includes fireall that is actually what
2013 Mar 13
3
Race condition in sending gratuitous ARP for live migration ?
Hi, So, the issue is a fairly common one: Network doesn''t work for like a minute or so after a live migration. The setup is a debian wheezy dom0 with xen 4.1.2 running 3.6.11 kernel. The domU is a Ubuntu 12.04 with a 3.2 kernel. The networking setup uses bridges on the dom0. I also made sure that the bridge forwarding delay is set to 0. The VM doesn''t initiate any network
2017 Jun 05
3
[Bug 1155] New: arp forward filter doesn't work
https://bugzilla.netfilter.org/show_bug.cgi?id=1155 Bug ID: 1155 Summary: arp forward filter doesn't work Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: normal Priority: P5 Component: kernel Assignee: pablo at netfilter.org
2004 Aug 27
3
Proxy Arp Ip Conflicts
I must have something configured wrong somewhere. I''ve enabled proxy-arp on my shorewall 2.0.7 firewall. Works fine for what its supposed to do, I can see all the machines through it great. However, whenever its enabled, the network on the DMZ goes screwy. I''ve narrowed it down to this: when proxy arp is enabled for that interface, like such: echo 1 >
2008 Mar 31
3
arp who-has packets not seen in Dom0 even by tcpdump
Hi all, I''m running Xen-3.2 and linux-image-2.6.18 as Dom0 kernel on a VT-x processor. The problem is that broadcast arp who-has packets are not seen in Dom0 kernel. I''ve tried both precompiled debian kernel and compiled latest one from sources as described at http://lists.xensource.com/archives/html/xen-users/2008-01/msg00699.html There is no linux bridge invoked,
2003 Jan 21
4
Two diferent LAN''s...
Hi, I''ve got a question about how to configure the shorewall, and maybe someone could answer. I have a PC with 3 ethernet. The eth0 connets to internet. The eth1 connects to LAN A, and the eth2 connects to LAN B. I''ve configured the shorewall for doing NAT, and both LANs can navigate, but it seems that from a LAN A host you can connect to a PC of LAN B, and the other way
2007 May 30
4
Proxy ARP with a Coyote Point equalizer
Here is a puzzle. I have a network with several servers. It''s a mess. It''s a /24 and pieces and servers are all over the place inside this /24 block, on both sides of the firewall. For example, the router at 1.2.3.1 is outside the firewall and many of the servers at 1.2.3.nnn/24 are behind the firewall. (Obviously, 1.2.3.nnn is a fudged network.) eth0 points outward to
2006 Jun 13
1
arping between two xen0 works, ping doesn''t (not checksum issue)
I have two Xen 3.0.2 domains, both are using network-bridge, both servers are in the same network. dom0_A, domU_A - first Xen server (dom0 and domU) dom0_B, domU_B - first Xen server (dom0 and domU) I cannot ping or connect from one dom0_A to dom0_B nor domU_B. arping works fine though. I can ping and connect from domU_A to dom0_B and domU_B, though. I have changed