similar to: MULTIPLE IPSEC TUNNELS

Tuomo Soini wrote: > You don''t happen to read shorewall-devel mailinglist ? I read it -- I just didn''t know what to make of your post and it arrived while I was on vacation. What exactly are you trying to accomplish that Shorewall isn''t doing for you now? e.g. /etc/shorewall/zones rw Roadwarriors Road Warriors /etc/shorewall/interfraces rw ipsec+

Hi, Problem: I want 2 vpn tunnels for 2 subnets over one interface ipsec0. Documentation only describes config for 1 vpn or road warriors. I defined 2 vpn zones ''fre'' and ''swe''. #ZONE DISPLAY COMMENTS net Net Internet zone loc Local Local fre VPN_Fre VPN Fre swe VPN_Swe VPN Swe Interface ipsec0 is tunnel over eth1. Local is eth0. ipsec0 serves 2 zones: fre

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, been awhile since I''ve written. I now have a situation where I get to use traffic shaping for a client. ~ We implemented the WonderShaper script on our own firewall and experienced no problems. I made some modifications to it to add IPSec protocol packets into the 1:10 high priority class using the u32 filter. ~ So far on our

To stress the urgency and importance of my questions, I am willing to pay $100 to the first person that can provide me with the scripts/ rules that will work in my SnapGear firewalls that will solve the problems I am having. Please see the following post: Linux QOS and prioritization of real-time data (RTP/VoIP) Thank you!

hi, I can''t get a freeswan 2.02 ipsec x509 connection at work can somebody help me? ************************************************************************************* global situation ************************************************************************************* the linux gateway (chivas) is a single machine 192.168.1.250 with a local net 192.168.1.0/24, a dyn IP via a DSL

I have just setup a VPN connection three sites using IPCOP. Everything seems to be talking ok, apart from browsing the network neighborhood. There are no NT/Win2K/XP servers running on any of the sites, all sites are just running win98 pc's using tcp/ip. I have tried configuring all PC's to be on the same workgroup and setup sharing, but still each site can only see the pc's

Hello Gurus, I am a small problem with routing and here are the details. Interfaces on my server: * ipsec0 - 172.19.58.94 * tunl0 - 172.19.58.94 * eth0 - 172.19.58.94 Now, the problem is that there is another host 172.19.58.200. All communication to 172.19.58.200 should be through tunl0, and all the data should be secured using IPSec (tunnel mode - because there are more machines on my

(Probably OT) Has anyone else noticed these flaky (new?) behaviors in Evo since the 5.2 upgrade: - REALLY slow saving messages from inbox to another folder - search capability separated by folder instead of overall (with no option for control) - failure to autocomplete email addresses for known contacts I think that's it. I was wondering if it was just me, or if others had noticed this.

Hello, I have 2 servers I'm synchronizing using rsync, I have a situation where I : 1. rsync from rnd-dev2 to rnd-dev1 2. change the rsynched file on rnd-dev1 3. rsync from rnd-dev2 to rnd-dev1 again 4. File gets overridden on rnd-dev1 over though it has newer change time then file on rnd-dev2. here is the bug(?) reproduction: [root@rnd-dev1 test_rsync]# rsync --version rsync version

Benchmark shows small performance improvement on fusion io device. Before: seq-read : io=1,024MB, bw=19,982KB/s, iops=39,964, runt= 52475msec seq-write: io=1,024MB, bw=20,321KB/s, iops=40,641, runt= 51601msec rnd-read : io=1,024MB, bw=15,404KB/s, iops=30,808, runt= 68070msec rnd-write: io=1,024MB, bw=14,776KB/s, iops=29,552, runt= 70963msec After: seq-read : io=1,024MB, bw=20,343KB/s,

Benchmark shows small performance improvement on fusion io device. Before: seq-read : io=1,024MB, bw=19,982KB/s, iops=39,964, runt= 52475msec seq-write: io=1,024MB, bw=20,321KB/s, iops=40,641, runt= 51601msec rnd-read : io=1,024MB, bw=15,404KB/s, iops=30,808, runt= 68070msec rnd-write: io=1,024MB, bw=14,776KB/s, iops=29,552, runt= 70963msec After: seq-read : io=1,024MB, bw=20,343KB/s,

Hi, I'm Sorry for any cross-posting. I've reviewed the archives and could not find an exact answer to my question below. I'm trying to generate very large sparse matrices (< 1% non-zero entries per row). I have a sparse matrix function below which works well until the row/col count exceeds 10,000. This is being run on a machine with 32G memory: sparse_matrix <-

The second Beta is now available at: http://www.shorewall.net/pub/shorewall/Beta ftp://ftp.shorewall.net/pub/shorewall/Beta Function from 1.3 that has been omitted from this version includes: 1) The ''check'' command is no longer supported. 2) The MERGE_HOSTS variable in shorewall.conf is no longer supported. Shorewall 1.4 behavior is the same as 1.3 with MERGE_HOSTS=Yes.

Hello! I am using shorewall shorewall-2.0.11-1 on fedora core2 (iptables-1.2.9-95.7). My box has 2 physical nic´s plus one virt. ipsec interface for a freeswan-vpn connection. A few days ago, portsentry spit out a lot of connections from windows clients (port 135, 445). Ooops. I review my shorewall settings but could not find a mistake. So I took a win-client and established a second

Hi, Could not conceive an working set-up for an IPSEC VPN made with racoon/setkey on which I have one address on my side acting as an SNAT router for all traffic from my network to a network segment on the far side. my network --- my gateway ---------------------- remote network 10.0.0.0/24 - 10.0.0.1 (10.253.0.2) -- tunnel - 192.168.0.0/22 All traffic starts on my side, so if I can

To anyone who can help, I have two stupid questions, and one fairly intelligent question Stupid question (1): is there an R function to calculate a factorial of a number? That is...is there a function g(.) such that g(3) = 6, g(4) = 24, g(6) = 720, etc? Stupid question (2): how do you extract the estimated covariance matrix of the random effects in an lme object? Intelligent question

Hi, still trying to understand one thing. I would definitely like to tell iptables to accept all packets coming from remote vpn only if they hit the $VIRTUALVPNINTERFACE. I tried -o ipsec0 but this is not working, looks like ipsec0 device doesn't exist or it is not recognized. I red on the Openswan users list, that Linux kernel 2.6 native ipsec don't create ipsec* interface (if I am

I noticed the long standing Ipsec FSwan problem was fixed. But do you still have to make sure Ipec is not running when shorewall starts Reason I ask Is I could not get my Dmz working with Ipsec in the equation. Thanks Mike

Hi there, We are trying to compile a 64bit version of R (2.5.1) on HP-UX (B.11.23 U ia64), but are running into some problems. This is our configure step: ../configure --prefix=/rnd/homes/lfan/R251 --enable-R-shlib CC="cc" CFLAGS="+z +DD64" CXX="aCC" CXXFLAGS="-b -lxnet +z +DD64" FC="f90" FCFLAGS="+DD64" F77="f90"

I need to restrict access to only certain parts of a web service I''m building. Instead of requiring a client to submit their user/pass with each interaction I''d like to login them in once (currently using acts_as_authenticated in the rest of the site) and not have to fuss with it again during that session. Only problem is I can''t use AAA on an ActionWebService