similar to: Forward port 8888 on firewall to internal IP port 80

I want to talk with my friend with microfon with program speak freally. He has firewall (shorewall) on his linux serwer and has other computer as a client and I have the same network connected winh internet. This program use port 2074 to communicate. We have done something like this : DNAT net local:192.168.1.6 tcp 2074 DNAT net local:192.168.1.6 udp 2074 on linux serwer with shorewall (rules

Hi! I have a Linux shorewall firewall that is the default gw of the network. I want to redirect all localy originating traffic to port 80 into another machine on port 8002 into the local network. This machine is a WIN2000 machine running a commercial software (proxy, content filtering) that only runs into Windows... :-( I tried something like this but this doesn''t seem to work: local

Still not working I really have to change 21 port on 80 port, my friend has only www and mail on his netwok. He has rigorous admin. I have done : !! in proftpd.cof : # Port 21 is the standard FTP port. Port 80 !! in /etc/shorewall/modules: loadmodule ip_conntrack_ftp ports=21,80 loadmodule ip_nat_ftp ports=21,80 AFTER THAT AND RESTARTTING PROFTP AND

Hi, thanks for a great piece of software! ...at the moment I have a commercial VPN box, which also acts as our firewall. I wish to replace this firewall functionality with a decicated Shorewall firewall, and use the VPN box only for VPN traffic. At the moment, this VPN/Firewall box is at an internet visible address, x.x.x.85 I wish to make the new Shorewall fireall x.x.x.85 and move the VPN to

Hi, I installed the shorewall 1.3.8-2 debian package to my debian testing machine which serves as the gateway to the internet. Since I have two other machine connect to internet thru this gateway machine, I also downloaded the configuration guide for "basic two-interface firewall" and followed the instructions. When I try to start the shorewall I get the following message and can not

The ''firewall'' and ''functions'' file in CVS together produce a 30%+ speedup of ''shorewall restart'' on my firewall when compared to 1.3.11a. Please test with these files -- I don''t anticipate making any more performance changes for 1.3.12 and I want to be sure that I didn''t break anything. -Tom -- Tom Eastep \ Shorewall

Rafa³ Dutko has just discovered a potentially serious bug in version 1.3.0 and 1.3.1. In both versions, where an interface option appears on multiple interfaces, the option may only be applied to the first interface on which it appears. A corrected firewall script for 1.3.1 is available at: http://www.shorewall.net/pub/shorewall/errata/1.3.1/firewall and

Shorewall 1.3.9 is available. In this release: 1. DNS Names are now allowed in Shorewall config files (I still recommend against using them however). 2. The connection SOURCE may now be qualified by both interface and IP address in a Shorewall rule. 3. Shorewall startup is now disabled after initial installation until the file /etc/shorewall/startup_disabled is removed. 4. The

The rule: ACCEPT loc $FW::3128 tcp www doesn''t work propertly, the http access does not redirect to squid but directly exit. what''s wrong? Thanks ------- Dario Lesca (d.lesca@ivrea.osra.it) -------------------------------------- @@@@@@@ this is my shorewall-1.2.13 config: #[/etc/shorewall/common.def]-----------------------------------------------

I have purchased a license for Vexira MailArmor (an antivirus product) and the good news is that it is installed and working at shorewall.net. The bad news is that I have yet to get Vexira running together with SpamAssassin :-( As things currently stand, list posts will be protected from viruses but may contain Spam. I''ll continue to work to correct this situation. -Tom -- Tom Eastep

does anyone know how to enable the "udp loose" function in kernel 2.4.x? one of my fave games requires this to work on the net and i''d really like to move away from the 2.2 series kernels. tia

Hello all, i am new to shorewall and i already have a question ;) i am running a mailserver in my dmz (or actually this will be when = evertything will be working fine with shorewall) with public ip = addresses.. i have a subnet of 8 ip addresses (255.255.255.248 mask) and = i was planning of the classic 3 nic (eth0-2) setup... the dmz should = work with proxy-arping...=20 now my quesion is

This will be the last Shorewall release for a while as I''m going to be focusing on Documentation. In this release: 1. Empty and invalid source and destination qualifiers are now detected in the rules file. It is a good idea to use the ''shorewall check'' command before you issue a ''shorewall restart'' command be be sure that you don''t

The 3.1 Beta is now available -- check the Shorewall home page. -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net

This is a minor release of Shorewall. In this release: 1. A "shorewall try" command has been added. This command attempts to restart Shorewall using an alternate configuration and if that attempt fails, Shorewall is automatically started with the default configuration. This is useful for remote administration where a failed restart of Shorewall can leave you isolated from

Hello, on my old system I''m using ipchains. Can anyone help me with converting rule /sbin/ipchains -A forward -j MASQ -s source_addr -d destination_addr 443 -p tcp to shorewall. I know that I can write eth0 source_addr to /etc/shorewall/masq file but I can''t found where I can specify the destination address. The reason for this is to allow one user (computer) access only to

Hey gang, I was wondering if all that documentation could or has been put into PDF format. I usually like to download documentation and read it while I''m sitting comfortably at home and I don''t want to tie up the phone line all night. Thanks, Nino p.s. If so, please feel free to attach the PDF formatted document to my e-mail ;-)

I am trying to move from MS Windows (of which I am a std user) to Linux and, 10 days ago, I installed Mandrake 9.0, everything is OK except for WEB navigation: even if surely connected, I cannot navigate and the browser answer is always:...host unknown.. Apparently the problem is the firewall (Shorewall) installed by default that rejects all comunication, infact looking in the Firewall settings

Let me know if there are any problems. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net

I''ve set up quite a few firewalls which Shorewall, and never run into this situation. The setup is: Linux server as $FW RedHat 7.2 (patched) Custom Kernel 2.4.18 (made to be a router/firewall) IPTables 1.2.6a from source, additional relevant patches from patch-o-matic, compiled directly into kernel, and not as modules.... Shorewall 1.2.13 2 NICs eth0 and eth1. eth0 is multihomed,