Displaying 20 results from an estimated 200 matches similar to: "FWD: dns woes"
2004 Apr 29
3
ZYXEL wifi phones
I have a zyxel wifi phone and it works just great registering and callin on
* but when it comes to menus it just not working (buttons dont change menus)
. Anybody else have this problem? Need help.
thanks.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Jim Van Eeckhoutte.vcf
Type: text/x-vcard
Size: 136 bytes
Desc: not available
Url :
2006 Jul 21
6
Quick Question on [UNREPLIED] in the state tables
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I have a situation where some Poptop/PPTP sessions (only with FC5/Shorewall to FC5/Shorewall firewall in between) cause the following to appear in the state table (shorewall show connections).
unknown 47 420 src=XX.234.79.183 dst=XX.234.137.226 packets=2 bytes=130 [UNREPLIED] src=XX.234.137.226 dst=XX.234.79.183 packets=0 bytes=0 mark=0 use=1
2013 Nov 21
14
openvpn restart fails with dual entry in conntrack and wrong sourceport
the establishment of an openvpn link sometimes fails.
I tracked it down to network traffic with wrong Sourceport in the answer
packet (should be 1300 not 1024):
2 1.119309000 aaa.185.165 bbb.162.192 UDP 58 Source port: 1300
Destination port: 1300
3 1.119446000 bbb.162.192 aaa.185.165 UDP 66 Source port: 1024
Destination port: 1300
and a collateral entry in the connection tracking table
2004 Nov 25
6
Logfile entry query
Hi,
I get frequent logfile entries from Shorewall similar to the following:
Nov 25 11:22:51 10.0.0.248 kernel: Shorewall:net2mill:DROP:IN=eth2
OUT=eth0 SRC=202.96.117.50 DST=10.0.0.10 LEN=56 TOS=0x00 PREC=0x00
TTL=241 ID=0 PROTO=ICMP TYPE=11 CODE=0 [SRC=10.0.0.10
DST=202.101.167.133 LEN=48 TOS=0x00 PREC=0x00 TTL=1
ID=13591 DF PROTO=TCP INCOMPLETE [8 bytes] ]
Could someone explain what the
2004 Oct 18
11
how can i log everything?
hi,
it''d be very useful to add some kind of "log everything" option to
shorewall. currently the logging is useful if you know what you would
like to log. but if you don''t know than it''s a problem...
another problem that currently it''s not possible to log the nat table.
at least i can''t find any way (can''t add logging into masq and
2004 Oct 13
4
Connection tracking on non-masqueraded interfaces.
I don''t think this has anything to do with Shorewall but I am not too
familiar with iptables stuff yet so I''m not sure.
Running Shorewall shorewall-1.4.9 on Mandrake Linux release 9.2 (FiveStar)
for i586 Kernel 2.4.22-37mdk.
Run "nmap -sP 192.168.x.x/24" (for example), where 192.168.x.x/24 is the LAN.
You can do this from a firewall/router, or even from a
2010 Jul 27
1
Multiple Workgroups and Subnets
Hi,
I am configuring a network with two subnets with a different workgroup
in each subnet. My aim is to have users being able to view and access
shares on both workgroups. I have a Samba server in each
subnet/workgroup, configured as both the domain and local master for
each workgroup. Each server is also the WINS server for its subnet. The
setup is like this:
Subnet1:
network -
2006 Nov 07
6
Troubles DNATing UDP
Hi.
I have strange troubles with DNATing UDP packets.
The situation:
1. We have local network 10.10.0.0/16
2. We have a "server network" 192.168.1.0/25 connected with local
network by a router 10.10.100.1 (other ip 192.168.1.1).
3. Web server is located at 192.168.1.2
4. There are HW pingers in the net 10.10.0.0/16 whose do ping
10.10.100.1 every second. The ping is the UDP packet
2012 Jan 16
4
conntrack entries established before nat
Typically (or at least somewhat occasionally) after a reboot of my
shorewall[-lite] machine I find that I end up with conntrack table
entries for unNATted connections such as:
# conntrack -L -p udp --dport 5060 -d 99.232.11.14
udp 17 59 src=10.75.22.8 dst=99.232.11.14 sport=5060 dport=5060 packets=5472 bytes=3031488 [UNREPLIED] src=99.232.11.14 dst=10.75.22.8 sport=5060 dport=5060 packets=0
2004 Jan 15
4
shorewall, freeswan and kernel crypto-api
Hello,
I''ve finally managed to setup a firewall with freeswan 2.04 using the
kernel crypto api (backported from kernel 2.6).
(Almost) everything seems to work fine if I disable shorewall, but
packets are filtered whe shorewall is active.
I''ve already read a past thread on the subject and I followed all the
hints and it actually partially works: my lan I can access the remote
2003 Feb 14
6
[Bug 49] TCP conntrack entries with huge timeouts
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=49
------- Additional Comments From laforge@netfilter.org 2003-02-14 08:39 -------
what patches from patch-o-matic do you use? Do you know how to reproduce this
behaviour?
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
2006 Mar 07
1
Unreplied message when i try to connect to an internal system
Unreplied message when i try to connect to an internal system
I''ve set up a shorewall 3.0.5 system on Fedora core 4
When i want to connect from an external computer to one in my network it does not reply.
I connect from 212.19.195.160 to 212.178.64.74 trough port 8080
The rule i made is: DNAT net loc:192.168.0.20:80 tcp 8080 - 212.178.64.74
(and 192.168.0.20 can be reached
2003 May 02
2
A Group Policy Question in Win9x (yes, another one).
I am wondering if anyone has ever answered the question of group policy operability under Windows 9x. That is, I am _not_ looking for a work-around but the real thing--one config.pol file to service several groups.
I have done my homework, hopefully well, but found nothing. To prove this, I will quickly summarize my findings below. Either I have found:
1. a list of unresolved (mostly
2002 May 14
1
re: smtp woes
ive tried your command and still not able to send thru outside smtp server .
ISP is not blocking any ports. Also not able to telnet x.x.x.x 25.
2003 Jan 24
2
Problem with sending mail from mail server behind firewall.
I am having a problem with connections from a server behind a shorewall
firewall. Both machines are running redhat 8.0 with a custom 2.4.20
kernel. The problem lies with a mail server I am configuring which has
been able to send mail to all hosts, except this one. The connection
starts with the SYN_SENT, and then just hangs there. (telnet to remote
server on port 25 just hangs trying to
2008 Jul 07
5
IPSEC tunnel up, but no traffic coming through
Hi all,
I finally got my IPSec tunnel from my Fedora firewall system (running
Shorewall 4.0.6) to a remote Draytek Router up-and-running, but I''m having
difficulties directing traffic through the tunnel. From the output of
"racoon -F -f racoon.conf" and the connection status page of the Draytek I
can tell the tunnel is UP, but ping and traceroute requests to several hosts
2005 May 29
17
Plans for 2.4.0
Hi folks,
Has anyone tested the changes to multiple ISPs/load balancing or
routestopped in 2.4.0-RC1 yet? We need to talk about what criteria we
will use for determining whether 2.4.0 is ready for release.
I''ve started configuring a firewall at work with the multiple ISPs
support, but its kernel doesn''t have connection marking support, so it''s
going to be a couple of
2003 Jan 09
10
transparent proxy
I''ve installed a bering box acting as a firewall for a lan;
the lan is 192.168.1.0/24
the bering box is 192.168.1.254
I''ve installed a squid server 192.168.1.1
It is possible to configure shorewall for a transparent proxy to the
squid server?
I''ve tryed with
REDIRECT loc loc:192.168.1.1:3128 tcp www - !192.168.1.1
in the rules file
I get this error:
Error:
2003 Jan 03
9
Rearranging the furniture....
Hi Tom and All,
I have been quietly watching the list for the last year (no new issues for
me that weren''t covered in the docs or promptly "bug-fixed" by Tom. Boy,
has this grown exponentially! Anyway, back to the point (the proverbial
rearranging the furniture)... I have been evaluating Mandrake''s MNF as an
upgrade for my Firewall box. If I do this( and even if I
2008 Aug 10
1
conntrack-tools and Session syncing
Hi folks,
I have 2 firewalls, setup with Centos 5.2. They are also routers, connected
to 2 upstream routers.
I have some cases where connections from servers to the internet leave my
network via router2 and answers come back via router1. So I added conntrack
tools to both routers/firewalls to synchronize the session tables (using
ftfw procotol).
That works as expected. If e.g. I ping from