Displaying 20 results from an estimated 11000 matches similar to: "SSH access to firewall"
2002 Oct 16
2
VPN bridge to LAN, through Firewall
Hi, thanks for a great piece of software!
...at the moment I have a commercial VPN box, which
also acts as our firewall. I wish to replace this
firewall functionality with a decicated Shorewall
firewall, and use the VPN box only for VPN traffic.
At the moment, this VPN/Firewall box is at an internet
visible address, x.x.x.85
I wish to make the new Shorewall fireall x.x.x.85 and
move the VPN to
2002 Jun 04
3
Port forwarding...
Hi all
Is it possible to just forward port to local computer
but not give open access for that port?
If I''ve understood right that this rule does give
ACCESS from net to loc too:
DNAT net loc:192.168.1.5 udp 7777
What I''m trying to say is that it would work so that
everything that''s coming from net to that local
computers port is DROPed or REJECTed if it''s
2003 Jan 07
2
MRTG drop/reject hits
I have created shell script for MRTG statistics of droped/rejected packets:
ftp://slovakia.shorewall.net/mirror/shorewall/mrtg/
http://slovakia.shorewall.net/pub/shorewall/mrtg/
rsync://slovakia.shorewall.net/shorewall/mrtg/
example: http://slovakia.shorewall.net/pub/shorewall/mrtg/example/
It is not based on /var/log/messages (syslog), but iptables counter.
A lot of packets are droped/rejected
2004 Feb 25
1
Rsync under cygwin
Hi,
I have rsync client and servers running under 3 Win2K boxes, and I can
sync when the source is remote and the target is local, but when the
source is local and the target is remote, I get the following error:
rsync.exe --recursive /cygdrive/d/BILLS_CMS rsync://192.168.213.102/PWB3
rsync: read error: Connection aborted
rsync error: error in rsync protocol data stream (code 12) at
2010 Aug 25
18
Puppet hangs
Hello,
we have one puppet server managing approx servers, all FreeBSD.
The problem is that the puppet clients all hangs, one by one,
eventually. They will run for anything between an hour up to a week.
But eventually the all hang.
We really like puppet and want to keep using it. But the way it is now
is completely unusable. We''ve tried many versions, from 24.x, and now
2.6.1rc1. But
2005 Jan 14
4
Samba & ICMP allow problem
I am running a Redhat FC2 server, which runs postfix
for mail, Squid for proxy and samba as Domain
Controller and file server. I installed
shorewall-2.1.11-1.
In the shorewall rules /etc/shorewall/rules I added
the following for samba
ACCEPT LAN $FW:192.168.100.1 tcp
139,445
ACCEPT LAN $FW:192.168.100.1 udp
137:139
ACCEPT LAN $FW:192.168.100.1 udp 445
2007 Oct 10
6
apt-cacher for CentOS
Hi All,
Is there something similar to apt-cacher available for CentOS? I would
like to ensure that an application is only downloaded once to the
network and not hundreds of times.
If there isn't an equivalent, would someone please point me in the
direction of how I might accomplish this with CentOS?
--
James A. Peltier
Technical Director, RHCE
SCIRF | GrUVi @ Simon Fraser University -
2007 Oct 10
6
apt-cacher for CentOS
Hi All,
Is there something similar to apt-cacher available for CentOS? I would
like to ensure that an application is only downloaded once to the
network and not hundreds of times.
If there isn't an equivalent, would someone please point me in the
direction of how I might accomplish this with CentOS?
--
James A. Peltier
Technical Director, RHCE
SCIRF | GrUVi @ Simon Fraser University -
2015 Mar 07
4
Something like apt-cacher for CentOS/RHEL?
Hi,
For some time I've fiddled with Debian and Ubuntu LTS. There's one
really nice feature for local networks: apt-cacher, a package proxy for
APT.
My company is in the remote South French countryside, and more often
than not, schools and public libraries only have some very limited
Internet access with relatively low bandwidth, which can make the
updating process very tedious. A
2003 Feb 24
2
69.x.x.x network in rfc1918
I came across a problem when one of our clients was not able to access any
of the servers on our network. This person has never connected to us before
and now for this first time was trying to do it from his home is Houston, TX
using earthlink cable service provided by Time Warner. All this
information, I think, is important because when I started examining my
shorewall logs I found out
2013 Jan 10
1
Puppetlabs APT GPG key
Hi,
I just started getting errors from APT: W: GPG error:
http://apt.puppetlabs.com squeeze Release: The following signatures were
invalid: BADSIG 1054B7A24BD6EC30 Puppet Labs Release Key (Puppet Labs
Release Key) <info@puppetlabs.com>
It looks like they keyring was changed yesterday on the APT repository:
keyring.gpg 09-Jan-2013 14:51 2.5K
However, I''ve yet to see an
2008 Sep 05
5
PPTP Client Behind a Shorewall Firewall
Hi all, I´m running a server that frecuently needs to open a pptp
session with a remote server outside my Company. This server is running
behind a Shorewall firewall and I don´t find information in Shorewall
web page because there is no information in the link
http://www.shorewall.net/PPTP.htm#ClientsBehind
Nowadays I can connect this server with the remote one but te session is
closed after
2003 Apr 02
1
Firewall+DHCP question
Good Morning.
Last week I posted a question about how to set up Shorewall Firewall to coexist with a DHCP server. I set up three zones and assigned two of them to the interfaces: net Zone is assigned to eth0 and loc Zone is to eth1. You said that I shouldn''t type any entries for loc2 Zone (assigned to eth1:1) since Shorewall can''t recognize an interface named eth1:1, but then
2007 May 21
2
something like apt-cacher for yum
Hello!
I need to download updates and install it on several servers.
I don't want to mirror all packages just because traffic is expensive here.
We use apt-cacher as specialized proxy for our ubuntu desktops, so we
download packages only once.
Is there similar tool for yum?
2004 Oct 16
2
Three interfaces firewall - performances problem
Hello,
I''ve shorewall running a three interfaces firewall (net, loc, dmz) and
I''ve got performances problems.
My measured bandwidth from internet is up to 6.8 Mb/s, and I "only" get
3.5Mb/s on my LAN and 5Mb/s on my dmz.
I checked with iperf, and all my interfaces (eth0, eth1, eth2) can
actually work at 10 Mb/s.
I tried disabling all the rules from loc to net
2010 Aug 19
7
External CA: Could not run: Could not retrieve certificate for puppetsrv and not running on a valid certificate authority
Hi Experts,
I''m trying to generate my own certificates (all of them, including certs for
CA, server and client) for puppet to use.
and I''m getting "Could not run: Could not retrieve certificate for puppetsrv
and not running on a valid certificate authority"
Just wondering what the problem could be?
What I did is:
1. generate a self signed CA cert, and save the
2004 Dec 06
5
two firewall and shorewall
Hi,
in my lan I have two firewall, fw1 is the first and manage inte-vlan routing.
Fw2 manage internet and dmz.
fw1 and fw2 have an interface (eth4 for both fw2 and fw1) on the same
subnet that permit to the host behind fw1 to reach internet,
my problem is on fw2:
eth4 is the NIC that connect fw2 and fw1, I would''t like masquerading
hosts behind fw1, so to eth4 of fw2 arrive all
2002 Nov 13
2
Forward port 8888 on firewall to internal IP port 80
Good day,
I have tried to forward port 8888 on the firewall to port 80 on an internal IP of 10.40.0.202. Please advise which rule to add to the rules file to achieve this.
I have tried to add
DNAT net loc:10.40.0.202:80 tcp 8888
But still no luck
TIA for you assistance
Quentin
2003 Jan 16
1
FTP through the firewall to non standard FTP port fails
Hi, all.
Shorewall Version: 1.3.12
I''m unable to list files (using PASV *or* PORT mode) on any FTP site that
listens on a port other than 21 (from a client machine behind Shorewall --
from the Shorewall box I can list files no problem on the same sites)
I have "Netfilter FTP" support compiled IN the kernel.
Any ideas? My rule set is pretty generic. LOC -> NET Policy to
2018 May 14
2
Why current mount connection don't close after remove from config and reload?
Well I am only guessing here, but I suspect if icecast works like other daemons reload just reloads the config but doesn't terminate current connections. You probably want /etc/init.d/icecast restart
On 15 May 2018 12:35:39 AM NZST, "subscription at nextdial.com.br" <subscription at nextdial.com.br> wrote:
>Hello,
>
>After removing a mount from the xml config