similar to: Samba and iptables - woes

Hi All, I have an nfs mount from my CentOS 5.3 client to a CentOS5.3 server. This has been functioning correctly for some years. Beginning last week I had problems saving OpenOffice documents onto the nfs mounted volume. OpenOffice just times out with a file io error. So I tried just a simple shell - cd to the mounted volume did a vi create of text file - no problems. tried a chmod +w on an

Hi, I have two very similar AMD based work stations running fully current CentOS x86_64. Both have 4Gb of RAM, both have [rkampen at media ~]$ sudo rpm -qa |grep flash flash-plugin-10.0.22.87-release.i386 [rkampen at media ~]$ sudo rpm -qa |grep fire firefox-3.0.6-1.el5.centos.i386 One machine (home) works fine on my web page www.ndgonline.net/ndg/ the other (work) seg faults - I guess it is

Hi i have a debian box working as a router.. it works quite well, now i want to give more than 1 ip.. is it possible to do it? some of them must be an open ip.. i mean.. all ports opened is it possible? how should i do it? Here is my nat.sh script just in case someone wants it.. (comments r in spanish.. and not right) Thanks in advance, #!/bin/sh echo "AthoS LaN Generando

Hi, I seem to be facing an intrusion issue, inspite of firewall (script attached). What am I missing ?? Any suggestions / recommendation are welcome pls. Best regards, Sans -------------- next part -------------- #!/bin/bash echo 0 > /proc/sys/net/ipv4/ip_forward # Clear any existing firewall stuff before we start /sbin/iptables --flush # As the default policies, drop all incoming

Hi all. I created a smb-share on my el6 for all windows-pcs in my home-network (I'm the only Linux-User in my family) for sharing all the stuff we have, like music and videos and documents. The share will be shown on the other pcs (Windows XP), but they can't open it. The error-message ist "Share not found" on our preferred language of course! SELINUX-CONFIG sh-4.1# cat

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=552 ------- Additional Comments From cbettero@ciditech.it 2007-03-04 21:48 MET ------- This problem prevents AJAX web sites to be hosted on the internal web server, because many packets will be dropped instead of passing into PREROUTING chain... -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email

Hi, We recently installed CentOS 6.2 on our cluster. During the installation/debugging of various secondary software, we had disabled iptables. When we re-enabled them, we found that the front-end would no longer X11 forward (although it does so when the iptables are off). What do we need to set in the iptables to permit X11 forwarding? Currently we're using iptables -P INPUT DROP

Trying to use the policy drop rule with the bridged firewall, when I removed the first line the transparent proxy works great? It seems a bit strange as from reading several articles on it I thought the following occurs. 1st line - if it doest match it gets dropped on the local filter input. 2nd line - redirects the traffic off the link layer into the network layer ready for line 3. 3rd line -

i''m using one line on eth2 only for web traffic eth1 is my internal line and eth0 is my main line to internet . i''m marking packets like this i have default route on eth0 iptables -t mangle -A PREROUTING -i eth1 -p tcp --dport 80 -j MARK --set-mark 66 iptables -t mangle -A PREROUTING -i eth1 -p tcp --sport 80 -j MARK --set-mark 66 iptables -t mangle -A PREROUTING -i eth1

Hi, I have a computer which is used as router/firewall/VPN with four network card. One connected on the LAN (br0, 10.0.0.0/24), the three others to three different ISP, eth0 192.168.1.0/29, eth1 192.168.0.0/24, eth2 192.168.2.0/29. This computer is under Linux 2.6.11 with the Julian Anastasov routes patch. The configuration by default is to balance the load on the three interfaces. Then, I

Alejandro, So, i did try the script that you give to me, and the problems its continues.- Maybe the problem was in the IPTABLES rules, i attach the complete script below: ##################### ifconfig imq0 up tc qdisc add dev imq0 handle 1: root htb default 30 tc class add dev imq0 parent 1: classid 1:1 htb rate 500kbit ceil 2000kbit tc class add dev imq0 parent 1:1 classid 1:10 htb rate

How to do ensure a class not lended and not borrowed each other. I do cburst burst 0b ,but ctokens tokens go to negative! --------------------------------- Do You Yahoo!? "更多惊喜，同样精彩，NetVista A30 热卖" --0-611462377-1048485942=:33792 Content-Type: text/html; charset=gb2312 Content-Transfer-Encoding: 8bit <P>How to do ensure a class not lended and not borrowed each

I have 2 internet connections and i;m trying to use squid as transparent proxy but every time squid is using first internet line but i want to use second internet line . i have this settings and without squid it''s working i have default route on the first internet connection. iptables -t nat -I POSTROUTING -o eth2 -p tcp --dport 80 -s 192.168.0.0/24 -d ! 192.168.0.0/16 -j SNAT --to

Actually i gave up, i tried and tried and tried so many times, upgrading software falling back to an old version but it didn''t work, that''s it. i can''t do work together tc with iptables and iproute2 when i mark a packet with iptables tc doesn''t recognize them so it falls at the default leaf of the tc''s tree what i like is to mark packets depending on

My firewall config is below... I am trying to figure out why another machine has access to port 5038 on my machine based on these firewall rules. I thought the reject at the bottom would take care of all other ports? It does not. I have restarted with "server iptables restart" and same thing. I can connect from another machine to my machine on port 5038. How do I prevent this?

Hi I have been using Shorewall for a while now and find it very useful and easy to configure, I am learning iptables and having trouble getting the bridge to successfully work with squid, although I get it working with Shorewall straight away? Does anyone know the rules to successfully use squid with a transparent bridge? Internet – router - (bridge eth0 – eth1) – local lan auto lo iface lo

Hey Andreas, how i catch this traffic using L7 filter?, i´ve installed l7 filter now, but i don´t kwnow to use the kind of filter...!!! Can you help me? Thx.- Terraja-based 2007/4/29, lartc-request@mailman.ds9a.nl <lartc-request@mailman.ds9a.nl>: > > Send LARTC mailing list submissions to > lartc@mailman.ds9a.nl > > To subscribe or unsubscribe via the World

I try to shape traffic using HTB and mark packets within iptables using PREROUTING. But the filterrules seems to ignore the marks set with PREROUTING Only POSTROUTING marks are accepted. First my configuration I have a router connected to the internet via ADSL over interface ppp0. eth0 is a tunnel to ppp0 and eth1 serves the LAN. LAN is 192.168.57.0/24 on 10Mbit ppp0 is 80.126.16.44 on

Hi, I have some interesting problem with htb , I set up root class and sub-classess: $TC qdisc add dev eth0 root handle 1: htb $TC class add dev eth0 parent 1: classid 1:1 htb rate 1990kbit ceil 2000kbit $TC class add dev eth0 parent 1:1 classid 1:10 htb rate 190kbit ceil 200kbit $TC class add dev eth0 parent 1:1 classid 1:11 htb rate 1400kbit ceil 1600kbit $TC class add dev eth0 parent 1:1

I have a server whit 2 interfaces of network, where eth0 is the interfaces connetc to internet and eth1 to the internal network. This server hace a Squid only, but i setting the iptables for protection to the server. Iptables run from script and in this script i setting the redirection for the other server in my internal network to port 80 and 443. I follow the diferent how to and many manual, but