similar to: shorewall config

Hello *, I''m trying to setup Shorewall under Ubuntu 7.04 and Xen configured to use network-dummy instead of network-bridge (network-bridge seems to be buggy at the moment under Debian/Ubuntu). Is there a shorewall config example I can use in combination with network-dummy? In particular, with network-dummy there is no peth interface and the bridge include the real eth interface. I

(if this post gets line-feed-mangled please read http://www.dl.reneschmidt.de/shorewallxenpost.txt - that''s an unmangled version, thank you) Hello, first I would like to thank the Mr. Eastep and contributors for this great piece of software and superb documentation. I have a SOHO server (Debian testing) that I''m using for several purposes so I''ve set up a Xen

Hi, I've some problems with this network : [ host1 eth0: 10.22.2.4/8 ] [ host2 eth0:10.22.2.5/8 default route host3] \ / SWITCH internet | | |

Hello everybody, I have an odd problem with iptables using a Xen bridge setup. I don''t know if it would be better to post to netfilter Mailing-List. But I hope someone here know how to solve it. If it''s OT here, please let me know. I''ll try to do a little bit ASCII-Graphics to explain the topo better: _________ ________

Hello All, I am trying to implement OpenVPN on Fedora core Linux 3 with the latest pathces installed. This server is used only as firewall/internet gateway/proxy/VPN server, with kernel 2.6.1-1.27.FC3 and kernel 2.6.1-1.27.FC3 SMP It has two NIC''s eth0 (10.0.0.150) connected to ADSL, eth1 (192.168.3.12) connected to the local network. I use shorewall 2.4 on this machine. I like to test

hi, i''ve tried again Debian testing, with xen 3.1 binary. it works fine but i can''t have the networt working: i''ve have an ethernet card with static IP: 172.20.2.160 gateway: 172.20.2.1 uname -r :2.6.18-xen without xen, the network works fine. here''s my output: eth0 Lien encap:Ethernet HWaddr 00:0F:FE:6B:57:32 inet adr:172.20.2.160

Hi all, I have a strange problem with GPL PV 0.8.8 (0.6.4 did work). On my 2nd vif I cannot establish TCP connections. The 3rd IP packet (ACK from XEN-Image) is not forwarded by XEN/DOM0-Bridge. If I boot Windows without /GPLPV option, everything works fine. I did some investigation and found out that the packages arrive differently if GPLPV is enabled. "br_inet" is a bridge

Hi, I have a few questions about the inner workings of netfilter (a graphical layout of my network setup @ https://aequorin.homeunix.net:62389/local/media/network-graph.png) 1) These are the syslog entries for some simple connection tests. Shorewall/netfilter has been set to record all stateful connections SSH is recognized as phys(eth0) -> $FW traffic. This is because PHYSIN is

I''m working on setting up a new router/server/etc. box. I''m using Proxmox as the base system (Debian Lenny basically). I''m trying to figure out the right way to configure Shorewall on it. I''ve looked at some of the bridging info but they seem to all be talking about single-interface setups. Could someone look over my setup and give me some input into the

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=479 Summary: tunnel0 and br0 Product: iptables Version: 1.2.11 Platform: i386 OS/Version: other Status: NEW Severity: normal Priority: P2 Component: iptables AssignedTo: laforge@netfilter.org ReportedBy: tom@tomdeb.org I have a ipsec

Dear All, I try to upgrade, my old shorewall from 4.4.13-3 to 4.5.2.3-1 on CentOS, after upgrade i can''t start shorewall with this message: "/Shorewall: Address Ranges require the Multiple Match capability in your kernel and iptables/" I try to search on the net about this, but no still no light. Somebody can help me? Great appreciate for any help. Regards,

The bridging documentation (http://shorewall.net/2.0/bridge.html) has been expanded and there is a refresh of the bridging code (ftp://shorewall.net/pub/shorewall/Bridging and http://shorewall.net/pub/shorewall/Bridging). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net

Hello, I have the need to connect 2 remote site with vpn, the windows pc of the 2 site it can share the HD and printer. This is my configuration : LOCAL NETWORK A : ip from 192.168.10.2 to 192.168.10.99 | | | | eth0: 192.168.10.1 FIREWALL A : ( with debian ; openvpn ver. 2.0.beta15 ; shorewall ver 2.0.11 ) eth1 : xxx.xxx.xxx.xxx ( pubblic ip address ) | | | | INTERNET | | | eth1 :

Dear Xen-Users, I use Xen 3.1.0_15042 on my OpenSuSE-10.3-computer. Without starting the xen-kernel I can connect my second computer via my native computer to the internet. After starting the xen-kernel the xen-bridge came automatically up. How can I configure the xen-bridge or the xen-devices? I get routing problems: Feb 20 18:31:36 intel6550 kernel: martian source 217.237.149.142 from

Has anyone ever seen this happen when using rsync ? I'm trying to send a series of =~ 300k files down the line, but for some reason, rsync thinks each file is 17592186044416 bytes long! The same behaviour occurs when using rsync to copy files locally. Partial output follows...any help appreciated! Cheers, P [root@grappa llog]# ls -al /IFX/llog/logs.109051.gz -rw-rw---- 1 informix

Hi all, The first couple of xen machines we setup used the default xen bridging setup for dom0. I am sure there are many other people out there with this setup. Now that I know a bit more there are probably better ways out there to configure the xen box for firewalling, most notably assigning the red card to a domU and running shorewall in there. But in the meantime I would like to further

Hi Vene, Would appreciate any help you can give as I am not sure which NAT you are talking about. A little more background. I am replacing a Windows 2000 routing and remote access machine that was acting as the gateway and performing NAT for Internet access for our local clients. In this setup the cisco VPN clients had no problem connecting to the vpn concentrator. The only difference in any

http://www1.shorewall.net/pub/shorewall/3.0/shorewall-3.0.6/ ftp://ftp1.shorewall.net/pub/shorewall/3.0/shorewall-3.0.6/ Coming soon to a Mirror near you. Problems corrected in 3.0.6 1) A typo in the output of "help drop" has been corrected. 2) Previously, ''shorewall start'' would fail in the presence of a network interface named ''inet''. 3)

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=479 ------- Additional Comments From kaber@trash.net 2006-05-22 14:42 MET ------- It is not entirely clear what you are trying to show with that LOG line. How is the traffic flowing, what do you expect? And why is it visible in plaintext on the br0 device? Please also include your kernel version. -- Configure bugmail:

Hi, I''m testing out Xen on FC4. I''m using bridging for networking, as well as iptables to firewall, configured with the standard Fedora ''system-config-security-level'' tool. However I have really strange problem with conntrack not seeming to catch outbound connections. This prevents outbound connections working from dom0. Connections from domU''s