On Thu, Feb 13, 2025 at 09:39:29 -0700, pe...@easthope.ca wrote:
> # grep startup /etc/default/shorewall
> # prevent startup with default configuration [Badly stated comment.]
> startup=1
>
> > And does 'systemctl status shorewall' show that it is enabled?
>
> # systemctl status shorewall
> ○ sho
On 2/13/25 17:39, pe...@easthope.ca wrote:
Roberto & all,
From: Roberto C. Sánchez
Date: Thu, 13 Feb 2025 11:20:44 -0500
What about /etc/default/shorewall?
# grep startup /etc/default/shorewall
# prevent startup with default configuration [Badly stated comment.]
startup=1
And doe
Roberto & all,
From: Roberto C. Sánchez
Date: Thu, 13 Feb 2025 11:20:44 -0500
> What about /etc/default/shorewall?
# grep startup /etc/default/shorewall
# prevent startup with default configuration [Badly stated comment.]
startup=1
> And does 'systemctl status shorewall' show that it
pe...@easthope.ca wrote:
> Hi,
>
> # cat /etc/deb*n
> 12.9
>
> # dpkg -l | grep shorewall
> ii shorewall5.2.8-2
> all Shoreline Firewall, netfilter configurator
> ii shorewall-core 5.2.8-2
> all Shorewall core
* On 2025 13 Feb 10:10 -0600, pe...@easthope.ca wrote:
> Hi,
>
> # cat /etc/deb*n
> 12.9
>
> # dpkg -l | grep shorewall
> ii shorewall5.2.8-2
> all Shoreline Firewall, netfilter configurator
> ii shorewall-core 5.2.8-2
>
On Thu, Feb 13, 2025 at 07:51:37AM -0700, pe...@easthope.ca wrote:
> Hi,
>
> # cat /etc/deb*n
> 12.9
>
> # dpkg -l | grep shorewall
> ii shorewall5.2.8-2
> all Shoreline Firewall, netfilter configurator
> ii shorewall-core 5
On Jo, 06 mai 21, 17:18:26, Charles Curley wrote:
>
> I will. I believe the Powers That Be at Debian prefer one file a bug
> report with Debian, and the Debian maintainers will file an upstream
> bug if necessary. Anyway, that's the course I plan to take.
Do feel free to file bugs directly with u
On Thu, 6 May 2021 21:25:44 +0200
john doe wrote:
> > I missed it. Sorry.
> >
>
> It is hard to spot it, I was simply mentioning it to let you validate
> what I was saying and not to put you on the spot!
No worries. I did not take it as putting me on the spot.
>
> >>
> >>
> >> Remember tha
On 5/6/2021 8:13 PM, Charles Curley wrote:
On Thu, 6 May 2021 09:49:29 +0200
john doe wrote:
First you need to disable libvirt from playing with iptables, I
changed (virsh net-edit default) from:
to:
Thank you, that seems to have worked.
Then you can use whatever firewalling s
On Thu, 6 May 2021 09:49:29 +0200
john doe wrote:
> First you need to disable libvirt from playing with iptables, I
> changed (virsh net-edit default) from:
>
>
> to:
>
>
Thank you, that seems to have worked.
>
> Then you can use whatever firewalling solution you like (this is
> docu
On 5/6/2021 5:03 AM, Charles Curley wrote:
For years, up through Buster, I have had a nice setup with virtual
machines on my laptops, with firewalling provided by shorewall and
rules I have added over the years. As I move from network to network,
the firewall is reconfigured, and the VMs continue
On 04/28/2014 07:15 PM, Charles Kroeger wrote:
I'm running a Jessie/ Sid mixture and after a recent dist-upgrade Shorewall
blocks
all Internet access unless it is 'stopped' and restarted:
When shorewall is started, it sets the iptables in the kernel which do
the actual work. It's possible tha
> That you can provide such detail and yet not use the tool yourself.
>
> Hugo
> >> Do you run shorewall?
> >
> > Not at all.
Hugo, despite being complex in appearance shorewall is 'easy' to set up for a
strong
firewall with example files provided with the installation. The installation
can
On Mon, 30 Apr 2012 11:13:10 -0500, hvw59601 wrote:
> Camaleón wrote:
Mmm, this is done from "/etc/default/shorewall" by editing the
"startup" variable, that you have to set to "1" as it says.
>>> Impresive.
>>
>> What's what you find "impressive"?
>>
>>
> That you can prov
On Mon, 30 Apr 2012 11:43:53 +0300, Andrei POPESCU wrote:
> On Du, 29 apr 12, 18:53:11, Charles Kroeger wrote:
>>
>> In /doc/shorewall-core there's nothing about this In
>> /doc/shorewall-doc/ there are subfolders of HTML and HTML/images and
>> manpages in great abundance but no README. In /usr/s
Camaleón wrote:
On Sun, 29 Apr 2012 15:13:36 -0500, hvw59601 wrote:
Camaleón wrote:
On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote:
After the recent Shorewall upgrade that replaced the previous
configuration files, Shorewall now only starts 'manually' at the
command line: e.g. #sh
On Sun, 29 Apr 2012 15:13:36 -0500, hvw59601 wrote:
> Camaleón wrote:
>> On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote:
>>
>>> After the recent Shorewall upgrade that replaced the previous
>>> configuration files, Shorewall now only starts 'manually' at the
>>> command line: e.g. #sho
On Du, 29 apr 12, 18:53:11, Charles Kroeger wrote:
>
> In /doc/shorewall-core there's nothing about this
> In /doc/shorewall-doc/ there are subfolders of HTML and HTML/images and
> manpages in great abundance but no README.
> In /usr/share/shorewall there are subfolders of Shorewall and config fil
Brian pointed out:
> Incidentally, shorewall has had 'startup=0' since Lenny at least. You
> probably forgot that you must have altered the default sometime in the
> past and didn't think the README in /usr/share/doc worth a glance.
> Also, /etc/default/shorewall is a conffile so if indeed the upg
On Sun 29 Apr 2012 at 15:30:28 -0500, Charles Kroeger wrote:
> On Sun, 29 Apr 2012 22:20:02 +0200
> hvw59601 wrote:
>
> > Camaleón wrote:
> > > On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote:
> > >
> > >> After the recent Shorewall upgrade that replaced the previous
> > >> configurat
On Sun, 29 Apr 2012 22:20:02 +0200
hvw59601 wrote:
> Camaleón wrote:
> > On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote:
> >
> >> After the recent Shorewall upgrade that replaced the previous
> >> configuration files, Shorewall now only starts 'manually' at the command
> >> line: e.g.
On Sun, 29 Apr 2012 19:30:02 +0200
Camaleón wrote:
> On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote:
>
> > After the recent Shorewall upgrade that replaced the previous
> > configuration files, Shorewall now only starts 'manually' at the command
> > line: e.g. #shorewall start.
> >
>
Camaleón wrote:
On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote:
After the recent Shorewall upgrade that replaced the previous
configuration files, Shorewall now only starts 'manually' at the command
line: e.g. #shorewall start.
I can't find where this problem can be corrected in the
On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote:
> After the recent Shorewall upgrade that replaced the previous
> configuration files, Shorewall now only starts 'manually' at the command
> line: e.g. #shorewall start.
>
> I can't find where this problem can be corrected in the
> etc/sh
Paul Cartwright schreef:
On 02/14/2011 06:09 AM, Sjoerd Hardeman wrote:
A copy to the list for the archive
ok, I see what I was doing wrong. In Eudora, CTRL-R is reply, it replies
to the person. CTRL-SHFT-L replies to THE LIST..
I didn't realize Eudora had that function.
No problem. And a d
On 02/14/2011 06:09 AM, Sjoerd Hardeman wrote:
A copy to the list for the archive
ok, I see what I was doing wrong. In Eudora, CTRL-R is reply, it replies
to the person. CTRL-SHFT-L replies to THE LIST..
I didn't realize Eudora had that function.
--
Paul Cartwright
On 02/14/2011 06:09 AM, Sjoerd Hardeman wrote:
A copy to the list for the archive
I need to change that default from replying to the user, to replying to
the list.. I normally highlight what I want to reply to & hit CTRL-R.
There is probably a way to change that in Eudora OSE, I'll just have t
A copy to the list for the archive
--- Begin Message ---
On 02/14/2011 04:39 AM, Sjoerd Hardeman wrote:
IMAP/ACCEPT $FWnet
IMAPS/ACCEPT$FWnet
You can try if it works by telnetting from your laptop to your desktop
on port 143 (plain) or 993 (ssl). Check in the main time your
/v
Paul Cartwright schreef:
I was having a problem today, trying my laptop & IMAP from my debian
desktop. I looked in the rules file, & figured out why my web server
wasn't working. It only showed port 80, but I had changed apache to port
81, forgetting about shorewall! When I saw the port 80 in t
On Wednesday 26 November 2008 02:54, Tom Allison wrote:
> Andrei Popescu wrote:
> > On Tue,25.Nov.08, 06:04:52, Tom Allison wrote:
> >> I too am trying to set-up Shorewall as a firewall box.
> >> And I ran into some peculiar problems that are related to shorewall
> >> and not related to shorewall.
On Wed, Nov 26, 2008 at 10:05:00AM +0200, Andrei Popescu wrote:
> On Tue,25.Nov.08, 19:54:30, Tom Allison wrote:
>
> >> Do they *need* to be on the same network?
> >>
> > They don't need to be on the same network, but I only have one for
> > now.
>
> It's better and simpler to have separate net
On Tue,25.Nov.08, 23:26:58, Jose Hernandez wrote:
> Thank you very much, i already know how to use sudoers, but i am not
> sure about what commands i could change for allowing sudo and working
> perfectly. I can't change sudoers by simply adding my user, i need a
> specific command. I have tried wi
On Tue,25.Nov.08, 19:54:30, Tom Allison wrote:
>> Do they *need* to be on the same network?
>>
> They don't need to be on the same network, but I only have one for
> now.
It's better and simpler to have separate networks for internet and lan.
> I originally tried to set this up against the ISP
On Tue, Nov 25, 2008 at 07:54:30PM -0500, Tom Allison wrote:
> Andrei Popescu wrote:
>> On Tue,25.Nov.08, 06:04:52, Tom Allison wrote:
>>> I too am trying to set-up Shorewall as a firewall box.
>>> And I ran into some peculiar problems that are related to shorewall
>>> and not related to shorewall.
Andrei Popescu wrote:
On Tue,25.Nov.08, 06:04:52, Tom Allison wrote:
I too am trying to set-up Shorewall as a firewall box.
And I ran into some peculiar problems that are related to shorewall
and not related to shorewall.
right now I'm trying to get the firewall interfaces to come up on the
sam
Thank you very much, i already know how to use sudoers, but i am not
sure about what commands i could change for allowing sudo and working
perfectly. I can't change sudoers by simply adding my user, i need a
specific command. I have tried with "/sbin/shorewall" but it doesn't
works.
What command
On Tue,25.Nov.08, 06:04:52, Tom Allison wrote:
> I too am trying to set-up Shorewall as a firewall box.
> And I ran into some peculiar problems that are related to shorewall
> and not related to shorewall.
>
> right now I'm trying to get the firewall interfaces to come up on the
> same network. S
On Mon,24.Nov.08, 18:50:38, Phillipus Gunawan wrote:
> Hi There,
>
> I got a problem setting up Shorewall under Debian, hope if someone can guide
> me here...
...
> Policy
> $FWnetACCEPT
> $FWlocACCEPT
> net$FWACCEPT
> netlocACCEPT
On Mon, 24 Nov 2008 19:58:38 -0800 (PST)
Phillipus Gunawan <[EMAIL PROTECTED]> wrote:
> And yes, I did read the 'two-interfaces' and 'three-interfaces' examples
> This is why I post my questions, because I still can't make it work :(
>
> Cheers
As some other posters
On Mon, 24 Nov 2008 18:50:38 -0800 (PST)
Phillipus Gunawan <[EMAIL PROTECTED]> wrote:
> Hi There,
>
> I got a problem setting up Shorewall under Debian, hope if someone can guide
> me here...
>
> Problem 1
>
> I install Debian with eth2 plugged
>
> When Im using eth
On Mon, 22 Sep 2008 02:24:26 +1200
Chris Bannister <[EMAIL PROTECTED]> wrote:
> On Sat, Sep 20, 2008 at 11:13:09PM -0700, Amit Uttamchandani wrote:
> > > no /var/lock/subsys/ directory.
> > >
> >
> > You are right, I don't have that directory either.
> >
> > > > I did a google search and this
On Mon, 22 Sep 2008 02:24:26 +1200
Chris Bannister <[EMAIL PROTECTED]> wrote:
...
> I don't have shorewall-perl installed so have no knowledge on that.
> Why shorewall-perl?
The author seems to prefer it; from Shorewall-perl.html (in
shorewall-doc):
Shorewall-perl - What is it?
Shorewall-per
On Sat, Sep 20, 2008 at 11:13:09PM -0700, Amit Uttamchandani wrote:
> > no /var/lock/subsys/ directory.
> >
>
> You are right, I don't have that directory either.
>
> > > I did a google search and this is basically a state file written by
> > > shorewall to indicate a successful start up. Shoul
On Sun, 21 Sep 2008 12:02:34 +1200
Chris Bannister <[EMAIL PROTECTED]> wrote:
> On Sat, Sep 20, 2008 at 10:18:38AM -0700, Amit Uttamchandani wrote:
> > Yes, shorewall is very powerful!
> >
> > Also, do you get the error:
> >
> > touch: cannot touch `/var/lock/subsys/shorewall': No such file or
>
On Sat, Sep 20, 2008 at 10:18:38AM -0700, Amit Uttamchandani wrote:
> Yes, shorewall is very powerful!
>
> Also, do you get the error:
>
> touch: cannot touch `/var/lock/subsys/shorewall': No such file or
> directory done.
I'm running shorewall and that file doesn't exist, infact there is even
n
On Sat, 20 Sep 2008 11:06:24 +0300
Andrei Popescu <[EMAIL PROTECTED]> wrote:
> [I have wrapped all your lines to less than 80 characters]
>
> On Sat,20.Sep.08, 00:38:11, Amit Uttamchandani wrote:
> >
> > Following the setup for shorewall firewall I was able to get it up and
> > running for the
[I have wrapped all your lines to less than 80 characters]
On Sat,20.Sep.08, 00:38:11, Amit Uttamchandani wrote:
>
> Following the setup for shorewall firewall I was able to get it up and
> running for the eth1 interface (local wired RJ45). Now, I would also
> like to setup my wireless adapter
On Thu, Mar 08, 2007 at 08:34:20 -0300, Cassiano Leal wrote:
> Andrei Popescu wrote:
> >Cassiano Leal <[EMAIL PROTECTED]> wrote:
> >
> >>Hi!
> >>
> >>I have two shorewall installations, and it seems to have a quite
> >>annoying habit of logging to the stdout.
> >
> ># /etc/sysctl.conf - Configurat
Raquel wrote:
Edit /etc/init.d/klogd
Add this line: KLOGD="-c 4"
Restart klogd and those messages will stop. Then you can remove all
the extra firewalls before shorewall.
Works like a charm!
Thank you very much, Raquel!
Cassiano
begin:vcard
fn:Cassiano Bertol Leal
n:Leal;Cassiano
email;i
Andrei Popescu wrote:
Cassiano Leal <[EMAIL PROTECTED]> wrote:
Hi!
I have two shorewall installations, and it seems to have a quite
annoying habit of logging to the stdout.
# /etc/sysctl.conf - Configuration file for setting system variables
# See sysctl.conf (5) for information.
[...]
#
Cassiano Leal <[EMAIL PROTECTED]> wrote:
> Hi!
>
> I have two shorewall installations, and it seems to have a quite
> annoying habit of logging to the stdout.
# /etc/sysctl.conf - Configuration file for setting system variables
# See sysctl.conf (5) for information.
[...]
# Uncomment the foll
On Wed, 07 Mar 2007 12:02:57 -0300
Cassiano Leal <[EMAIL PROTECTED]> wrote:
> Hi!
>
> I have two shorewall installations, and it seems to have a quite
> annoying habit of logging to the stdout.
>
> In one of the installations, I have (well, it kinda happenned by
> accident, but I kept it this
On Wed, Mar 07, 2007 at 12:02:57PM -0300, Cassiano Leal wrote:
> Hi!
>
> I have two shorewall installations, and it seems to have a quite
> annoying habit of logging to the stdout.
>
> In one of the installations, I have (well, it kinda happenned by
> accident, but I kept it this way for conven
On Tue, 2 Jan 2007 17:26:10 +0530
"sankaranarayanan" <[EMAIL PROTECTED]> wrote:
> Hi
>
>
>
> Just now I have installed shorewall on debian 2.4.27-2-386
> successfully.But when I am trying to apt-get update it is showing the
> following error
>
>
>
> Err http://ftp2.de.debian.org sarge/vo
On Thu, Oct 19, 2006 at 10:13:34PM +0200, Seweryn Kokot wrote:
> Inspired by last posts about iptables/firewall I would like to convert from
> /etc/init.d/firewall rules to shorewall. I have an external internet
> connection (ppp0, dynamic ip) and want to forward that net connection
> by eth0 (192.
Adam D wrote:
> Seweryn Kokot wrote:
>> Inspired by last posts about iptables/firewall I would like to convert from
>> /etc/init.d/firewall rules to shorewall. I have an external internet
>> connection (ppp0, dynamic ip) and want to forward that net connection
>> by eth0 (192.168.0.1) to another co
Seweryn Kokot wrote:
> Inspired by last posts about iptables/firewall I would like to convert from
> /etc/init.d/firewall rules to shorewall. I have an external internet
> connection (ppp0, dynamic ip) and want to forward that net connection
> by eth0 (192.168.0.1) to another computer. Here are the
On Thu, 19 Oct 2006 22:13:34 +0200
Seweryn Kokot <[EMAIL PROTECTED]> wrote:
> Inspired by last posts about iptables/firewall I would like to
> convert from /etc/init.d/firewall rules to shorewall. I have an
> external internet connection (ppp0, dynamic ip) and want to forward
> that net connection
On 18 Oct 2005 13:36:18 -0700
"Colin Ingram" <[EMAIL PROTECTED]> wrote:
> I use sarge and when I recently tried to install the most recent
> update to shorewall( v2.2.3-2) my system hangs when trying to
> configure shorewall. ps shows the postins script zombified.
>
> [EMAIL PROTECTED]:~$ ps axfw
On 07 Oct 2004, Anthony Campbell wrote:
> On 06 Oct 2004, Tim Timmerman wrote:
> > Hi,
> >
> > yesterday I tried to activate shorewall as a firewall on a 2.6.8.1
> > kernel. (using a woody system, and the backport from backports.org)
> >
> > Everything worked just fine, except for one teens
On 06 Oct 2004, Tim Timmerman wrote:
> Hi,
>
> yesterday I tried to activate shorewall as a firewall on a 2.6.8.1
> kernel. (using a woody system, and the backport from backports.org)
>
> Everything worked just fine, except for one teensy problem:
>
> - Nothing on the firewall could send
On Thu, 2003-10-09 at 08:12, Vittorio wrote:
> I have setup a debian 3.0 server functioning as a gateway, router,
> **IMAP SERVER**, and firewall. It connects to the internet via a DSL
> ppp0 connection and to the internal network through eth1.
>
> Being an absolute beginner, I've set up shorewall
Vittorio wrote:
I have setup a debian 3.0 server functioning as a gateway, router,
**IMAP SERVER**, and firewall. It connects to the internet via a DSL
ppp0 connection and to the internal network through eth1.
Being an absolute beginner, I've set up shorewall with a basic
configuration suggested in
> Workarounds:
>
> 1) run an internal DNS behind the firewall, and direct all queries at
> that system, punch a hole through the firewall to allow that system
> through. I do this on my network, I have a bridged freebsd box
> which has a default ipfw policy of deny, then I told BIND to only
> use
Benedict Verheyen said:
> Hi,
>
> i configured shorewall on my server to share the internet connection. My
> apt.conf file contains a line to configure the use of the proxy of my
> isp:
> Acquire::http:Proxy "http://proxy.isp.be:8080";;
most firewalls with a default deny block outbound DNS request
65 matches
Mail list logo
