Re: Shorewall.

On Thu, Feb 13, 2025 at 09:39:29 -0700, pe...@easthope.ca wrote: > # grep startup /etc/default/shorewall > # prevent startup with default configuration [Badly stated comment.] > startup=1 > > > And does 'systemctl status shorewall' show that it is enabled? >

Re: Shorewall.

On 2/13/25 17:39, pe...@easthope.ca wrote: Roberto & all, From: Roberto C. Sánchez Date: Thu, 13 Feb 2025 11:20:44 -0500 What about /etc/default/shorewall? # grep startup /etc/default/shorewall # prevent startup with default configuration [Badly stated comment.] startup=1

Re: Shorewall.

Roberto & all, From: Roberto C. Sánchez Date: Thu, 13 Feb 2025 11:20:44 -0500 > What about /etc/default/shorewall? # grep startup /etc/default/shorewall # prevent startup with default configuration [Badly stated comment.] startup=1 > And does 'systemctl status shorewal

Re: Shorewall.

pe...@easthope.ca wrote: > Hi, > > # cat /etc/deb*n > 12.9 > > # dpkg -l | grep shorewall > ii shorewall5.2.8-2 > all Shoreline Firewall, netfilter configurator > ii shorewall-core 5.2.8-2 >

Re: Shorewall.

* On 2025 13 Feb 10:10 -0600, pe...@easthope.ca wrote: > Hi, > > # cat /etc/deb*n > 12.9 > > # dpkg -l | grep shorewall > ii shorewall5.2.8-2 > all Shoreline Firewall, netfilter configurator > ii shorewall-core

Re: Shorewall.

On Thu, Feb 13, 2025 at 07:51:37AM -0700, pe...@easthope.ca wrote: > Hi, > > # cat /etc/deb*n > 12.9 > > # dpkg -l | grep shorewall > ii shorewall5.2.8-2 > all Shoreline Firewall, netfilter configura

Shorewall.

Hi, # cat /etc/deb*n 12.9 # dpkg -l | grep shorewall ii shorewall5.2.8-2 all Shoreline Firewall, netfilter configurator ii shorewall-core 5.2.8-2 all Shorewall core components ii shorewall-init

Re: Shorewall and libvirt

On Jo, 06 mai 21, 17:18:26, Charles Curley wrote: > > I will. I believe the Powers That Be at Debian prefer one file a bug > report with Debian, and the Debian maintainers will file an upstream > bug if necessary. Anyway, that's the course I plan to take. Do feel free to file bugs directly with u

Re: Shorewall and libvirt

> >> > >> > >> Remember that Bullseye as nftables per default, you might want to > >> switch back to iptables for Shorewall to work properly. > > > > Done, thank you. > > > > :) > > > > During this whole fiasco, I notic

Re: Shorewall and libvirt

s for Shorewall to work properly. Done, thank you. :) During this whole fiasco, I noticed a problem with virtmanager. The Bullseye version lets the user edit the XML. This is nice, because it then applies whatever changes the user makes. However, as soon as you hit the apply button, the disp

Re: Shorewall and libvirt

solution you like (this is > documented in Libvirt's doc). I missed it. Sorry. > > > Remember that Bullseye as nftables per default, you might want to > switch back to iptables for Shorewall to work properly. Done, thank you. During this whole fiasco, I noticed a problem with

Re: Shorewall and libvirt

On 5/6/2021 5:03 AM, Charles Curley wrote: For years, up through Buster, I have had a nice setup with virtual machines on my laptops, with firewalling provided by shorewall and rules I have added over the years. As I move from network to network, the firewall is reconfigured, and the VMs

Shorewall and libvirt

For years, up through Buster, I have had a nice setup with virtual machines on my laptops, with firewalling provided by shorewall and rules I have added over the years. As I move from network to network, the firewall is reconfigured, and the VMs continue to work. I also have scripts that detect my

Re: Shorewall blocks Internet on boot-up

On 04/28/2014 07:15 PM, Charles Kroeger wrote: I'm running a Jessie/ Sid mixture and after a recent dist-upgrade Shorewall blocks all Internet access unless it is 'stopped' and restarted: When shorewall is started, it sets the iptables in the kernel which do the actual work

Shorewall blocks Internet on boot-up

I'm running a Jessie/ Sid mixture and after a recent dist-upgrade Shorewall blocks all Internet access unless it is 'stopped' and restarted: root@mundo:/home/charles# shorewall stop Stopping Shorewall Processing /etc/shorewall/stop ... Processing /etc/shorewall/tcclear ..

Re: Problem starting shorewall6 (or possibly shorewall) on boot

Ulrik Haugen wrote: > When I boot my machine something like the following is printed: I don't know. But there haven't been any other responses for several days. So I will make a comment. > [ 50.220571] xt_addrtype: ipv6 does not support BROADCAST matching > Starting "

Problem starting shorewall6 (or possibly shorewall) on boot

Hello! When I boot my machine something like the following is printed: [ 50.220571] xt_addrtype: ipv6 does not support BROADCAST matching Starting "Shorewall firewall": not done. Starting "Shorewall6 firewall": not done. [FAIL] startpar: service(s) returned failure:

Re: Re: Long delay when shorewall/shorewall6 starts/stops

ce everything is working, does "shorewall restart" give > the delay? No, it does not. I see in the /var/log/shorewall-init.log file that on each machine a 1 minute delay occurs: Aug 19 18:07:03 Creating iptables-restore input... Aug 19 18:07:03 Shorewall configuration compiled to /var

Re (2): Long delay when shorewall/shorewall6 starts/stops

If an earlier copy of this message reached the list, it's References are absent. From: Nate Bargmann Date: Tue, 21 Aug 2012 16:22:15 -0500 > Each machine is defined for its own fw zone. If both machines have the delay, troubleshooting on the wired machine should be more efficient that on

Re: Re: Long delay when shorewall/shorewall6 starts/stops

From: Nate Bargmann Date: Tue, 21 Aug 2012 16:22:15 -0500 > Each machine is defined for its own fw zone. I do not have a DMZ. The > machines do sit behind a OpenWRT router with its firewall enabled. Once everything is working, does "shorewall restart" give the delay? The

Re: Long delay when shorewall/shorewall6 starts/stops

x27;t suggesting that you were using nis. I was simply pointing that out as a data point where using 'auto' avoids a delay but 'allow-hotplug' has a problem. It was an example only. > I suppose the next step is figuring out how to enable debugging in > Shorewall. Si

Re: Re: Long delay when shorewall/shorewall6 starts/stops

Camaleón, I accidentally deleted your reply. Perhaps the only difference I can see with the FAQ you quoted is that it's for the much older version 3.0. That has not been in Unstable/Testing for some time. Currently, the Shorewall packages are at 4.5.5-1. I'll double check for any

Re: Long delay when shorewall/shorewall6 starts/stops

. I do not have a DMZ. The machines do sit behind a OpenWRT router with its firewall enabled. > > ... the shorewall/shorewall6 startup scripts have a pause > > of about a minute before the system start/shutdown can continue. > > By any chance, does fw have another connection w

Re: Long delay when shorewall/shorewall6 starts/stops

* On 2012 21 Aug 14:56 -0500, Bob Proulx wrote: > Nate Bargmann wrote: > > This has bugged me on and off most of this year since for some reason > > that I can't find, the shorewall/shorewall6 startup scripts have a pause > > of about a minute before the system start/shu

Re: Long delay when shorewall/shorewall6 starts/stops

From: Nate Bargmann Date: Fri, 17 Aug 2012 14:35:57 -0500 > Right now this affects both my desktop and laptop running Sid. Is the desktop the fw zone? Another machine? > ... the shorewall/shorewall6 startup scripts have a pause > of about a minute before the system start/shu

Re: Long delay when shorewall/shorewall6 starts/stops

Nate Bargmann wrote: > This has bugged me on and off most of this year since for some reason > that I can't find, the shorewall/shorewall6 startup scripts have a pause > of about a minute before the system start/shutdown can continue. Right > now this affects both my desktop a

Re: Long delay when shorewall/shorewall6 starts/stops

On Fri, 17 Aug 2012 14:35:57 -0500, Nate Bargmann wrote: > This has bugged me on and off most of this year since for some reason > that I can't find, the shorewall/shorewall6 startup scripts have a pause > of about a minute before the system start/shutdown can continue. Right >

Long delay when shorewall/shorewall6 starts/stops

This has bugged me on and off most of this year since for some reason that I can't find, the shorewall/shorewall6 startup scripts have a pause of about a minute before the system start/shutdown can continue. Right now this affects both my desktop and laptop running Sid. My desktop'

Re: Shorewall 4.5.2.2 startup question

> That you can provide such detail and yet not use the tool yourself. > > Hugo > >> Do you run shorewall? > > > > Not at all. Hugo, despite being complex in appearance shorewall is 'easy' to set up for a strong firewall with example files provided

Re: Shorewall 4.5.2.2 startup question

On Mon, 30 Apr 2012 11:13:10 -0500, hvw59601 wrote: > Camaleón wrote: >>>> Mmm, this is done from "/etc/default/shorewall" by editing the >>>> "startup" variable, that you have to set to "1" as it says. >>>> >>>>

Re: Shorewall 4.5.2.2 startup question

On Mon, 30 Apr 2012 11:43:53 +0300, Andrei POPESCU wrote: > On Du, 29 apr 12, 18:53:11, Charles Kroeger wrote: >> >> In /doc/shorewall-core there's nothing about this In >> /doc/shorewall-doc/ there are subfolders of HTML and HTML/images and >> manpages in great

Re: Shorewall 4.5.2.2 startup question

Camaleón wrote: On Sun, 29 Apr 2012 15:13:36 -0500, hvw59601 wrote: Camaleón wrote: On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote: After the recent Shorewall upgrade that replaced the previous configuration files, Shorewall now only starts 'manually' at the command

Re: Shorewall 4.5.2.2 startup question

On Sun, 29 Apr 2012 15:13:36 -0500, hvw59601 wrote: > Camaleón wrote: >> On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote: >> >>> After the recent Shorewall upgrade that replaced the previous >>> configuration files, Shorewall now only starts '

Re: Shorewall 4.5.2.2 startup question

On Du, 29 apr 12, 18:53:11, Charles Kroeger wrote: > > In /doc/shorewall-core there's nothing about this > In /doc/shorewall-doc/ there are subfolders of HTML and HTML/images and > manpages in great abundance but no README. > In /usr/share/shorewall there are subfolders of

Re: Shorewall 4.5.2.2 startup question

Brian pointed out: > Incidentally, shorewall has had 'startup=0' since Lenny at least. You > probably forgot that you must have altered the default sometime in the > past and didn't think the README in /usr/share/doc worth a glance. > Also, /etc/default/shorewall is

Re: Shorewall 4.5.2.2 startup question

On Sun 29 Apr 2012 at 15:30:28 -0500, Charles Kroeger wrote: > On Sun, 29 Apr 2012 22:20:02 +0200 > hvw59601 wrote: > > > Camaleón wrote: > > > On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote: > > > > > >> After the recent

Re: Shorewall 4.5.2.2 startup question

On Sun, 29 Apr 2012 22:20:02 +0200 hvw59601 wrote: > Camaleón wrote: > > On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote: > > > >> After the recent Shorewall upgrade that replaced the previous > >> configuration files, Shorewall now only starts 'm

Re: Shorewall 4.5.2.2 startup question

On Sun, 29 Apr 2012 19:30:02 +0200 Camaleón wrote: > On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote: > > > After the recent Shorewall upgrade that replaced the previous > > configuration files, Shorewall now only starts 'manually' at the command >

Re: Shorewall 4.5.2.2 startup question

Camaleón wrote: On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote: After the recent Shorewall upgrade that replaced the previous configuration files, Shorewall now only starts 'manually' at the command line: e.g. #shorewall start. I can't find where this problem can

Re: Shorewall 4.5.2.2 startup question

On Sun, 29 Apr 2012 11:48:58 -0500, Charles Kroeger wrote: > After the recent Shorewall upgrade that replaced the previous > configuration files, Shorewall now only starts 'manually' at the command > line: e.g. #shorewall start. > > I can't find where this problem

Shorewall 4.5.2.2 startup question

After the recent Shorewall upgrade that replaced the previous configuration files, Shorewall now only starts 'manually' at the command line: e.g. #shorewall start. I can't find where this problem can be corrected in the etc/shorewall/shorewall.conf What changed in the upgrade th

Re: Stopping the Shorewall firewall stops my Internet connection

onnections, not MAKE connections. > > Shorewall is not just a firewall (frontend), it can be used to activate > the NAT, via the: > > IP_FORWARDING=On > > option in /etc/shorewall/shorewall.conf. It defaults to 'keep', but it's > very convenient to use if you already

Re: Stopping the Shorewall firewall stops my Internet connection

On Jo, 03 mar 11, 22:08:00, Jason Hsu wrote: > > What's going on? How can turning OFF a firewall block Internet > access? I thought that the purpose of a firewall is to BLOCK > connections, not MAKE connections. Shorewall is not just a firewall (frontend), it can be used to

Re: Stopping the Shorewall firewall stops my Internet connection

On 03/04/2011 10:42 AM, Jason Hsu wrote: I tried "shorewall clear", but that also disabled my Internet connection. Again, I had to start Shorewall up again to restore my Internte connection. Then it is as Stan had said, stopping shorewall disables your NATing as well. Follow his

Re: Stopping the Shorewall firewall stops my Internet connection

On Fri, 04 Mar 2011 09:51:13 +0530 Mihira Fernando wrote: > > > How are you stoping shorewall ? if you issue a shorewall stop, it goes > in to a lockdown mode. You have to issue a shorewall clear to allow all > traffic. > I tried "shorewall clear", but that also dis

Re: Stopping the Shorewall firewall stops my Internet connection

Jason Hsu put forth on 3/3/2011 10:08 PM: > My setup: > Modem -> Firewall/server computer -> Ethernet switch -> Main computer > > The firewall/server computer has Shorewall (firewall), DNSMasq, DHCP3 Server, > and SSH. > > I'm trying to troubleshoot why I

Re: Stopping the Shorewall firewall stops my Internet connection

On 03/04/2011 09:38 AM, Jason Hsu wrote: My setup: Modem -> Firewall/server computer -> Ethernet switch -> Main computer The firewall/server computer has Shorewall (firewall), DNSMasq, DHCP3 Server, and SSH. I'm trying to troubleshoot why I'm unable to connect to my n

Stopping the Shorewall firewall stops my Internet connection

My setup: Modem -> Firewall/server computer -> Ethernet switch -> Main computer The firewall/server computer has Shorewall (firewall), DNSMasq, DHCP3 Server, and SSH. I'm trying to troubleshoot why I'm unable to connect to my network from another location by using SSH.

Re: [Fwd: Re: shorewall & IMAP]-reply-to-list

Paul Cartwright schreef: On 02/14/2011 06:09 AM, Sjoerd Hardeman wrote: A copy to the list for the archive ok, I see what I was doing wrong. In Eudora, CTRL-R is reply, it replies to the person. CTRL-SHFT-L replies to THE LIST.. I didn't realize Eudora had that function. No problem. And a d

Re: [Fwd: Re: shorewall & IMAP]-reply-to-list

On 02/14/2011 06:09 AM, Sjoerd Hardeman wrote: A copy to the list for the archive ok, I see what I was doing wrong. In Eudora, CTRL-R is reply, it replies to the person. CTRL-SHFT-L replies to THE LIST.. I didn't realize Eudora had that function. -- Paul Cartwright

Re: [Fwd: Re: shorewall & IMAP]

On 02/14/2011 06:09 AM, Sjoerd Hardeman wrote: A copy to the list for the archive I need to change that default from replying to the user, to replying to the list.. I normally highlight what I want to reply to & hit CTRL-R. There is probably a way to change that in Eudora OSE, I'll just have t

[Fwd: Re: shorewall & IMAP]

/var/log/messages on the desktop to see if any blocked traffic has been logged. thanks, I knew it was a shorewall problem, because ssh works, and apache worked after I added the port 81.. My ISP put in a new ADSL modem/router that I have no admin rights on, so I am not sure what gets in from

Re: shorewall & IMAP

Paul Cartwright schreef: I was having a problem today, trying my laptop & IMAP from my debian desktop. I looked in the rules file, & figured out why my web server wasn't working. It only showed port 80, but I had changed apache to port 81, forgetting about shorewall! When I saw t

shorewall & IMAP

I was having a problem today, trying my laptop & IMAP from my debian desktop. I looked in the rules file, & figured out why my web server wasn't working. It only showed port 80, but I had changed apache to port 81, forgetting about shorewall! When I saw the port 80 in there, I cha

Re: adaptive traffic shaping with shorewall?

On Sat, Oct 16, 2010 at 06:48:01PM -0500, Sam Leon wrote: > On 10/16/2010 03:37 PM, lee wrote: > >Hi, > > > >is it possible to implement adaptive traffic shaping with shorewall? > > Yes by using HTB with the traffic shaper: > http://www.shorewall.net/traffic_shapi

Re: adaptive traffic shaping with shorewall?

On 10/16/2010 03:37 PM, lee wrote: Hi, is it possible to implement adaptive traffic shaping with shorewall? What I have in mind is, for example, to be able to specify that outgoing ftp traffic shouldn´t use more than 1/4 of the total bandwidth if the other 3/4 of it are used otherwise. When

adaptive traffic shaping with shorewall?

Hi, is it possible to implement adaptive traffic shaping with shorewall? What I have in mind is, for example, to be able to specify that outgoing ftp traffic shouldn´t use more than 1/4 of the total bandwidth if the other 3/4 of it are used otherwise. When there´s free bandwidth, the outgoing

/var/lock/subsys/shorewall and /var/state/shorewall

At Date: Sat, 20 Sep 2008 10:18:38 -0700, Amit Uttamchandani wrote, "Also, do you get the error: touch: cannot touch `/var/lock/subsys/shorewall': No such file or directory " Ref. man shorewall.conf. Appears that a recent update intended to replace the lock /var/lock/subsys/shor

Tool for immediate tabulation of [shorewall] ulog files

Hi, I didn't find anything for immediate use to tabulate occurrences in shorewall ulog files and so I wrote the below script after doing similarly on the command line. I needed it to focus in on behavior that showed up at a higher level. I offer it below for general use via GPL. I believe

Tool for immediate tabulation of [shorewall] ulog files

Hi, I didn't find anything for immediate use to tabulate occurrences in shorewall ulog files and so I wrote the below script after doing similarly on the command line. I needed it to focus in on behavior that showed up at a higher level. I offer it below for general use via GPL. I believe

Re: Fw: shorewall newbie Revisit: new IP

On Wed, Nov 26, 2008 at 07:47:36AM -0800, Phillipus Gunawan wrote: > well well well > it works... > > then, how can i use 10.1.1.4 for DNS as well? > putting: > DNS/ACCEPT ALL ALLon rules didnt have any effect, cant resolve DNS > is there anyway i can make the debian for local DNS reso

Re: Fw: shorewall newbie Revisit: new IP

unawan <[EMAIL PROTECTED]> Cc: "debian-user@lists.debian.org" Sent: Thursday, 27 November, 2008 2:19:12 AM Subject: Re: Fw: shorewall newbie Revisit: new IP On Wed, 2008-11-26 at 16:07 +0100, Phillipus Gunawan wrote: > > > using 10.1.1.5, gw/dns = 10.1.1.4 You have

Re: Fw: shorewall newbie Revisit: new IP

On Wed, 2008-11-26 at 16:07 +0100, Phillipus Gunawan wrote: > > > using 10.1.1.5, gw/dns = 10.1.1.4 You have a DNS on 10.1.1.4? > C:\>ping www.yahoo.com > Ping request could not find host www.yahoo.com. Please check the name > and try again. No DNS on 10.1.1.4, so the ip of www.yahoo.com can n

Re: Fw: shorewall newbie Revisit: new IP

via 10.20.20.106 dev ppp0 > shorewall start > shorewall status Shorewall-4.0.14 Status at debian - Thu Nov 27 13:58:42 EST 2008 Shorewall is running State:Started (Thu Nov 27 13:46:29 EST 2008) using 10.1.1.5, gw/dns = 10.1.1.4 C:\>ping 220.244.8.194 Pinging 220.244.8.194 with

Re: Fw: shorewall newbie Revisit: new IP

On Wed, 2008-11-26 at 13:41 +0100, Phillipus Gunawan wrote: > > > route -n > Destination GatewayGenmask Flags Metric RefUse Iface > 10.20.20.125 0.0.0.0255.255.255.255 UH0 00 ppp0 > 192.168.1.0 0.0.0.0255.255.255.0 U 0 00 eth1 > 10.0.0.

Re: Shorewall & network/interfaces

On Wednesday 26 November 2008 02:54, Tom Allison wrote: > Andrei Popescu wrote: > > On Tue,25.Nov.08, 06:04:52, Tom Allison wrote: > >> I too am trying to set-up Shorewall as a firewall box. > >> And I ran into some peculiar problems that are related to shorewall > &

Re: Shorewall & network/interfaces

; > > I'll have to go back and RTFM. > > Some time ago I posted a tutorial for masquerading with shorewall. Let's > see... it's still there > > http://newbiedoc.berlios.de/wiki/Firewall_with_masquerading I run shorwall between my dial-up modem and the rest of my net

Re: Fw: shorewall newbie Revisit: new IP

0 00 eth1 10.0.0.00.0.0.0 255.0.0.0 U 0 00 eth0 > pppoe start > shorewall start (after ppp0 up and same result after firing up shorewall) > route -n Destination Gateway Genmask Flags Metric RefUse Iface 10.20.20.12

Re: Fw: shorewall newbie Revisit: new IP

On Tue,25.Nov.08, 22:59:24, Phillipus Gunawan wrote: > > Hi There, > > As suggested, I change the IP for eth1, but unfortunately, still same result, > but I hope to get a light this time > On Policy, I simply put "ALL ALL ACCEPT" just for a starter, to get thi

Re: [Shorewall-users] Help - I need to allow my normal user for use Shorewall, how?

and. I have tried with "/sbin/shorewall" but it doesn't > works. Please post *exactly* what you have in /etc/sudoers and the exact error message you get (use copy-paste). Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert E

Re: Shorewall & network/interfaces

ried to set this up against the ISP and it could not identify > any dhcp traffic and only rejected everything as being a martian. > Seriously broken? > > I'll have to go back and RTFM. Some time ago I posted a tutorial for masquerading with shorewall. Let's see.

Fw: shorewall newbie Revisit: new IP

Hi There, As suggested, I change the IP for eth1, but unfortunately, still same result, but I hope to get a light this time On Policy, I simply put "ALL ALL ACCEPT" just for a starter, to get this shorewall working is my priority Why i am not simply put net.ipv4.ip_forward=1, I w

Re: Shorewall & network/interfaces

On Tue, Nov 25, 2008 at 07:54:30PM -0500, Tom Allison wrote: > Andrei Popescu wrote: >> On Tue,25.Nov.08, 06:04:52, Tom Allison wrote: >>> I too am trying to set-up Shorewall as a firewall box. >>> And I ran into some peculiar problems that are related to shorewall >&

Re: Shorewall & network/interfaces

Andrei Popescu wrote: On Tue,25.Nov.08, 06:04:52, Tom Allison wrote: I too am trying to set-up Shorewall as a firewall box. And I ran into some peculiar problems that are related to shorewall and not related to shorewall. right now I'm trying to get the firewall interfaces to come up o

Re: [Shorewall-users] Help - I need to allow my normal user for use Shorewall, how?

Thank you very much, i already know how to use sudoers, but i am not sure about what commands i could change for allowing sudo and working perfectly. I can't change sudoers by simply adding my user, i need a specific command. I have tried with "/sbin/shorewall" but it doesn't w

Re: Shorewall & network/interfaces

On Tue,25.Nov.08, 06:04:52, Tom Allison wrote: > I too am trying to set-up Shorewall as a firewall box. > And I ran into some peculiar problems that are related to shorewall > and not related to shorewall. > > right now I'm trying to get the firewall interfaces to come up o

Re: Shorewall with Debian

On Mon,24.Nov.08, 18:50:38, Phillipus Gunawan wrote: > Hi There, > > I got a problem setting up Shorewall under Debian, hope if someone can guide > me here... ... > Policy > $FWnetACCEPT > $FWlocACCEPT > net$FWACCEPT > n

Re: Shorewall with Debian

ork :( > > Cheers As some other posters pointed out I think the problem may very well be 'routing' and not necessarily just the firewall. My message indicated to read through _all_ the docs not just those two 'related' topics. For instance this doc is really helpful

Shorewall & network/interfaces

I too am trying to set-up Shorewall as a firewall box. And I ran into some peculiar problems that are related to shorewall and not related to shorewall. right now I'm trying to get the firewall interfaces to come up on the same network. So eth0 and eth1 are both on 192.168.1.0/24 with eth1

Re: Fw: Shorewall with Debian

On Tue, 2008-11-25 at 08:44 +0100, Phillipus Gunawan wrote: > > netstat -atn > > tcp0 0 0.0.0.0:111 0.0.0.0:* > LISTEN > tcp0 0 0.0.0.0:1 0.0.0.0:* > LISTEN > tcp0 0 0.0.0.0:113 0.0.0.0:* > LISTEN > tcp0 0 0

Re: Fw: Shorewall with Debian

On Tue, 2008-11-25 at 07:00 +0100, Phillipus Gunawan wrote: > > Just to clear up bit mis-understanding > I did not put same IP on eth0 and eth1, they 10.1.1.1 and 10.1.1.4 > But both did reside on the same subnet: 255.0.0.0 > With this scenario, I assume you corrected me by saying this > configura

Re: Fw: Shorewall with Debian

:22 PM Subject: Re: Fw: Shorewall with Debian On Tue, 2008-11-25 at 07:00 +0100, Phillipus Gunawan wrote: > > Just to clear up bit mis-understanding > I did not put same IP on eth0 and eth1, they 10.1.1.1 and 10.1.1.4 > But both did reside on the same subnet: 255.0.0.0 > With this s

Re: Fw: Shorewall with Debian

er, 2008 4:46:45 PM Subject: Re: Fw: Shorewall with Debian On Tue, 2008-11-25 at 06:36 +0100, Phillipus Gunawan wrote: > > Thanks for the reply, > > I admit, yes, it was mistake to create both NIC on the same subnet, > though I need to study more about this > > 'ping 1

Re: Fw: Shorewall with Debian

On Tue, 2008-11-25 at 06:36 +0100, Phillipus Gunawan wrote: > > Thanks for the reply, > > I admit, yes, it was mistake to create both NIC on the same subnet, > though I need to study more about this > > 'ping 10.1.1.5' on my Debian > - with eth0 only, resulting: From 10.1.1.4 icmp_seq=10 Destina

Re: Fw: Shorewall with Debian

1.1.5) why is that? Thanks - Original Message From: subscriptions <[EMAIL PROTECTED]> To: debian-user@lists.debian.org Cc: Phillipus Gunawan <[EMAIL PROTECTED]> Sent: Tuesday, 25 November, 2008 3:17:31 PM Subject: Re: Fw: Shorewall with Debian On Tue, 2008-11-25 at

Re: Fw: Shorewall with Debian

On Tue, 2008-11-25 at 04:58 +0100, Phillipus Gunawan wrote: > > > Checked: > IP_FORWARDING=On > > Another things that bothering me > I am using class A network as 10.1.1.x/24, subnet 255.0.0.0 > > ~# ifconfig > eth0 Link encap:Ethernet HWaddr 00:E0:4C:50:18:FD

Fw: Shorewall with Debian

EMAIL PROTECTED]> To: debian-user@lists.debian.org Sent: Tuesday, 25 November, 2008 2:47:14 PM Subject: Re: Shorewall with Debian On Mon, 24 Nov 2008 18:50:38 -0800 (PST) Phillipus Gunawan <[EMAIL PROTECTED]> wrote: > Hi There, > > I got a problem setting up Shorewal

Re: Shorewall with Debian

On Mon, 24 Nov 2008 18:50:38 -0800 (PST) Phillipus Gunawan <[EMAIL PROTECTED]> wrote: > Hi There, > > I got a problem setting up Shorewall under Debian, hope if someone can guide > me here... > > Problem 1 > > I install Debian with e

Shorewall with Debian

Hi There, I got a problem setting up Shorewall under Debian, hope if someone can guide me here... Problem 1 I install Debian with eth2 plugged When Im using eth2, I can log in to my box (using webmin) to configure the debian either using 10.1.1.1 or 10.1.1.4 address remotely from other hosts

Re: Shorewall Firewall with dynamic interfaces

> > > > > > I did a google search and this is basically a state file written by > > > > shorewall to indicate a successful start up. Should I just create this > > > > file? > > > > > > How did you install shorewall? > > > &g

Re: Shorewall Firewall with dynamic interfaces

On Mon, 22 Sep 2008 02:24:26 +1200 Chris Bannister <[EMAIL PROTECTED]> wrote: ... > I don't have shorewall-perl installed so have no knowledge on that. > Why shorewall-perl? The author seems to prefer it; from Shorewall-perl.html (in shorewall-doc): Shorewall-perl - What

Re: Shorewall Firewall with dynamic interfaces

On Sat, Sep 20, 2008 at 11:13:09PM -0700, Amit Uttamchandani wrote: > > no /var/lock/subsys/ directory. > > > > You are right, I don't have that directory either. > > > > I did a google search and this is basically a state file written by > > >

Re: Shorewall Firewall with dynamic interfaces

On Sun, 21 Sep 2008 12:02:34 +1200 Chris Bannister <[EMAIL PROTECTED]> wrote: > On Sat, Sep 20, 2008 at 10:18:38AM -0700, Amit Uttamchandani wrote: > > Yes, shorewall is very powerful! > > > > Also, do you get the error: > > > > touch: cannot touch `/var/

Re: Shorewall Firewall with dynamic interfaces

On Sat, Sep 20, 2008 at 10:18:38AM -0700, Amit Uttamchandani wrote: > Yes, shorewall is very powerful! > > Also, do you get the error: > > touch: cannot touch `/var/lock/subsys/shorewall': No such file or > directory done. I'm running shorewall and that file doesn&#

Re: Shorewall Firewall with dynamic interfaces

On Sat, 20 Sep 2008 11:06:24 +0300 Andrei Popescu <[EMAIL PROTECTED]> wrote: > [I have wrapped all your lines to less than 80 characters] > > On Sat,20.Sep.08, 00:38:11, Amit Uttamchandani wrote: > > > > Following the setup for shorewall firewall I was able to get it

Re: Shorewall Firewall with dynamic interfaces

[I have wrapped all your lines to less than 80 characters] On Sat,20.Sep.08, 00:38:11, Amit Uttamchandani wrote: > > Following the setup for shorewall firewall I was able to get it up and > running for the eth1 interface (local wired RJ45). Now, I would also > like to setup my wire

Shorewall Firewall with dynamic interfaces

Following the setup for shorewall firewall I was able to get it up and running for the eth1 interface (local wired RJ45). Now, I would also like to setup my wireless adapter with shorewall (eth0). How is this done? Is it as simple as adding: net eth0 detect dhcp,tcpflags,logmartians,nosmurfs

Re: kernel-image-2.6-k7 and Shorewall firewall

his computer is > > running the Shorewall Firewall. Everything seemed to be working OK till we > > tried to ping the server. > > > > The firewall is set to let in pings every second: > > >From "rules" file inside shorewall - this has always wo

Re: kernel-image-2.6-k7 and Shorewall firewall

On Wednesday 30 July 2008 16:41, Account for Debian group mail wrote: > Hello, > > We just did an upgrade on one of our etch servers. It installed a bunch > of new updates including a kernel-image 2.6.18-6-k7. This computer is > running the Shorewall Firewall. Everything seemed t

kernel-image-2.6-k7 and Shorewall firewall

Hello, We just did an upgrade on one of our etch servers. It installed a bunch of new updates including a kernel-image 2.6.18-6-k7. This computer is running the Shorewall Firewall. Everything seemed to be working OK till we tried to ping the server. The firewall is set to let in pings every

  1   2   3   >