RE: [leaf-user] vi problem
I would copy the file and then do you editing and then copy it over the one that you cant edit. Josh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of M Lu Sent: Friday, May 07, 2004 1:11 PM To: [EMAIL PROTECTED] Subject: [leaf-user] vi problem Hi, I am in the middle of 'vi'-ing a file, and got disconneted from router. Then I logled back in and I cannot do a vi anymore, I got the error /etc/shorewall vi tunnels tunnels is busy [More...] and Enter will get to: [NO FILE] 1 line, 1 char I did a ps and then killed the vi process but it does not solve the problem. However if I go to lrcfg and go thru the menu to edit that file in shorewall package, then it is OK, and I set export EDITOR=e3vi to use vi in lrcfg menu. What wrong did I do? And I am using vi from the elvis.lrp package. Thank you. M Lu. --- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] vi problem
You shouldn't have to reboot the router you can edit the file via lrcfg, backup the part that you just changed and then start and stop the required services. Also once you are in lrcfg is it really vi that its using? -Original Message- From: M Lu [mailto:[EMAIL PROTECTED] Sent: Friday, May 07, 2004 1:38 PM To: Dalziel, Josh; [EMAIL PROTECTED] Subject: Re: [leaf-user] vi problem Thanks Josh for the quick reply. As I said , I can edit using lrcfg-menu but it is annoying as you may want to change the file again and you certainly do not want to reboot the router. - Original Message - From: Dalziel, Josh [EMAIL PROTECTED] To: 'M Lu' [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, May 07, 2004 4:18 PM Subject: RE: [leaf-user] vi problem I would copy the file and then do you editing and then copy it over the one that you cant edit. Josh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of M Lu Sent: Friday, May 07, 2004 1:11 PM To: [EMAIL PROTECTED] Subject: [leaf-user] vi problem Hi, I am in the middle of 'vi'-ing a file, and got disconneted from router. Then I logled back in and I cannot do a vi anymore, I got the error /etc/shorewall vi tunnels tunnels is busy [More...] and Enter will get to: [NO FILE] 1 line, 1 char I did a ps and then killed the vi process but it does not solve the problem. However if I go to lrcfg and go thru the menu to edit that file in shorewall package, then it is OK, and I set export EDITOR=e3vi to use vi in lrcfg menu. What wrong did I do? And I am using vi from the elvis.lrp package. Thank you. M Lu. --- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] re:Opening UDP ports problem solved
This email is just an FYI to Ray and Tom who where helping me out last week. I was able to solve my problem from last week with traffic not being forwarded over port 27015. You guys were correct that some traffic was passing but only a small amount about 1 in 5 if I did my math correct. Once I changed the rule (see below) all the traffic passed and the service is accepting traffic. the rule I had was.. DNATnet loc:192.186.1.3:27015 udp 27015 I changed the rule to.. DNATall loc:192.186.1.3:27015 udp 27015 And everything started to work. thanks again for your help Josh Dalziel T-Mobile National Operations Bothell Wa USA 425-770-5683 --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] opening UDP ports Bering with shorewall
Its not that I take it offlist, if I send an attachment the email is blocked by the list admin cause it has a suspicious header. That is why it goes offlist. Just a little back ground. I am trying to open this port for a counter strike server. I was having the same problem with a Dachstein firewall. -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED] Sent: Thursday, December 18, 2003 10:53 AM To: Ray Olszewski; [EMAIL PROTECTED] Subject: Re: [leaf-user] opening UPD ports Bering with shorewall On Thursday 18 December 2003 10:22 am, Ray Olszewski wrote: (b) I thought you preferred not to have these troubleshooting queries taken off-list (so I assumed I was seeing all of Josh's responses, except of course for the one you replied to asking him not to respond off-list). Josh keeps taking it off-list and I keep trying to take it back on -Tom -- Tom Eastep\ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] opening UDP ports Bering with shorewall
Why does the error log show.. Hits port Service 77 27015 CS aids Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:fc:99:90:89:00:01:5c:22:02:82:08:00 SRC=172.192.116.7 DST=12.212.68.51 LEN=38 TOS=00 PREC=0x00 TTL=114 ID=4266 PROTO=UDP SPT=1219 DPT=27015 LEN=18 none of the packets make it through the firewall. If the were making it through it would show the the system that the traffic is being forwareded to. -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED] Sent: Thursday, December 18, 2003 11:59 AM To: Dalziel, Josh; Ray Olszewski; [EMAIL PROTECTED] Subject: Re: [leaf-user] opening UDP ports Bering with shorewall On Thursday 18 December 2003 11:12 am, Dalziel, Josh wrote: Its not that I take it offlist, if I send an attachment the email is blocked by the list admin cause it has a suspicious header. That is why it goes offlist. Just a little back ground. I am trying to open this port for a counter strike server. I was having the same problem with a Dachstein firewall. I don't see any problem in the output you forwarded. You've passed two UDP port 27015 packets to 192.168.1.3 since the counters were last reset and I don't see any reject messages in the log. -Tom -- Tom Eastep\ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] opening UPD ports Bering with shorewall
Ok so, what do you guys need next? I my pervious email I sent the output of the error report that is made by the weblet. It shows it has blocked 77 hits from port 27015. As well the local machines log(the one the traffic is being forwarded too)show nothing is being received. As far as the time stamps my firewall is on a old p166 that doesn't have a working cmos battery so I am waiting till I get working floppy going till I set the date and time. Josh Dalziel Operations, Bothell WA T-Mobile USA 425-770-5683 -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED] Sent: Thursday, December 18, 2003 1:15 PM To: Ray Olszewski; [EMAIL PROTECTED] Subject: Re: [leaf-user] opening UPD ports Bering with shorewall On Thursday 18 December 2003 12:46 pm, Ray Olszewski wrote: I just noticed that wjhile nat::net_dnat reports DNAT'ing only 1 packet, default::net2loc reports ACCEPT'ing 2 packets. So I suppose we were just looking in different places (though I don't know where the second packet, and extra 38 bytes, came from). In may have come from an connection that was in ESTABLISHED state at the time that the last counters were reset. -Tom -- Tom Eastep\ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] opening UPD ports Bering with shorewall
Ok so this should be an easy question for some people on the list. But for some reason I can not get udp port 27015 open on my Bering firewall with shorewall. I have fallowed the FAQ to a T. Still I can see the traffic being blocked in the shorewall log. I want all traffic coming to upd port 27015 forwarded to 192.186.1.3:27015 on my network. This one should be easy so thank in advance. Josh Dalziel --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] opening UPD ports Bering with shorewall
OK sorry for the typos I was in a hurry to get out of my office and back home to see if I can get this thing figured out. I know that there is no UPD, and that it is UDP, and I know that I fat fingured the ip. I never said anything about knowing what rule was blocking the traffic just that it is being blocked and I can tell cause the weblet shows the ports it blocked traffic from. Hits port Service 77 27015 CS aids Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:50:fc:99:90:89:00:01:5c:22:02:82:08:00 SRC=172.192.116.7 DST=12.212.68.51 LEN=38 TOS=00 PREC=0x00 TTL=114 ID=4266 PROTO=UDP SPT=1219 DPT=27015 LEN=18 I also did try 1a and 1b from the FAQ still with no luck. I know the local machine is accepting traffic on that port cause from inside the network we can connect, and if I remove the firewall everyone can connect. Also my ISP does not block the port. I am pretty sure that I have missed something simple never the less Im stuck. Thanks for your help -Original Message- From: Ray Olszewski To: Leaf User List Sent: 12/17/2003 8:05 PM Subject: RE: [leaf-user] opening UPD ports Bering with shorewall At 07:46 PM 12/17/2003 -0800, Tom Eastep wrote: On Wed, 17 Dec 2003, Dalziel, Josh wrote: That is what I put into my rules file and its still being blocked by the firewall :( Please post the output of shorewall show nat as a text attachment. And please don't reply off-list. Actually, I'd suggest he provide (to the list) a bit more ... also A. a sample of the log entries he's seeing that indicate the packets are blocked (the log entries do usually have information about what rule is doing the blocking, and but the default table's FORWARD chain, or a chain is hands off to, still needs to ACCEPT the relevant traffic) B. the ruleset in the default table, not just the nat table (I don't remember the Shorewall command for that, but it is in the SR FAQ). I few thoughts I had, about possible small errors that the original poster might miss, after seeing the original posting -- 1. Is the FAQ that he fallowed ... to a T the Shorewall FAQ, item 1? If so, what did he learn when he followed steps 1a and 1b as described there? 2. There is no protocol called UPD or upd. There is udp. Since he got it right in the original e-mail only once out of three tries ... might this be a typo in what he actually did (and not just in his e-mail)? 3. Is 192.186.1.3:27015 really where he wants the traffic to go, or is this a typo for 192.168.1.3:27015? If it is a typo, might it also be wrong in the rule he actually entered? --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
