Re: Firewall solution.

David Christensen escreveu: I'm not sure I understand "install in a production server". Normally, a server is one computer and a firewall/ router is another computer. I use IPCop to turn older PC's into Linux firewall/ routers: http://www.ipcop.org/ HTH, David Th

Re: Firewall solution.

On Thu,17.Sep.09, 16:28:53, Leandro Quibem Magnabosco wrote: > Hey guys, > > I am searching for something like pfsense[1] for Linux to install in > a production server. > In other words, a highly manageable firewall solution with a nice > web interface. > Funcionalities s

Re: Firewall solution.

> > I am searching for something like pfsense[1] for Linux to install in > > a production server. In other words, a highly manageable firewall arno-iptables-firewall Unlike other lean iptables frontends in Debian, arno-iptables-firewall will setup and load a secure, restrictive

RE: Firewall solution.

Leandro Quibem Magnabosco wrote: > I am searching for something like pfsense[1] for Linux to install in > a production server. In other words, a highly manageable firewall > solution with a nice web interface. Funcionalities such as NAT, real > time information and traffic shappin

Re: Firewall solution.

2009/9/18 Leandro Quibem Magnabosco : > Hey guys, > > I am searching for something like pfsense[1] for Linux to install in a > production server. > In other words, a highly manageable firewall solution with a nice web > interface. > Funcionalities such as NAT, real time in

Firewall solution.

Hey guys, I am searching for something like pfsense[1] for Linux to install in a production server. In other words, a highly manageable firewall solution with a nice web interface. Funcionalities such as NAT, real time information and traffic shapping are needed. I'm open to all suges

On boot - firewall warning.......

Get this after booting the system /etc/rc.firewall: line 394: warning: setlocale: LC_ALL: cannot change locale (US) /etc/rc.firewall: line 466: warning: setlocale: LC_ALL: cannot change locale (US) /etc/rc.firewall: line 510: warning: setlocale: LC_ALL: cannot change locale (US) This is guardd

Re: ipv6 firewall?

In , Tony Asnicar wrote: >I mean if I do a >ip6tables -L >all policies are ACCEPT >thanks As far as I know, this is also the default for IPv4 (iptables) on Debian. If Ubuntu configures configures IPv4 differently by default, then that fact might be an Ubuntu issue, but not a Debian one. If th

Re: ipv6 firewall?

I mean if I do a ip6tables -L all policies are ACCEPT thanks On Thu, Jun 11, 2009 at 12:13 AM, Tony Asnicar wrote: > Could that be a security "hole" that the normal iptables is managing IPv4? > I mean if theres normally IPv6 support on the machine, it could have a good > fire

Re: ipv6 firewall?

In , Tony Asnicar wrote: >Could that be a security "hole" that the normal iptables is managing IPv4? I don't see how. >I mean if theres normally IPv6 support on the machine, it could have a > good firewall over IPv4, but it will not be firewalled under IPv6?? That

ipv6 firewall?

Could that be a security "hole" that the normal iptables is managing IPv4? I mean if theres normally IPv6 support on the machine, it could have a good firewall over IPv4, but it will not be firewalled under IPv6??

Re: What hardware to use for Debian Firewall/Gateway or server?

Douglas A. Tutty on 30/05/09 14:19, wrote: On Fri, May 29, 2009 at 10:18:56PM +0200, Csanyi Pal wrote: Jan Willem Stumpel writes: Csanyi Pal wrote: So: can one install on it say a Debian GNU/Linux Lenny? Mind that it is a "headless" device. Everything has to be done through ssh (or local tel

Re: What hardware to use for Debian Firewall/Gateway or server?

On Fri, May 29, 2009 at 10:18:56PM +0200, Csanyi Pal wrote: > Jan Willem Stumpel writes: > > Csanyi Pal wrote: > >> So: can one install on it say a Debian GNU/Linux Lenny? > > > > Mind that it is a "headless" device. Everything has to be done > > through ssh (or local telnet). It has no cd-rom dr

Re: What hardware to use for Debian Firewall/Gateway or server?

On Fri, May 29, 2009 at 10:18:56PM +0200, Csanyi Pal wrote: > Jan Willem Stumpel writes: > > > Csanyi Pal wrote: > > > >> So: can one install on it say a Debian GNU/Linux Lenny? > > > > Mind that it is a "headless" device. Everything has to be done > > through ssh (or local telnet). It has no cd

Re: What hardware to use for Debian Firewall/Gateway or server?

Jan Willem Stumpel writes: > Csanyi Pal wrote: > >> So: can one install on it say a Debian GNU/Linux Lenny? > > Mind that it is a "headless" device. Everything has to be done > through ssh (or local telnet). It has no cd-rom drive, keyboard, > or monitor. But it is just a Debian system (for powe

Re: What hardware to use for Debian Firewall/Gateway or server?

On Thu,28.May.09, 21:50:26, Jan Willem Stumpel wrote: > I also do not quite understand why you should want to use > Lenny, rather than Etch, on a server. Sure, you can still use etch, but next February the security support will end and you have to upgrade to lenny anyway. Regards, Andre

Re: What hardware to use for Debian Firewall/Gateway or server?

ion and silent operation had to come from somewhere. Absolutely fine though, as a server/firewall/gateway. Regards, Jan -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: What hardware to use for Debian Firewall/Gateway or server?

Csanyi Pal wrote: Alex Samad writes: On Thu, May 28, 2009 at 08:35:02AM +0200, Csanyi Pal wrote: Jan Willem Stumpel writes: Csanyi Pal wrote: What is the recommended new hardware for firewall/gateway or for a web, mail, file & printer server at a small

Re: What hardware to use for Debian Firewall/Gateway or server?

Alex Samad writes: > On Thu, May 28, 2009 at 08:35:02AM +0200, Csanyi Pal wrote: >> Jan Willem Stumpel writes: >> >> > Csanyi Pal wrote: >> > >> >> What is the recommended new hardware for firewall/gateway or >> >> for a

Re: What hardware to use for Debian Firewall/Gateway or server?

On Thu, May 28, 2009 at 08:35:02AM +0200, Csanyi Pal wrote: > Jan Willem Stumpel writes: > > > Csanyi Pal wrote: > > > >> What is the recommended new hardware for firewall/gateway or > >> for a web, mail, file & printer server at a small home network? &g

Re: What hardware to use for Debian Firewall/Gateway or server?

Jan Willem Stumpel writes: > Csanyi Pal wrote: > >> What is the recommended new hardware for firewall/gateway or >> for a web, mail, file & printer server at a small home network? >> >> Any advices will be appreciated! > > I am now using a "

Re: What hardware to use for Debian Firewall/Gateway or server?

Csanyi Pal wrote: > What is the recommended new hardware for firewall/gateway or > for a web, mail, file & printer server at a small home network? > > Any advices will be appreciated! I am now using a "Bubba 2", made by a Swedish company: http://excito.com/bubba/pro

Re: What hardware to use for Debian Firewall/Gateway or server?

Kelly Clowers on 22/05/09 20:56, wrote: On Fri, May 22, 2009 at 07:24, Victor Padro wrote: You can get a Pentium 4 for less than $200 on ebay. I use a Pentium 4 HT, 512MB RAM, 40GB HDD with Pfsense(FreeBSD) as my home firewall/router, and it's very reliable. I would much rather u

Re: What hardware to use for Debian Firewall/Gateway or server?

On Fri, May 22, 2009 at 07:24, Victor Padro wrote: > > > You can get a Pentium 4 for less than $200 on ebay. > I use a Pentium 4 HT, 512MB RAM, 40GB HDD with Pfsense(FreeBSD) as my home > firewall/router, and it's very reliable. I would much rather use an Athlon XP or a PIII

Re: What hardware to use for Debian Firewall/Gateway or server?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, May 21, 2009 at 09:31:14PM +0200, Csanyi Pal wrote: > Hi, > > I have at my home a small network: > firewall/gateway: Pentium II Class PC box with 64 MB RAM, 5,1 GB HDD > server : Pentium IV Class PC box with 2 GB

Re: What hardware to use for Debian Firewall/Gateway or server?

On Fri, May 22, 2009 at 9:18 AM, Douglas A. Tutty wrote: > On Thu, May 21, 2009 at 09:31:14PM +0200, Csanyi Pal wrote: > > I have at my home a small network: > > firewall/gateway: Pentium II Class PC box with 64 MB RAM, 5,1 GB HDD > > server : Pentium IV Class PC b

Re: What hardware to use for Debian Firewall/Gateway or server?

On Thu, May 21, 2009 at 09:31:14PM +0200, Csanyi Pal wrote: > I have at my home a small network: > firewall/gateway: Pentium II Class PC box with 64 MB RAM, 5,1 GB HDD > server : Pentium IV Class PC box with 2 GB RAM, 60 GB HDD > desktop : Pentium IV Class PC box wi

Re: What hardware to use for Debian Firewall/Gateway or server?

On Thu, May 21, 2009 at 09:31:14PM +0200, Csanyi Pal wrote: > I have at my home a small network: > firewall/gateway: Pentium II Class PC box with 64 MB RAM, 5,1 GB HDD > server : Pentium IV Class PC box with 2 GB RAM, 60 GB HDD > desktop : Pentium IV Class PC box wi

What hardware to use for Debian Firewall/Gateway or server?

Hi, I have at my home a small network: firewall/gateway: Pentium II Class PC box with 64 MB RAM, 5,1 GB HDD server : Pentium IV Class PC box with 2 GB RAM, 60 GB HDD desktop : Pentium IV Class PC box with 2 GB RAM, 2 * 320 GB HDD On all these PC boxes run Debian GNU/Linux

Re: shutdown firewall

On Mon,27.Apr.09, 17:58:56, Erik Xavior wrote: > Hi > How to shut down a firewall "officaly"? shutdown -h now ;) That was a joke! As the firewall is integral part of the linux kernel you probably don't want to shut it down, but clear all rules. See the manual page of ip

RE: Hardware Firewall Suggestions

Samuel Bächler wrote: > I have 2 Computers behind a Firewall (currently D-Link DFL-200). > On both computers there is a ftp-server running. I want connect to > the first by `foous...@192.168.1.10:21', to the second by > `foous...@192.168.1.11:2121'. I've configured m

Re: Hardware Firewall Suggestions

Hello Samuel Bächler wrote: Dear All I have 2 Computers behind a Firewall (currently D-Link DFL-200). Consider one of them having IP-address 192.168.1.10 and the other having 192.168.1.11. On both computers there is a ftp-server running. I want connect to the first by `foous...@192.168.1.10

Re: Hardware Firewall Suggestions

2009/4/28 Samuel Bächler : > Dear All > > I have 2 Computers behind a Firewall (currently D-Link DFL-200). Consider > one of them having IP-address 192.168.1.10 and the other having > 192.168.1.11. > On both computers there is a ftp-server running. I want connect to the

Re: Hardware Firewall Suggestions

Samuel Bächler wrote: > Dear All > > I have 2 Computers behind a Firewall (currently D-Link DFL-200). Consider > one of them having IP-address 192.168.1.10 and the other having > 192.168.1.11. > On both computers there is a ftp-server running. I want connect to the &

Hardware Firewall Suggestions

Dear All I have 2 Computers behind a Firewall (currently D-Link DFL-200). Consider one of them having IP-address 192.168.1.10 and the other having 192.168.1.11. On both computers there is a ftp-server running. I want connect to the first by `foous...@192.168.1.10:21', to the second by `

shutdown firewall

Hi How to shut down a firewall "officaly"? Related to this: url<http://groups.google.com/group/linux.debian.user/browse_thread/thread/10bfd23c9319b09a/cce887523b9e47d4?lnk=raot&pli=1>

Re: configure firewall in etch

I assume DOT CU stands for CUBA and I know, Cuba is a little bit behind, but if you are using "Debian GNU/Linux", correct first your computers TIME! Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian

Re: onfigure firewall in etch

Configure you computers TIME! Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/ # Debian

Re: configure firewall in etch

What about configuring first your computers TIME? Thanks, Greetings and nice Day/Evening Michelle Konzack Systemadministrator 24V Electronic Engineer Tamay Dogan Network Debian GNU/Linux Consultant -- Linux-User #280138 with the Linux Counter, http://counter.li.org/

Re: configure firewall in etch

On Wed, Mar 25, 2009 at 11:10:01PM -0600, Dan Schaper (dscha...@ganymeade.com) wrote: > #!/bin/bash > ip=`ifconfig $1 | grep "inet addr" | awk '{print $2}' | tr -d addr:` > echo Your ip on $1 is $ip Not that it really matters, but you don't need grep and tr: ip=`ifconfig $1 | awk '/inet addr/{s

Re: configure firewall in etch

Alex wrote: > It's no need to send one e-mail multiple times, and please set your > system date and time acordingly > You can find out your ip address using a script like this > > #!/bin/bash > ip=`ifconfig ethX | grep "inet addr" | awk '{print $2}' | tr -d addr:` > echo Your ip on ethX is $ip > >

Re: configure firewall in etch

leo wrote: > On Mon, 2001-12-31 at 10:52 -0700, leo wrote: > >> On Mon, 2001-12-31 at 10:33 -0700, leo wrote: >> >>> hello, >>> >>> is there any problem configuring a firewall in an dhcp client machine >>> when an IP address change e

configure firewall in etch

On Mon, 2001-12-31 at 10:52 -0700, leo wrote: > On Mon, 2001-12-31 at 10:33 -0700, leo wrote: > > hello, > > > > is there any problem configuring a firewall in an dhcp client machine > > when an IP address change every time I reboot. In the firewall rules I > &g

onfigure firewall in etch

On Mon, 2001-12-31 at 10:33 -0700, leo wrote: > hello, > > is there any problem configuring a firewall in an dhcp client machine > when an IP address change every time I reboot. In the firewall rules I > denied (DROP) all incoming and OUTCOMING packet messages and after t

configure firewall in etch

hello, is there any problem configuring a firewall in an dhcp client machine when an IP address change every time I reboot. In the firewall rules I denied (DROP) all incoming and OUTCOMING packet messages and after that this line: iptables -A INPUT -s 192.168.16.118 -j ACCEPT iptables -A OUTPUT

Re: Is there a default firewall on Debian Etch

fault firewall on Etch and how to control it (change settings, allow ports, programs, ect.). How can I do this? Thanks for any ideas. http://packages.debian.org/etch/net/arno-iptables-firewall Very easy to configure with debconf. The firewall.conf itself is heavily documented and makes

Re: Is there a default firewall on Debian Etch

On Mon, 08 Dec 2008 21:25:46 -0600, Brendan West wrote: > I am needing to find out if there is a default firewall on Etch and how > to control it (change settings, allow ports, programs, ect.). How can I > do this? Thanks for any ideas. > http://packages.debian.org/etch/net/a

Re: Is there a default firewall on Debian Etch

On Mon, Dec 08, 2008 at 09:25:46PM -0600, Brendan West wrote: > I am needing to find out if there is a default firewall on Etch and > how to control it (change settings, allow ports, programs, ect.). How > can I do this? Thanks for any ideas. The kernel does the firewalling

Is there a default firewall on Debian Etch

I am needing to find out if there is a default firewall on Etch and how to control it (change settings, allow ports, programs, ect.). How can I do this? Thanks for any ideas. NinjaNife -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Cont

Re: Firewall Utilities

Hello List, FireHOL is well documented, it is written in bash, it is intuitive to configure and to maintain, and it comes with options that produce a template for your current box, that allow to check your configuration, and to read the effective iptable. Furthermore, it is maintained, The cons:

Re: Firewall Utilities

Michael Pobega wrote: On Sun, Nov 16, 2008 at 05:59:50PM -0600, Boyd Stephen Smith Jr. wrote: On Sunday 16 November 2008 12:00, Michael Pobega wrote: Do you know of any reliable way to make sure my firewall is working? I'm behind a router so I don't think any of those TCP scanning s

Re: Firewall Utilities

On Sun, Nov 16, 2008 at 05:59:50PM -0600, Boyd Stephen Smith Jr. wrote: > On Sunday 16 November 2008 12:00, Michael Pobega wrote: > > > > Do you know of any reliable way to make sure my firewall is working? > > I'm behind a router so I don't think any of those TC

Re: Firewall Utilities

On Sunday 16 November 2008 12:00, Michael Pobega wrote: > do you know of any reliable way to make > sure my firewall is working? I'm behind a router so I don't think any of > those TCP scanning sites would work. nmap from various locations is my general testing proceedure. T

Re: Firewall Utilities

Jerome BENOIT wrote: firehole is great too ! Can you elaborate a little bit on pro/cons? Right now I'm trying to get through shorewall docs and it's "OK" but they could use a better initiation/orientation starting point. I'm only now grasping the different roles that zone/policy/rule play.

Re: Firewall Utilities

On Sun, 2008-11-16 at 08:52 -0800, Kenward Vaughan wrote: > On Mon, 2008-11-17 at 00:10 +0800, Jerome BENOIT wrote: > > firehole is great too ! > > Anyone work with firestarter? Sorry about the post... I did not see the originals and had this question in mind at the moment. Now I see I probably

Re: Firewall Utilities

On Mon, 2008-11-17 at 00:10 +0800, Jerome BENOIT wrote: > firehole is great too ! Anyone work with firestarter? Kenward -- In a completely rational society, the best of us would aspire to be _teachers_ and the rest of us would have to settle for something less, because passing civilization al

Re: Firewall Utilities

On Sat, Nov 15, 2008 at 06:56:48PM -0500, Douglas A. Tutty wrote: > On Sat, Nov 15, 2008 at 01:59:43PM -0500, Tom Allison wrote: > > For about ten years I've been writing my own firewall directives and > > today I started setting up a new firewall box. For the past year

Re: Firewall Utilities

firehole is great too ! Douglas A. Tutty wrote: On Sat, Nov 15, 2008 at 01:59:43PM -0500, Tom Allison wrote: For about ten years I've been writing my own firewall directives and today I started setting up a new firewall box. For the past year I've been using ipcop, but they

Re: Firewall Utilities

On Sat, Nov 15, 2008 at 01:59:43PM -0500, Tom Allison wrote: > For about ten years I've been writing my own firewall directives and > today I started setting up a new firewall box. For the past year I've > been using ipcop, but they have some characteristics that I didn&#x

Re: Firewall Utilities

On Sat, 15 Nov 2008 13:59:43 -0500 Tom Allison <[EMAIL PROTECTED]> wrote: ... > I noticed that there are a number of iptable management utilities in the > debian arsenal of cool stuff. > > First - I have no interest in installation of a GUI front end on my > firewall.

Firewall Utilities

For about ten years I've been writing my own firewall directives and today I started setting up a new firewall box. For the past year I've been using ipcop, but they have some characteristics that I didn't care for. I noticed that there are a number of iptable management u

Re: About my Firewall Settings - I would like an opinion

Sam Kuper escribió: 2008/11/10 Sam Kuper <[EMAIL PROTECTED] > By using REJECT instead of DROP, you have no stealth. This means you can be port-scanned to look for weaknesses, e.g. unpatched OpenSSH vulnerabilities, etc. That said, if SSH traffic is blo

Re: About my Firewall Settings - I would like an opinion

Sam Kuper escribió: 2008/11/10 Sam Kuper <[EMAIL PROTECTED] > By using REJECT instead of DROP, you have no stealth. This means you can be port-scanned to look for weaknesses, e.g. unpatched OpenSSH vulnerabilities, etc. That said, if SSH traffic is blo

Re: About my Firewall Settings - I would like an opinion

Sam Kuper escribió: 2008/11/10 Sam Kuper <[EMAIL PROTECTED] > By using REJECT instead of DROP, you have no stealth. This means you can be port-scanned to look for weaknesses, e.g. unpatched OpenSSH vulnerabilities, etc. That said, if SSH traffic is blo

Re: About my Firewall Settings - I would like an opinion

2008/11/10 Sam Kuper <[EMAIL PROTECTED]> > By using REJECT instead of DROP, you have no stealth. This means you can be > port-scanned to look for weaknesses, e.g. unpatched OpenSSH vulnerabilities, > etc. > That said, if SSH traffic is blocked, an OpenSSH vuln. might not be significant. If you're

Re: About my Firewall Settings - I would like an opinion

2008/11/10 Manuel Gomez <[EMAIL PROTECTED]> > Hi, i would like to read opinions about my firewall settings: > I am using Iptables with Shorewall (frontend) and my configuration is: > - Default Policy: REJECT all connections. > - Rules: Allow DNS (my DNS servers), allow http and

About my Firewall Settings - I would like an opinion

Hi, i would like to read opinions about my firewall settings: I am using Iptables with Shorewall (frontend) and my configuration is: - Default Policy: REJECT all connections. - Rules: Allow DNS (my DNS servers), allow http and https connections for servers: www.google.es, ... So, nobody

Re: How to apt-get over ssh tunnel through a firewall?

hods which better serve other purposes. (For instance since B-D run sid, I can cache on one of them for the others. Easer then that I have a pinhole in my firewall rules allowing access to port (the default apt-proxy port) but only to the IP of my apt-proxy from my 192.168.50.xx subnet to my

Re: How to apt-get over ssh tunnel through a firewall?

On Fri, Oct 03, 2008 at 12:02:22PM -0400, Mitchell Laks wrote: > Now I know how to browse the internet on B-D by creating a ssh tunnel > to A and utilizing the Iceweasel Browser settings to use a local Socks > proxy. This is untested, but if you change your sources.list to include something like

Re: How to apt-get over ssh tunnel through a firewall?

On Sun, Oct 05, 2008 at 04:02:21PM -0700, Steve Lamb wrote: > Osamu Aoki wrote: > > Run squid on A and let others access it. You need to set http_proxy > > environment variable or use apt.conf setting for all A,B,C. Then you > > save bandwidth. > > Or use apt-cache. You must have meant apt-

Re: How to apt-get over ssh tunnel through a firewall?

Osamu Aoki wrote: > Run squid on A and let others access it. You need to set http_proxy > environment variable or use apt.conf setting for all A,B,C. Then you > save bandwidth. Or use apt-cache. -- Steve C. Lamb | But who can decide what they dream PGP Key: 1FC01004

Re: How to apt-get over ssh tunnel through a firewall?

On Fri, 3 Oct 2008 18:01:55 -0400 Mitchell Laks <[EMAIL PROTECTED]> wrote: > On 14:38 Fri 03 Oct , Celejar wrote: > > On Fri, 3 Oct 2008 12:02:22 -0400 > > > > There are several apt proxies available: > > > > apt-cacher > > apt-cacher-ng > > apt-proxy > > approx > > > > [I use approx; vario

Re: How to apt-get over ssh tunnel through a firewall?

You can use ssh but ... On Fri, Oct 03, 2008 at 12:02:22PM -0400, Mitchell Laks wrote: > Hi, > > I have a number of debian machines that live behind a firewall. > > Debian Machine A is granted internet access and can browse > the internet. However machines B-D were not grant

Re: How to apt-get over ssh tunnel through a firewall?

On Fri, Oct 03, 2008 at 12:02:22 -0400, Mitchell Laks wrote: > Hi, > > I have a number of debian machines that live behind a firewall. > > Debian Machine A is granted internet access and can browse > the internet. However machines B-D were not granted internet access and live

Re: How to apt-get over ssh tunnel through a firewall?

On 14:38 Fri 03 Oct , Celejar wrote: > On Fri, 3 Oct 2008 12:02:22 -0400 > > There are several apt proxies available: > > apt-cacher > apt-cacher-ng > apt-proxy > approx > > [I use approx; various readers of this list have their own preferences.] > > Set up one of them on A, configure B-D's

Re: How to apt-get over ssh tunnel through a firewall?

On Fri, 3 Oct 2008 12:02:22 -0400 Mitchell Laks <[EMAIL PROTECTED]> wrote: > Hi, > > I have a number of debian machines that live behind a firewall. > > Debian Machine A is granted internet access and can browse > the internet. However machines B-D were not granted

How to apt-get over ssh tunnel through a firewall?

Hi, I have a number of debian machines that live behind a firewall. Debian Machine A is granted internet access and can browse the internet. However machines B-D were not granted internet access and live on the general internal network, and were originally installed with Debian by utilizing a

Re: Shorewall Firewall with dynamic interfaces

On Mon, 22 Sep 2008 02:24:26 +1200 Chris Bannister <[EMAIL PROTECTED]> wrote: > On Sat, Sep 20, 2008 at 11:13:09PM -0700, Amit Uttamchandani wrote: > > > no /var/lock/subsys/ directory. > > > > > > > You are right, I don't have that directory either. > > > > > > I did a google search and this

Re: Shorewall Firewall with dynamic interfaces

On Mon, 22 Sep 2008 02:24:26 +1200 Chris Bannister <[EMAIL PROTECTED]> wrote: ... > I don't have shorewall-perl installed so have no knowledge on that. > Why shorewall-perl? The author seems to prefer it; from Shorewall-perl.html (in shorewall-doc): Shorewall-perl - What is it? Shorewall-per

Re: Shorewall Firewall with dynamic interfaces

On Sat, Sep 20, 2008 at 11:13:09PM -0700, Amit Uttamchandani wrote: > > no /var/lock/subsys/ directory. > > > > You are right, I don't have that directory either. > > > > I did a google search and this is basically a state file written by > > > shorewall to indicate a successful start up. Shoul

Re: Shorewall Firewall with dynamic interfaces

On Sun, 21 Sep 2008 12:02:34 +1200 Chris Bannister <[EMAIL PROTECTED]> wrote: > On Sat, Sep 20, 2008 at 10:18:38AM -0700, Amit Uttamchandani wrote: > > Yes, shorewall is very powerful! > > > > Also, do you get the error: > > > > touch: cannot touch `/var/lock/subsys/shorewall': No such file or >

Re: Shorewall Firewall with dynamic interfaces

On Sat, Sep 20, 2008 at 10:18:38AM -0700, Amit Uttamchandani wrote: > Yes, shorewall is very powerful! > > Also, do you get the error: > > touch: cannot touch `/var/lock/subsys/shorewall': No such file or > directory done. I'm running shorewall and that file doesn't exist, infact there is even n

Re: Shorewall Firewall with dynamic interfaces

On Sat, 20 Sep 2008 11:06:24 +0300 Andrei Popescu <[EMAIL PROTECTED]> wrote: > [I have wrapped all your lines to less than 80 characters] > > On Sat,20.Sep.08, 00:38:11, Amit Uttamchandani wrote: > > > > Following the setup for shorewall firewall I was able to get it

Re: Shorewall Firewall with dynamic interfaces

[I have wrapped all your lines to less than 80 characters] On Sat,20.Sep.08, 00:38:11, Amit Uttamchandani wrote: > > Following the setup for shorewall firewall I was able to get it up and > running for the eth1 interface (local wired RJ45). Now, I would also > like to setup my wire

Shorewall Firewall with dynamic interfaces

Following the setup for shorewall firewall I was able to get it up and running for the eth1 interface (local wired RJ45). Now, I would also like to setup my wireless adapter with shorewall (eth0). How is this done? Is it as simple as adding: net eth0 detect dhcp,tcpflags,logmartians,nosmurfs

Re: arno-iptables-firewall package question

On Wed, 06 Aug 2008 04:42:15 +0200, s. keeling wrote: > Jude DaShiell <[EMAIL PROTECTED]>: >> So far as I can tell, the firewall package is only installing itself >> after the network has already come up. From what reading I've done, >> this is the wrong orde

Re: arno-iptables-firewall package question

Jude DaShiell <[EMAIL PROTECTED]>: > So far as I can tell, the firewall package is only installing itself after > the network has already come up. From what reading I've done, this is the > wrong order. How can I correct that order after the package has been > ins

Re: arno-iptables-firewall package question

On Sat, 02 Aug 2008 04:36:59 -0400, Jude DaShiell wrote: > So far as I can tell, the firewall package is only installing itself > after the network has already come up. From what reading I've done, > this is the wrong order. How can I correct that order after the package > has

arno-iptables-firewall package question

So far as I can tell, the firewall package is only installing itself after the network has already come up. From what reading I've done, this is the wrong order. How can I correct that order after the package has been installed so arno-iptables-firewall runs just before the ne

Re: kernel-image-2.6-k7 and Shorewall firewall

his computer is > > running the Shorewall Firewall. Everything seemed to be working OK till we > > tried to ping the server. > > > > The firewall is set to let in pings every second: > > >From "rules" file inside shorewall - this has always wo

Re: kernel-image-2.6-k7 and Shorewall firewall

On Wednesday 30 July 2008 16:41, Account for Debian group mail wrote: > Hello, > > We just did an upgrade on one of our etch servers. It installed a bunch > of new updates including a kernel-image 2.6.18-6-k7. This computer is > running the Shorewall Firewall. Everything seemed t

kernel-image-2.6-k7 and Shorewall firewall

Hello, We just did an upgrade on one of our etch servers. It installed a bunch of new updates including a kernel-image 2.6.18-6-k7. This computer is running the Shorewall Firewall. Everything seemed to be working OK till we tried to ping the server. The firewall is set to let in pings every

Re: Firewall froth..

On 17 Apr 2008, Jon wrote: > On Wed, Apr 16, 2008 at 10:00:37AM +0100, Anthony Campbell wrote: > > > You can prevent this stuff appearing by inserting "klogd -c5" to > > /etc/init.d/klogd. See /www.shorewall.net/FAQ.htm. > > It's better to modify /etc/default/klogd. > > Looking at that, I see

Re: Firewall froth..

On Wed, Apr 16, 2008 at 10:00:37AM +0100, Anthony Campbell wrote: > You can prevent this stuff appearing by inserting "klogd -c5" to > /etc/init.d/klogd. See /www.shorewall.net/FAQ.htm. It's better to modify /etc/default/klogd. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of

Re: Firewall froth..

On 15 Apr 2008, Digby Tarvin wrote: > [snip] > where the list line was to filter out the most frequent messages, but > I am not really sure what, if any, rejected connections/packets I > should be looking out for, and what should just be ignored... > > Perhaps I should red

Re: Firewall froth..

should redirect the firewall logs to a separate file? Or > just stick my head in the sand and log nothing - which is presumably > the situation with my dsl router.. I don't have any incoming ports since I don't offer services to the net, not even ssh. Therefore, I drop everything c

Re: Firewall froth..

On Tue, Apr 15, 2008 at 08:06:01PM +, Digby Tarvin wrote: > On Tue, Apr 15, 2008 at 01:23:59PM -0400, Brian McKee wrote: > > > > On 15-Apr-08, at 11:42 AM, Digby Tarvin wrote: > > >The problem I am having is that the messages from the firewall really > > >flo

Re: Firewall froth..

On Tue, Apr 15, 2008 at 01:23:59PM -0400, Brian McKee wrote: > > On 15-Apr-08, at 11:42 AM, Digby Tarvin wrote: > >The problem I am having is that the messages from the firewall really > >flood /var/log/messages to the point where I am concerned they may > >cause >

Re: Firewall froth..

On 15-Apr-08, at 11:42 AM, Digby Tarvin wrote: The problem I am having is that the messages from the firewall really flood /var/log/messages to the point where I am concerned they may cause me to miss other important things. ... Perhaps I should redirect the firewall logs to a separate file

Firewall froth..

My personal system is connected to the Internet via an ADSL router which doesn't give me any information about what doesn't get through. However I recently helped a friend setup a Debian box to act as firewall/router between his cable modem and local LAN, which has given me access to

<    2   3   4   5   6   7   8   9   10   11   >