Hi JP,
Its Ahmed here. The problem you wrote seems to have roots in old
version of host OS installed. Can you elaborate a little more which OS
and Version / build are you using ? I had the same problem when i was
operating shorewall under Redhat Linux 9. What i figured out was that
the IPTABLES in
Tom Eastep wrote:
> Are you sure that your ISP isn't blocking SYN,ACK replies from port 80?
Pretty sure. We have a one of the higher level business packages with 5
statics which is 2 above their entry level business package. Plus, I'm
looking at the logs on my firewall and I see nothing coming b
[EMAIL PROTECTED] wrote:
> Fedora 6, yum updated to the hilt results in
> kernel-2.6.20-1.2925.fc6
> shorewall-3.2.8-1.fc6
>
> Some modules aren't getting loaded.
> Looks like the netfilter gnomes have been changing module names.
>
> Weighing up if I should go with 3.4, or go back to using a
> mo
Fedora 6, yum updated to the hilt results in
kernel-2.6.20-1.2925.fc6
shorewall-3.2.8-1.fc6
Some modules aren't getting loaded.
Looks like the netfilter gnomes have been changing module names.
Weighing up if I should go with 3.4, or go back to using a
modules file - or both.
--
On 3/16/07, Jon <[EMAIL PROTECTED]> wrote:
> I cannot DNAT standard ports. For example:
>
> DNATnet loc:10.0.50.50:80 tcp 81
>
> Works. I can point my (external) browser to my site:81 and the web
> server on 10.0.50.50:80 comes up.
Have you tried binding the local server to port 8
Jon wrote:
>
> Anyone have any ideas..?
>
Are you sure that your ISP isn't blocking SYN,ACK replies from port 80?
> I'm not sure what to attach for documentation.
http://www.shorewall.net/support.htm#Guidelines.
But -- these issues are virtually never problems that you can diagnose
by lookin
George wrote:
> Can someone help me with this ?
I responded yesterday
-Tom
--
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signa
Can someone help me with this ?
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of George
Sent: Thursday, March 15, 2007 9:59 AM
To: shorewall-users@lists.sourceforge.net
Subject: [Shorewall-users] Blocking IP range (shorewall v3.0)
Hi all,
I need to block a range of
Hi All,
Apparently today is the day that I am too dumb to operate Shorewall.
I cannot DNAT standard ports. For example:
DNATnet loc:10.0.50.50:80 tcp 81
Works. I can point my (external) browser to my site:81 and the web
server on 10.0.50.50:80 comes up. This, however:
DNAT
Trying to figure out how to snat smtp traffic to strip out natted source ip
can anyone help. I dont know if this is possible since my antipam program
is putting this in the header but what I would like is my mail
server to send its own ip 66.224.62.104. You can look at the header
of this email and
No big surprise, but the gateway on the local machine was exactly the
problem.
Thanks, Tom.
J
Tom Eastep wrote:
Jon wrote:
Any and all help is appreciated.
Everything I know about analyzing DNAT failures, I've tried to capture in
the answers to Shorewall FAQs 1a and 1b. The usual cause o
On Friday 16 March 2007 10:01, Jon wrote:
> Ok, after spending the requisite hours swearing and bashing about, I
> give up.
>
> All I am trying to do are some (presumably) simple DNAT rules. I have a
> fairly typical two NIC setup.
>
> I have an admin zone, a net zone, a local zone, and a firewall.
Jon wrote:
>
> Any and all help is appreciated.
>
Everything I know about analyzing DNAT failures, I've tried to capture in
the answers to Shorewall FAQs 1a and 1b. The usual cause of this sort of
problem is that the server (10.0.50.50) has a default gateway other than the
firewall's internal I
Ok, after spending the requisite hours swearing and bashing about, I
give up.
All I am trying to do are some (presumably) simple DNAT rules. I have a
fairly typical two NIC setup.
I have an admin zone, a net zone, a local zone, and a firewall. I want
to do two things:
1. Port foward 443 an
14 matches
Mail list logo
