Hallo Tom,
Tom Eastep schrieb:
> Götz Reinicke wrote:
>> Hi,
>>
>> I do have a shorewall perimeter firewall connected with a 1GBit Internet
>> connection. In my local lan I do have two bind redhat DNS servers.
>>
>> Today I got a problem which I'd like to share - maybe you have any cloue
>> what's
Wilson Kwok wrote:
> Dear Tom,
>
>I called vendor to help me test this situation, I will post here if
> there have new outcome.
Thanks, Wilson.
Please let us know how it turns out.
-Tom
--
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewa
Andrew Suffield wrote:
> Burn all realteks.
Except those that are on your Mother Board. Just don't use those :-)
-Tom
--
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://list
On Thu, 29 Nov 2007 09:59:02 -0800, Tom Eastep <[EMAIL PROTECTED]>
wrote:
> [EMAIL PROTECTED] wrote:
>> We have the following configuration:
>>
>> 2 ISP's, an interface connecting to our internal lan (loc) and another
>> connecting to a Wireless Netwrok (PWiFi). computers on the loc are able
>>
[EMAIL PROTECTED] wrote:
> We have the following configuration:
>
> 2 ISP's, an interface connecting to our internal lan (loc) and another
> connecting to a Wireless Netwrok (PWiFi). computers on the loc are able
> to access the internet just fine, but users in PWiFi cannot, though they
> used to
We have the following configuration:
2 ISP's, an interface connecting to our internal lan (loc) and
another connecting to a Wireless Netwrok (PWiFi). computers on the
loc are able to access the internet just fine, but users in PWiFi
cannot, though they used to in a previous version we were runn
On Thu, Nov 29, 2007 at 09:13:43AM -0800, Tom Eastep wrote:
> > If I restart shorewall e.g. because I do have a new zone added or an IP
> > blocken or added a rule for some services, sometimes(!) the dns
> > resolving of clients on the same subnet as the dns servers is poor or
> > fails completly.
Tom Eastep wrote:
> alex wrote:
>> I found that all macro-files (version 4.0.6) have bad comments header:
>>
>> #ACTION SOURCE PROTO DESTSOURCE RATEUSER/
>> # PORTPORT(S) LIMIT GROUP
>>
>> According 'macro.template' it must be:
>>
>> #ACTION S
alex wrote:
> I found that all macro-files (version 4.0.6) have bad comments header:
>
> #ACTION SOURCE PROTO DESTSOURCE RATEUSER/
> # PORTPORT(S) LIMIT GROUP
>
> According 'macro.template' it must be:
>
> #ACTION SOURCE DESTPROTO DE
I found that all macro-files (version 4.0.6) have bad comments header:
#ACTION SOURCE PROTO DESTSOURCE RATEUSER/
# PORTPORT(S) LIMIT GROUP
According 'macro.template' it must be:
#ACTION SOURCE DESTPROTO DESTCLIENT RATEUSER/
Götz Reinicke wrote:
> Hi,
>
> I do have a shorewall perimeter firewall connected with a 1GBit Internet
> connection. In my local lan I do have two bind redhat DNS servers.
>
> Today I got a problem which I'd like to share - maybe you have any cloue
> what's going on?
>
> If I restart shorewall
Rob Morin wrote:
> Hello all... how would port forward DNS from my shorewall box to another
> box, i am using only one interface on each box and each box has
> shorewall on it in , i guess what you would cal standalone mode? I do
> not want to use NAT of any kind, just simply want to port forw
Hi,
I do have a shorewall perimeter firewall connected with a 1GBit Internet
connection. In my local lan I do have two bind redhat DNS servers.
Today I got a problem which I'd like to share - maybe you have any cloue
what's going on?
If I restart shorewall e.g. because I do have a new zone added
This is what you said Tom Eastep
> Christian Villa Real Lopes wrote:
>> Andrew Suffield wrote:
>>> Then you most likely botched the installation of the new version of
>>> iptables; somewhere, the paths got mixed up. This is likely to cause
>>> you further trouble later. I'm not sufficiently familia
Christian Villa Real Lopes wrote:
> Andrew Suffield wrote:
>> Then you most likely botched the installation of the new version of
>> iptables; somewhere, the paths got mixed up. This is likely to cause
>> you further trouble later. I'm not sufficiently familiar with redhat
>> to guess at where exac
Hello all... how would port forward DNS from my shorewall box to another
box, i am using only one interface on each box and each box has
shorewall on it in , i guess what you would cal standalone mode? I do
not want to use NAT of any kind, just simply want to port forward DNS
request to my DN
Andrew Suffield wrote:
> Then you most likely botched the installation of the new version of
> iptables; somewhere, the paths got mixed up. This is likely to cause
> you further trouble later. I'm not sufficiently familiar with redhat
> to guess at where exactly the error occurred, but a correct
>
Tom Eastep wrote:
>
> I suspect that with the destination IP address rewritten to 10.231.113.30,
> the traffic then matches one of your SPD entries so the kernel is trying to
> send it down an IPSEC tunnel.
>
> -Tom
>
Thank you Tom!!!
That was the right guess. "setkey -F -P" and now the packets
18 matches
Mail list logo
