Carlos Carrero Gutierrez wrote:
> Hi, i have installed shorewall today and set the default config. But
> when i set the policies and i have tried to run Shorewall, doesn't work
> (in other words, there isn't connection to internet. Somebody could tell
> me how configure the policies?
http://www.sh
On Thu, Oct 16, 2008 at 10:53:02PM +0200, Carlos Carrero Gutierrez wrote:
> Hi, i have installed shorewall today and set the default config. But when i
> set the policies and i have tried to run Shorewall, doesn't work (in other
> words, there isn't connection to internet. Somebody could tell me ho
Hi, i have installed shorewall today and set the default config. But when i
set the policies and i have tried to run Shorewall, doesn't work (in other
words, there isn't connection to internet. Somebody could tell me how
configure the policies?
Thank you.
--
[EMAIL PROTECTED] wrote:
>So in short, there is no way for me to have several DomUs share a
>single public IP.
Yes and No ! Yes, they can all share a single connection through NAT,
no, they can't all offer the same sevices.
You need a simple "two interface router with NAT", which can either
b
- "Martin Leben" <[EMAIL PROTECTED]> wrote:
> Hi eco,
>
> I know you are thinking about using KVM instead of XEN, but anyway...
>
> [EMAIL PROTECTED] wrote:
> > So in short, there is no way for me to have several DomUs share a
> single public IP.
>
> Not correct. You apparently missed a thi
Kristoffer Egefelt wrote:
>
> Is it possible to refer the "cust:[EMAIL PROTECTED]" in the masq file
> without having to specify seperate entries in the interfaces, zone and
> policy files?
>
> What I mean is if I add:
>
> vlan5 vlan5 detect routeback
>
> to the interfaces file - then I
Erwin Geuens wrote:
>
> What do I wrong? A NMAP scan (from remote server) does only reveal port
> 22 is open, no other ports while all stated ports should answer.
A couple of things.
a) Since you are having problems with DNAT, you should follow the port
forwarding debugging steps outlined in FA
Tom Eastep wrote:
> [EMAIL PROTECTED] wrote:
>> Thanks for your feedback Tom and thanks for Shorewall! I'll start
>> installing KVM at home and give it a go.
>>
>> Any trick you can think of for me to make my DomUs available to the net? I
>> can always install shorewall on them.
>
> I think th
Hi eco,
I know you are thinking about using KVM instead of XEN, but anyway...
[EMAIL PROTECTED] wrote:
> So in short, there is no way for me to have several DomUs share a single
> public IP.
Not correct. You apparently missed a thing that Simon Hobson wrote in his very
first reply to you:
> I
[EMAIL PROTECTED] wrote:
>
> Thanks for your feedback Tom and thanks for Shorewall! I'll start installing
> KVM at home and give it a go.
>
> Any trick you can think of for me to make my DomUs available to the net? I
> can always install shorewall on them.
I think that the XenMyWay approach
- "Tom Eastep" <[EMAIL PROTECTED]> wrote:
> I've completely given up on trying to run Shorewall in a Xen Dom0.
> The
> last straw was when the latest and greatest Xen network start script
> started blowing away all firewall rules (kind of) and installing its
> own. It didn't totally undo wha
- "Simon Hobson" <[EMAIL PROTECTED]> wrote:
> >Shows I still have a lot to learn about Xen. Am I right in thinking
>
> >your setup will still only allow one DomU to use the public IP?
>
> Correct - but see below.
>
> >I went over the Tom's documentation again and I see that although
> >e
Simon Hobson wrote:
> Not sure what you mean by 'hardware nat'. The problem with Xen, NAT,
> and firewalling is that Xen makes the networking environment very
> complicated. I really am a lng way from understanding it, but
> from comments made by people (liek Tom) who know more than I do it
>Shows I still have a lot to learn about Xen. Am I right in thinking
>your setup will still only allow one DomU to use the public IP?
Correct - but see below.
>I went over the Tom's documentation again and I see that although
>eth0 has several public IPs, both DomUs (eth3/4) are using the same
Lists wrote:
>The following is the setup I have:
>
>|-eth1 Mail (domU) (10.0.0.1)
>WAN <---> eth0-GW (Dom0) ---|-eth2 WWW (domU) (10.0.0.2)
>(62.235.222.227) (10.0.0.128) |-eth1 test (domU) (10.0.0.3)
>
>I only have one external IP for eth0 and I'd
Lists wrote:
>The following is the setup I have:
>
>|-eth1 Mail (domU) (10.0.0.1)
>WAN <---> eth0-GW (Dom0) ---|-eth2 WWW (domU) (10.0.0.2)
>(62.235.222.227) (10.0.0.128) |-eth1 test (domU) (10.0.0.3)
>
>I only have one external IP for eth0 and I'd
Hi,
I installed a new soekris running Shorewall. 3 interfaces are active
(eth0 = loc, eth1 = net, eth2 = dmz)
I want to run a mailserver (pop3, pop3s, imap, impas, smtp, http, https)
in the dmz zone. the server IP = 192.168.40.52 and a webserver with ip
192.168.40.51.
I used the 3 intrerfaces a
Hi Simon,
Thanks for your reply. The following is the setup I have:
|-eth1 Mail (domU) (10.0.0.1)
WAN <---> eth0-GW (Dom0) ---|-eth2 WWW (domU) (10.0.0.2)
(62.235.222.227) (10.0.0.128) |-eth1 test (domU) (10.0.0.3)
I only have one external IP for
>I am running Debian etch with shorewall 4.0.14-1 and Xen 3.2-1 on a
>2.6.18-6-xen-686 kernel. Xen is running natted and I'm trying to
>setup shorewall. I read the documentation that came closer to it
>(http://www.shorewall.net/XenMyWay-Routed.html) but I just can't get
>it to work.
>
>I have
> Kristoffer Egefelt wrote:
>> Hi,
>>
>> I'd like to have local servers connect to the firewall external ip
>> and
>> have the traffic routed back to the local network. It works manually,
>> but I can't figure out how to make this work through shorewall:
>>
>> *This works:*
>> iptables -t nat -A
Hi Shorewall users,
I am running Debian etch with shorewall 4.0.14-1 and Xen 3.2-1 on a
2.6.18-6-xen-686 kernel. Xen is running natted and I'm trying to setup
shorewall. I read the documentation that came closer to it
(http://www.shorewall.net/XenMyWay-Routed.html) but I just can't get it to
21 matches
Mail list logo