Reviewing the manpages, I see the error in my /etc/shorewall/policy file...
I originally defined the first two rules as shown below to allow
communication with my network. I added the 'reject all' rule to prevent all
other communication requests. I should set all policies below to reject.
Then I
Hello,
I have configured a squid transparent proxy in my network with the
instructions found here :
http://www.shorewall.net/Shorewall_Squid_Usage.html#Local
This works perfectly, and has been like that for ages. But I followed
the instructions like a robot, and I don't really understand every
i
On 6/16/10 10:23 PM, John Brendler wrote:
>
> I have explicit paths for all the executables, and I already
> double-checked that.
>
> Shorewall::Config::IPSet_Match(/usr/share/shorewall/Shorewall/Config.pm:2351):
> 2351: my $ipset = $config{IPSET} || 'ipset';
> DB<2> n
> Shorewall::Confi
On 6/17/10 2:28 AM, Rémi Letot wrote:
> Hello,
>
> I have configured a squid transparent proxy in my network with the
> instructions found here :
>
> http://www.shorewall.net/Shorewall_Squid_Usage.html#Local
>
> This works perfectly, and has been like that for ages. But I followed
> the instruct
THANK YOU!
-Original Message-
From: TomEastep [mailto:teas...@shorewall.comcastbiz.net]
Sent: Wednesday, June 16, 2010 11:28 AM
To: Shorewall Users
Subject: [Shorewall-users] TPROXY Configuration
My responses to this thread were classified as spam so probably went
unread.
I have updated
On Wed, 2010-06-16 at 23:41 -0600, Jeff Taylor wrote:
> In the past month or so, I have been getting a flood of martian packets
> showing in my syslog. According to the log, the martian source is
> always one server, but the 'from' IP will be anything within the range
> of my blocks from either
I assume you're referring to this portion?
25801 1979K MASQUERADE all -- * * 10.0.0.0/16 0.0.0.0/0
2212 112K SNAT all -- * * 10.10.0.0/16 0.0.0.0/0
to:216.87.84.211
39 2340 SNAT all -- * * 10.20.0.0/
On Thu, 2010-06-17 at 10:35 -0600, Jeff Taylor wrote:
> I assume you're referring to this portion?
>
> 25801 1979K MASQUERADE all -- * * 10.0.0.0/16
> 0.0.0.0/0
> 2212 112K SNAT all -- * * 10.10.0.0/16 0.0.0.0/0
> to:216.87
Hi, is there any way to monitor bandwidth usage in my shorewall that have 3
different ISP. Now I am using iptraf, but I would like to know WHO is using
my bandwidth. Is that possible?
Really thanks
--
ThinkGeek and WIRED's
Nico Pagliaro wrote:
> Hi, is there any way to monitor bandwidth usage in my shorewall that
> have 3 different ISP. Now I am using iptraf, but I would like to know
> WHO is using my bandwidth. Is that possible?
For real time bw monitoring I use iftop, you can bind it to any network
interface, som
On 6/17/10 11:14 AM, Nico Pagliaro wrote:
> Hi, is there any way to monitor bandwidth usage in my shorewall that
> have 3 different ISP. Now I am using iptraf, but I would like to know
> WHO is using my bandwidth. Is that possible?
Install ntop.
-Tom
--
Tom Eastep\ When I die, I want to
Jorge, como puede hacer para saber quien o que usuario es el que esta
consumiendo el trafico? How do I know wich user is using my bandwidth?
Gracias - thanks
2010/6/17 Jorge Armando Medina
>
>
> Nico Pagliaro wrote:
> > Hi, is there any way to monitor bandwidth usage in my shorewall that
> > ha
iptraf shows you the IP addresses using your bandwidth, what more do
you need than that?
You may want to map IP addresses to easy to identify DNS names to get
a better view of the
specific user.
Some other command line tools, similar to iptraf:
dnstop
iftop
pktstat
ntop
iptraf
ifstatus
jnettop
But
Brad, in iptraf, where can you see the internal ip which is consuming
bandwidth? I cant find that option.. I can monitor traffic between my
extranal ip and the destination, but not which internal ip.
Thanks and sorry about my question. Perhaps I can write you out if this
forum because we are talki
Well, iptraf is more of a real time thing, so you'd have to be
watching it at the moment you suspect a problem.
But, by default, iptraf sorts the traffic by the most used.
Also, instead of watching the outside interface, you may have to watch
the inside interface to see the
specific IP address caus
On 6/17/10 9:35 AM, Jeff Taylor wrote:
> I assume you're referring to this portion?
>
> 25801 1979K MASQUERADE all -- * * 10.0.0.0/16
> 0.0.0.0/0
> 2212 112K SNAT all -- * * 10.10.0.0/16 0.0.0.0/0
> to:216.87.84.211
>3
Brad!! WOW, really thanks for you help!! I will try all of this stuff and
then I let you know how it goes.
Thanks
On Thu, Jun 17, 2010 at 5:01 PM, Brad Bendily wrote:
> Well, iptraf is more of a real time thing, so you'd have to be
> watching it at the moment you suspect a problem.
> But, by def
I've been running both commands for about an hour, and have NOT seen any
results from the tcdump commands on either nic. Martian logs are
continuing as normal.
Tom Eastep wrote:
On 6/17/10 9:35 AM, Jeff Taylor wrote:
I assume you're referring to this portion?
25801 1979K MASQUERADE all
18 matches
Mail list logo
