[Shorewall-users] Allow openvpn from dedicated host behind firewall

Hello, I'm trying to set up shorewall to allow traffic from a single host behind the firewall to a remote network both connected as openvpn clients to an openvpn-server on the internet. |---| |---| | local | | local | | vpn client | - |

[Shorewall-users] Shorewalll 4.4.11 RC 1

RC 1 is now available for testing. This version corrects several problems in Beta 3: 1) Release notes now correctly refer to FORWARD_CLEAR_MARK rather than CLEAR_FORWARD_MARK. 2) The NET3 column in /etc/shorewall/netmap now works correctly. 3) A missing closing quote in the generated script

[Shorewall-users] Possible problem with OPTIMIZE=1

I noticed an issue today where a DROP rule at the top of my rules was optimized out when OPTIMIZE=1. The rule was a wildcard rule and I know category 1 optimization does remove those, but it has a different log level, so I thought it would remain. This is with shorewall version 4.4.10.3. Here

Re: [Shorewall-users] Allow openvpn from dedicated host behind firewall

Hi, Tom Eastep schrieb: On 7/9/10 1:03 AM, Markus Plessing wrote: Hello, I'm trying to set up shorewall to allow traffic from a single host behind the firewall to a remote network both connected as openvpn clients to an openvpn-server on the internet. [...] If the tunnel is being

[Shorewall-users] More bridge/router woes.

At this point I'm rather certain my issue is not specific to shorewall, but likely something lower level that I have configured wrong. The box is running Proxmox (Debian Lenny basically) as the base. eth0 is the outside interface connected to the ISP. eth1 is the lan/bridge physical interface

Re: [Shorewall-users] More bridge/router woes.

On 7/9/10 9:22 PM, Mark D. Montgomery II wrote: At this point I'm rather certain my issue is not specific to shorewall, but likely something lower level that I have configured wrong. The box is running Proxmox (Debian Lenny basically) as the base. eth0 is the outside interface connected to the

Re: [Shorewall-users] More bridge/router woes.

Have you enabled ip forwarding (IP_FORWARDING=On in shorewall.conf)? Yup. If so, what is the MTU of eth0? If it is less than 1500 (Comcast has been known to configure MTU=576 on their consumer DHCP setups), then try setting CLAMPMSS=Yes in shorewall.conf. Bingo! That was it exactly. I

[Shorewall-users] AUTO: Eduardo Ferreira está de férias! (retornando Seg 26/07/2010)

Estarei ausente do escritório entre Sáb 10/07/2010 e Seg 26/07/2010. Para assuntos profissionais, procurar Marco Aurélio Khazrik (3804-8607) ou Fábio Carvalho (3804-8605). Para assuntos particulares, responderei quando voltar. Note: This is an automated response to your message Re: