On 9/30/10 4:21 PM, Mr Dash Four wrote:
>
>> 1) Shorewall now uses the 'conntrack' utility for 'show connections'
>> if that utility is installed. Going forward, the Netfilter team
>> will be enhancing this interface rather than the /proc interface.
>>
> Is there any difference between
> 1) Shorewall now uses the 'conntrack' utility for 'show connections'
> if that utility is installed. Going forward, the Netfilter team
> will be enhancing this interface rather than the /proc interface.
>
Is there any difference between 'shorewall show connections' when
conntrack ut
On 9/30/10 3:59 PM, Simon Buckner wrote:
> Hi,
>
> It is the multiple-ISP configuration. Most traffic should route out
> the primary interface but certain traffic should route out the second
> interface. Specifically and traffic to an IP address should go down
> the second which is a private netw
Hi,
It is the multiple-ISP configuration. Most traffic should route out the
primary interface but certain traffic should route out the second interface.
Specifically and traffic to an IP address should go down the second which is a
private network.
Simon
Sent from my iPhone
On 30 Sep 2010
>>> 1) Shorewall now uses the 'conntrack' utility for 'show connections'
>>> if that utility is installed. Going forward, the Netfilter team
>>> will be enhancing this interface rather than the /proc interface.
>>>
>>>
>> Erm, No!
>>
>> The /proc interface will also be 'fixed' t
On 9/30/10 3:35 PM, Simon Buckner wrote:
> Hi,
> I'll be able to double check tomorrow but I think it's running
> kernel-0-2.6.9-89.
I just installed it and it seems to be 2.6.9-89 but I'm in the process
of doing a 'yum update' so that may change.
You said that you are having problems "getting t
On 9/30/10 3:20 PM, Mr Dash Four wrote:
>
>> 1) Shorewall now uses the 'conntrack' utility for 'show connections'
>> if that utility is installed. Going forward, the Netfilter team
>> will be enhancing this interface rather than the /proc interface.
>>
> Erm, No!
>
> The /proc interfa
Hi,
I'll be able to double check tomorrow but I think it's running
kernel-0-2.6.9-89.
Simon
-Original Message-
From: Tom Eastep [mailto:teas...@shorewall.net]
Sent: 30 September 2010 22:40
To: shorewall-users@lists.sourceforge.net
Subject: Re: [Shorewall-users] CentOS 4.8/Shorewall Prob
> 1) Shorewall now uses the 'conntrack' utility for 'show connections'
> if that utility is installed. Going forward, the Netfilter team
> will be enhancing this interface rather than the /proc interface.
>
Erm, No!
The /proc interface will also be 'fixed' to include secctx field (i.e
> shorewall save
> shorewall restart
>
That, to me, seems the best alternative and I amended my init.d script
to replace the existing reload with the above two statements. It works
and I like it.
--
Start uncovering
Beta 3 is now available for testing.
---
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
1) Previously, Shorewall6 produce
On 9/30/10 1:55 PM, Simon Buckner wrote:
> Please let me know what config details you want me to post and I'll put
> them up?
What kernel version does CentOS 4.8 use?
-Tom
--
Tom Eastep\ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep.
Hi,
Not sure where to post this. I don't think it's a Shorewall problem but I'm
hoping that one of you has come across this before and know how to fix it. I'm
pretty sure it's a kernel thing and I've posted it on the CentOs forum as well
but though it couldn't hurt to post it here as well.
I ha
On 9/30/10 11:50 AM, Mr Dash Four wrote:
>
>> man shorewall and look for 'safe-restart'.
>>
> shorewall safe-restart it is then, except, is there a way I could get
> away with the prompt and let shorewall decide if there were no
> errors to assume the new configuration, but if there were to
> au
> man shorewall and look for 'safe-restart'.
>
shorewall safe-restart it is then, except, is there a way I could get
away with the prompt and let shorewall decide if there were no errors to
assume the new configuration, but if there were to automatically restore
the old one (i.e. bypass the
On 9/30/10 10:44 AM, Mr Dash Four wrote:
>
>>> Shorewall stopped. <===
>>>
>>
>> At this point, Shorewall was stopped! That causes init to be invoked
>> with $COMMAND=stop
>>
> Ah, I see! So, if there is any error in my config files (rules, secmarks
> etc) running Shorewall gives up a
>> Shorewall stopped. <===
>>
>
> At this point, Shorewall was stopped! That causes init to be invoked
> with $COMMAND=stop
>
Ah, I see! So, if there is any error in my config files (rules, secmarks
etc) running Shorewall gives up and stops and when I then execute
'service shorewall
Quoting Tom Eastep :
On 9/29/10 11:07 PM, Mark D. Montgomery II wrote:
bnet, which supports UPnP
I would like to be able to see it from the machines on the normal subnet
so UPnP capable devices like my N900 can see it and watch the media on it.
Is this possible?
Not that I'm aware of. Linu
On 9/29/10 11:07 PM, Mark D. Montgomery II wrote:
bnet, which supports UPnP
>
> I would like to be able to see it from the machines on the normal subnet
> so UPnP capable devices like my N900 can see it and watch the media on it.
>
> Is this possible?
Not that I'm aware of. Linux-igd (which is
19 matches
Mail list logo