Am Freitag, 20. Juni 2014 schrieb Tom Eastep:
On 6/19/2014 2:47 PM, Dr. Harry Knitter wrote:
Dear list members,
I'm really frustated about not being able to get a Debiand Wheezy machine
routing packets from the internal network to the external interface.
The machine has two nics
I'm running the Debian (sid) package of Shorewall 4.6.1; kernel 3.14 (debian
package)
When I upgraded to Shorewall 4.6.1, I have found that setting
`INLINE_MATCHES=yes` in shorewall.conf will cause the following error with
`shorewall start`
Running /sbin/iptables-restore...
Bad argument
I just added a new server to my web cluster, at low load all is good but at
peek time i get this :
kernel: [321835.288989] net_ratelimit: 6 callbacks suppressedkernel:
[321835.288992] nf_conntrack: table full, dropping packet.kernel:
[321835.289119] nf_conntrack: table full, dropping
Dr. Harry Knitter ha...@knitter-edv-beratung.de wrote:
The machine has two nics eth0 (internal) and eth1 (external), the latte
pointing to a dsl-router.
The internal net is 192.168.0.0/24 the external, consisting only oft the
external nic and the dsl-router is 192.168.120.0/24
snip
masq
On 6/20/2014 4:21 AM, Roland RoLaNd wrote: I just added a new server
to my web cluster, at low load all is good but
at peek time i get this :
Take a look at
http://antmeetspenguin.blogspot.com/2011/01/high-performance-linux-router.html
as a starting point.
- Bob
kernel:[321835.288989]
Hi, I previously used (4.5.x, 4.6.0) the following Portknocking
configuration (from here http://shorewall.net/Events.html):
/etc/shorewall/actions:
#ACTION OPTION DESCRIPTION
SSHKnock #SSH Port Knocking
On 6/20/2014 11:03 AM, Tornhoof wrote:
Hi, I previously used (4.5.x, 4.6.0) the following Portknocking
configuration (from here http://shorewall.net/Events.html):
After updating to 4.6.1.1, I had the following warnings:
Jun 20 18:27:34WARNING: The destination zone (loc) is ignored in
On 6/20/2014 12:41 PM, Tom Eastep wrote:
I would still prefer to use the Events system, how can I use get around
this error?
Please recreate this failure but use 'shorewall check -T', and forward
the complete error output.
Nevermind -- I've recreated the problem.
-Tom
--
Tom Eastep
On 6/20/2014 1:27 PM, Tom Eastep wrote:
On 6/20/2014 12:41 PM, Tom Eastep wrote:
I would still prefer to use the Events system, how can I use get around
this error?
Please recreate this failure but use 'shorewall check -T', and forward
the complete error output.
Nevermind -- I've
