On 11/26/2014 4:25 AM, Hesham Shakil Ahmed wrote:
> Shorewall doesn’t create the correct rule when using MARK(range) in mangle
>
> Trying the following rule:
>
> MARK(0x100-0x200/0xff00) 10.0.0.0/8 0.0.0.0/0
>
> fails with error:
> Bad argument `0x100/0xff00'
> Error occurred at line:
On 11/26/2014 5:32 AM, Artur Uszyński wrote:
> Hello.
>
> Shorewall 4.6.4.1
> kernel 3.10.0
> In shorewall.conf I have "DONT_LOAD=nf_conntrack_sip,nf_nat_sip"
> In shorewall.conf I have "AUTOHELPERS=No", HELPERS is empty.
> SIP section in /etc/shorewall/conntrack is commented out (checked - no sip
On 12/12/2014 11:57 AM, MBB wrote:
>
> Is it possible to configure shorewall that it adds a permanent route to
> host 2.2.2.2 in table main, that even when provider SURF is disabled the
> pings to host 2.2.2.2 go through IF web1?
>
>
>
> I'd appreciate any hint to solve this riddle.
You must
Please don’t apologize! Thank you for your great work.
> On Dec 13, 2014, at 7:06 PM, Tom Eastep wrote:
>
> On 11/26/2014 4:25 AM, Hesham Shakil Ahmed wrote:
>> Shorewall doesn’t create the correct rule when using MARK(range) in mangle
>>
>> Trying the following rule:
>>
>> MARK(0x100-0x200/0
On 12/1/2014 2:45 AM, Giuseppe Vitillaro wrote:
> I'm experimenting a problem using a dynamic zone
>
> I defined long ago, and working without a problem
>
> for months, with shorewall-core 4.5.21.9 under gentoo.
...
>
> Switching to a "dynamic_shared" zone
>
> ast:net ipv4 dynamic_shared
> solv
On 11/26/2014 4:22 PM, jone...@teksavvy.com wrote:
> Hello,
>
> Is there support within Shorewall for applying QoS to GRE ? Looks
> like a popular way of doing that is be the use of a so-called
> pre-classify option. Is there an equivalent in Linux or, any other way
> to apply QoS to GRE ?
>
On 12/3/2014 10:05 AM, Philip Le Riche wrote:
> Probably something silly I'm doing but I don't see it for the moment.
>
> I had rules:
> DNATschlpinet:${Pinet}.1tcpssh-
> ${Schlnet}.129
> DNATschlpinet:${Pinet}.1tcp5900-
> ${Sch
On Saturday 13 December 2014 08:48:17 Tom Eastep wrote:
> On 12/1/2014 2:45 AM, Giuseppe Vitillaro wrote:
> > I'm experimenting a problem using a dynamic zone
> >
> > I defined long ago, and working without a problem
> >
> > for months, with shorewall-core 4.5.21.9 under gentoo.
> ...
> >
> > Sw
On 12/13/2014 9:34 AM, Giuseppe Vitillaro wrote:
>
> Thank you so much, don't worry for the delay.
>
> My bet was for a bug, it is easy to forget
> an "escape" with sed ;-)
>
> Thank you so much for the patch, appreciated.
>
> As a gentoo user I hope the patch will get
> in the mainstream a
Thanks Tom -
It must've been something silly as it seems to be working ok now.
(Unfortunately I only get access to the firewall briefly once a week.)
Regards - Philip
On 13/12/2014 17:01, Tom Eastep wrote:
> On 12/3/2014 10:05 AM, Philip Le Riche wrote:
>> Probably something silly I'm doing but
10 matches
Mail list logo
