Re: [Shorewall-users] SNATting

2019-01-12 Thread Bill Shirley
I've been debugging a IPv6 problem and just recently realized that Shorewall's started file can help: /usr/sbin/sysctl net.ipv6.fwmark_reflect net.ipv6.conf.all.proxy_ndp /usr/sbin/sysctl net.ipv6.conf.ccast.proxy_ndp net.ipv6.conf.ccast.accept_ra net.ipv6.conf.ccast.accept_redirects

Re: [Shorewall-users] Websites Are Down!

2019-01-12 Thread C. Cook
On 1/12/19 1:24 PM, C. Cook wrote: > > > On 1/12/19 1:10 PM, C. Cook wrote: >> >> >> On 1/12/19 12:45 PM, C. Cook wrote: >>> >>> >>> On 1/12/19 12:37 PM, Roberto C. Sánchez wrote: On Sat, Jan 12, 2019 at 12:33:48PM -0800, C. Cook wrote: >... and can't get up! > >[Sat Jan

Re: [Shorewall-users] Websites Are Down!

2019-01-12 Thread C. Cook
On 1/12/19 1:10 PM, C. Cook wrote: > > > On 1/12/19 12:45 PM, C. Cook wrote: >> >> >> On 1/12/19 12:37 PM, Roberto C. Sánchez wrote: >>> On Sat, Jan 12, 2019 at 12:33:48PM -0800, C. Cook wrote: ... and can't get up! [Sat Jan 12 11:56:22 2019] FORWARD REJECT IN=eth0 OUT=eth0

Re: [Shorewall-users] Websites Are Down!

2019-01-12 Thread C. Cook
On 1/12/19 12:45 PM, C. Cook wrote: > > > On 1/12/19 12:37 PM, Roberto C. Sánchez wrote: >> On Sat, Jan 12, 2019 at 12:33:48PM -0800, C. Cook wrote: >>>... and can't get up! >>> >>>[Sat Jan 12 11:56:22 2019] FORWARD REJECT IN=eth0 OUT=eth0 >>

Re: [Shorewall-users] Websites Are Down!

2019-01-12 Thread C. Cook
On 1/12/19 12:37 PM, Roberto C. Sánchez wrote: > On Sat, Jan 12, 2019 at 12:33:48PM -0800, C. Cook wrote: >>... and can't get up! >> >>[Sat Jan 12 11:56:22 2019] FORWARD REJECT IN=eth0 OUT=eth0 > > > Have you specified

Re: [Shorewall-users] Websites Are Down!

2019-01-12 Thread Roberto C . Sánchez
On Sat, Jan 12, 2019 at 12:33:48PM -0800, C. Cook wrote: >... and can't get up! > >[Sat Jan 12 11:56:22 2019] FORWARD REJECT IN=eth0 OUT=eth0 Have you specified routeback for eth0 in interfaces? Regards, -Roberto --

[Shorewall-users] Websites Are Down!

2019-01-12 Thread C. Cook
... and can't get up! [Sat Jan 12 11:56:22 2019] FORWARD REJECT IN=eth0 OUT=eth0 MAC=00:1f:5b:23:51:f2:f6:b5:2f:a2:db:8e:08:00 SRC=5.158.83.30 DST=10.1.1.30 LEN=48 TOS=0x00 PREC=0x00 TTL=42 ID=47070 DF PROTO=TCP SPT=60896 DPT=443 WINDOW=29200 RES=0x00 SYN URGP=0 OPT (020405B401030307) [Sat Jan 12

Re: [Shorewall-users] Interface's wait=200 returns error whereas wait=120 does not. Why?

2019-01-12 Thread Tom Eastep
On 1/11/19 3:18 PM, Fog_Watch wrote: > Hello > > I would like an option on my ppp0 interface to be wait=200. When set > the following error is returned "Invalid value (200) for option wait". > wait=120 returns no such error. How do I set wait=200? > You can't - the maximum allowed value for