an interface. It carries ip traffic and it will work uite
happily
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Yahshua Loves You!
--
Dive into
You MUST attach the gzipped or bzipped dump with your email and not put
it in a dropbox.
All I can go on to help out a bit is my experiences.
Sorry that I cannot help any further but will watch the thread to see
what transpires!
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking
pingable or maybe a first or
second hop router. Just what rocks your boat to prove that the link is up!
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Yahshua Loves You!
--
down" stories!
So try it without the shorewall linlage!
Then finally! Toms docs are correct! The only arg lsm accepts is the
name and location of its config file! No -c!!!
>From ps -ef|grep lsm gives
/sbin/lsm /etc/lsm/lsm.conf
Ang - whose sett for bed after a busy day!
--
Angela Willi
kind at
http://abatis.org.uk/sshdfilter/
which I have used to really good effect. It fits in well with shorewall
and relies on sshd logging the connections.
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Yahshua Loves You!
ar 26 14:31 nat
> -rw---. 1 root root 226 Mar 26 14:31 policies
> -rw---. 1 root root 2 Mar 26 14:31 ppp0.status
> -rw---. 1 root root 2 Mar 26 14:31 ppp0_weight
> -rw---. 1 root root 0 Mar 26 14:31 proxyarp
> -rw---. 1 root root29 Mar 26 14:31
tml
>
> Now I manually modified the iptables for the establishing and keeping the VPN
> connection with the following commands and then it works as expected :
>
>
> iptables -A INPUT -p tcp --dport 1194 -j ACCEPT
>
> iptables -A INPUT -i tun0 -j ACCEPT
> iptable
2.168.70.19 and its Ethernet cable
is plugged to eth0. Shorewall and OpenVPN server running on that board
with the following Shorewall configuration :
grep vpn *
interfaces:ovpn tun+
policy:loc ovpnACCEPT
policy:ovpnfw ACCEPT
polic
now and into
the future!
Me? I'd bite the bullet and change your side to say 172.27.235.0/24.
That might leave you on safe ground!
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http:/
the users!
I had one big corporate that decided that they could happily use a range
of addresses in the 196 range! We'll never connect to the internet they
told me! Well they did and things work until they ha
Hi Tom!
On 24/04/2014 04:29, Tom Eastep wrote:
> On 4/23/2014 11:52 AM, Angela Williams wrote:
>> Hi All!
>> Only I can find these weird problems!
>>
>> I have pretty much duplicated another customers setup with 3 isp's. Only
>> difference is is the n
Hi Tom!
On 24/04/2014 04:29, Tom Eastep wrote:
> On 4/23/2014 11:52 AM, Angela Williams wrote:
>> Hi All!
>> Only I can find these weird problems!
>>
>> I have pretty much duplicated another customers setup with 3 isp's. Only
>> difference is is the n
ibre. From the server itself my named server does not seem to
work either. If I force a default route ot via the adsl named works
fine! Shutdown shorewall and the problems go away! Not the righr way to
work!
I have attached the required dump as a gzip tente-dump.gz
Ang
--
Angela Williams
a
Hi Tom!
On 28/03/2014 20:45, Tom Eastep wrote:
> On 3/28/2014 11:18 AM, Angela Williams wrote:
>
>>>
>>> And I learnt a bit more!
>>>
>>> I do have AUTOHELPERS=Yes in the shorewall.conf file because I have the
>>> ones required compiled into
Hi Tom
On 28/03/2014 20:04, Angela Williams wrote:
> Hi Tom!
>
> On 28/03/2014 19:36, Tom Eastep wrote:
>> On 3/28/2014 9:41 AM, Angela Williams wrote:
>>> Hi Tom!
>>>
>>> On 28/03/2014 18:02, Tom Eastep wrote:
>>>> On 3/28/2014 1:10 AM, Ange
Hi Tom!
On 28/03/2014 19:36, Tom Eastep wrote:
> On 3/28/2014 9:41 AM, Angela Williams wrote:
>> Hi Tom!
>>
>> On 28/03/2014 18:02, Tom Eastep wrote:
>>> On 3/28/2014 1:10 AM, Angela Williams wrote:
>>>> Hi!
>>>>
>>>> On 27/03
Hi Tom!
On 28/03/2014 18:02, Tom Eastep wrote:
> On 3/28/2014 1:10 AM, Angela Williams wrote:
>> Hi!
>>
>> On 27/03/2014 20:54, Tom Eastep wrote:
>>> On 3/27/2014 10:54 AM, Angela Williams wrote:
>>>> Hi Tom!
>>>>
>>>> On 27/0
Hi!
On 27/03/2014 20:54, Tom Eastep wrote:
> On 3/27/2014 10:54 AM, Angela Williams wrote:
>> Hi Tom!
>>
>> On 27/03/2014 19:02, Tom Eastep wrote:
>>> On 3/27/2014 8:53 AM, Angela Williams wrote:
>>>> Hi All!
>>>> I've no hit the same pro
Hi Tom!
On 27/03/2014 19:02, Tom Eastep wrote:
On 3/27/2014 8:53 AM, Angela Williams wrote:
Hi All!
I've no hit the same problem I hit quite some time back in trying to
replace a rather limited script based iptables rule generator. Now I
have no option really. The customer now has add a
the same for both firewall generators!
Maybe it's just me misreading or misunderstanding the docs!
Or maybe I just need my bum kicked!
I have bziped up the shorewall dump and it is attached as ross.dump.bz2/
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networkin
Hi Tom and others
On 17/03/2014 17:42, Tom Eastep wrote:
> On 3/17/2014 8:12 AM, Tom Eastep wrote:
>> On 3/17/2014 5:15 AM, Angela Williams wrote:
>>> Hi All!
>>> when I used to train Burroughs/Unisys engineers I would always start
>>> with pointing out that th
ing with headoffice States side!
Any thoughts and ideas are most welcome!
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Yeshua Loves You!
--
Lea
Hi All AND Tom!
On 30/11/2013 19:46, Tom Eastep wrote:
> On 11/29/2013 5:14 AM, Angela Williams wrote:
>> Hi All!
>>
>> I have a happy shorewall user who needs something that should quite
>> simple but for the life of me I just cannot figure it out! Well other
>>
r are controlled through
squid.
All ideas of how to achieve the above would be welcomed!
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Yeshua Love
Hi Tom!
On 23/08/2013 22:03, Tom Eastep wrote:
> On 8/22/2013 9:32 AM, Angela Williams wrote:
>> Hi!
>> Been away from the list for a short while.
>>
>> I have just got Shorewall 4.5.15 up and running at a customer with two
>> ISP's. One is a leased line a
at shorewall dump in gzip format! I've looked at it and
again nothing looks wrong to my poor old untrained eyes!
TIA!
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Yeshua Loves You!
shorewall_dump.txt.gz
Descri
this.
>
> Any suggestion?
Squid in transparent proxy mode! Your users will never see it and you
can get lots of info out of the squid logs!
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Sm
Hi All!
On 06/08/12 21:16, I.S.C. William wrote:
> If Working !!! ... Thank's Angela !!
At least I can give something back!
Thank you!
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Yeshua L
of all the extra bits
and makes the rules file neat!
Cheers
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Yeshua Loves You!
--
Live Security Virtual Confere
Hi All!
On 06/05/12 01:15, Tom Eastep wrote:
> On 6/4/12 2:10 PM, Angela Williams wrote:
>> Hi All
>>
>> I have created a macro called macro.CRM to handle a special CRM package
>> my customer's dealers use to order caravans and track them through
>> assemp
thing over!)
I cannot really see any problem. But maybe two or more DNAT's is a no
no! Never had any need to do it before either!
Ball now in your court! I'm off to bed!
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smi
you might need a rule
or two. Just depends on how secure you have made shorewall to the LOCAL
zone!
I hope this helps a bit!
Cheers
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Yeshua Loves You!
---
use.
You really need to read through the docs as it is all there!
Cheers
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Yeshua Loves You!
--
Live S
typed what I told her!
One trick I have learnt is to force a backdoor route just in case and
even if that does mean customer hopping!
Cheers
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Yeshua Loves You!
with our only fixed line provider here is S
Africa so it is a bit more difficult to resolve things! Both the ISP's we use
for this customer are connected to the local peering point via the fixed line
provider, The joys of State owned companies!
Cheers
Ang
--
Angela Williams
angierfw at gma
the special ip's only run now and again and are not madly critical.
Cheers
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Jesus Loves You!
--
Try
Hi All
On Sunday 19 February 2012 at 21:24 Tom Eastep :-
> On Feb 19, 2012, at 6:45 AM, Angela Williams wrote:
> > Is there another way around this issue?
>
> Is sshd configured to only listen on the primary address?
No. I did a little test with the old iptables script and I c
r!
Cheers
Ang!
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Jesus Loves You!
--
Virtualization & Cloud Management Using Capacity Planning
Cloud com
Hi All
On Thursday 02 February 2012 at 16:29 Tom Eastep :-
> On 02/02/2012 03:41 AM, Angela Williams wrote:
> > On Tuesday 31 January 2012 at 17:50 Tom Eastep :-
> >
> >> On Tue, 2012-01-31 at 15:03 +0200, Angela Williams wrote:
> >>> At a guess I would start
Hi All
On Thursday 02 February 2012 at 16:26 Tom Eastep :-
> On 02/02/2012 03:36 AM, Angela Williams wrote:
> > What are the chances of keeping my IMQ stuff?
>
> The commands shown in Pablo's email should still work.
Thanks Tom!
I will post my results once I have it up and
Hi All
On Tuesday 31 January 2012 at 17:50 Tom Eastep :-
> On Tue, 2012-01-31 at 15:03 +0200, Angela Williams wrote:
> > At a guess I would start with the actions file to add a rule but adding
> > the SSHD table is another whole story!
> >
> > Any ideas anyone! Crack
wiz.
Cheers
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Smile! Jesus Loves You!
--
Keep Your Developer Skills Current with LearnDevNow!
The
Hi All
On Tuesday 31 January 2012 at 17:50 Tom Eastep :-
> On Tue, 2012-01-31 at 15:03 +0200, Angela Williams wrote:
> > At a guess I would start with the actions file to add a rule but adding
> > the SSHD table is another whole story!
> >
> > Any ideas anyone! Crack
SSHD table is another whole story!
Any ideas anyone! Crack this one and Shorewall will go back into all my
customers! My old script is past it's sell by date!
Cheers
Ang
--
Angela Williams
angierfw at gmail dot com
Linux/Networking Hacker
Blog http://angierfw.wordpress.com
Sm
44 matches
Mail list logo