Running Fedora 36 with shorewall6 5.2.3.4
It loads fine, but can' ping6 from client
ran dump and got the following errors:
/usr/bin/which" no tc in
(/sbin:/usr/sbin:/usr/bin:/local/bin:usr/local/sbin)
/usr/share/shorewall/lib.cli: line 255 tc: command not found
/usr/share/shorewall/lib.cli: lin
Shorewall are welcome to use these.
This is what happens when you have time on your hands.
Hope you guys enjoy!!
--
Eric Teeter
motd.tar.gz
Description: application/gzip
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https
disable firewalld.service
If that doesn't fix it you may need to reenable Shorewall.
Hope this helps!
--
Eric Teeter
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
ables -I INPUT1 -p tcp -m tcp --dport67 -j ACCEPT
iptables -I INPUT1 -p udp -m udp --dport67 -j ACCEPT
iptables -I INPUT1 -p tcp -m tcp --dport4711 -i lo -j ACCEPT
IP6Tables (IPv6)
ip6tables -I INPUT -p udp -m udp --sport546:547 --dport546:547 -j ACCEPT
--
Eric Teeter
*Quotes from the TV s
done til the powers that be @ Ubuntu change
their minds and put it back. How should this be reported?
--
Eric Teeter
Quotes from the TV series Gene Roddenberry's Andromeda
"Conceal nothing. And watch the fools search forever."
"I've always found a full deployed battle
group
:f4:e0:64 txqueuelen 1000 (Ethernet)
eno3: flags=4163 mtu 1500
inet 192.168.2.253 netmask 255.255.255.0 broadcast 192.168.2.255
ether d4:be:d9:f4:e0:66 txqueuelen 1000 (Ethernet)
--
Eric Teeter
Eric.Teeter.SWv4.Help.tgz
Description: application/compr
horewall/hosts...
> ERROR: Dynamic nets require Ipset Match in your kernel and iptables
> /etc/shorewall/hosts (line 12)
>
> What am I missing?
>
> Thanks!
> Nick
>
>
--
Eric Teeter Brooklyn WI
--
On 5/20/2016 8:34 PM, Tom Eastep wrote:
On 5/20/2016 9:30 AM, Eric Teeter wrote:
Tom:
I have Shorewall v 4.5.21.6 and trying IPSET when I put the following in
blrules file:
#ACTION SOURCE DEST PROTO DEST
SOURCE
suppose to work having to supply both source and
destination. Your sample does not show this.
Does version 5 do the same thing?
when I upgrade
--
Eric Teeter
--
Mobile security can be enabling, not merely restricting
Thanks
On 5/17/2016 9:54 AM, Tom Eastep wrote:
On 05/17/2016 07:19 AM, Eric Teeter wrote:
Tom:
I was looking at using IPSET with shorewall an noticed that
shorewall6.conf did not have "SAVE_IPSETS=No" as shorewall.conf.
IPv6 had all
Tom:
I was looking at using IPSET with shorewall an noticed that
shorewall6.conf did not have "SAVE_IPSETS=No" as shorewall.conf.
IPv6 had all the other IPSET variables that version 4 had. Was
this a mistake or was the done deliberately.
Shorewall versi
03/30/2016 10:29 AM, Eric Teeter wrote:
I have a question for all on this list?
I am planning to write a bash script to install Shorewall for myself.
What I was wondering is would anyone else would be interested, as I
would release with min the same License as Shorewall?
romises for him.
Let me know if you have any questions.
Eric Teeter
--
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analyti
Webmin does about 90 - 95% of what can be done manually I don't think any thing
would be 100%. You may have to write your own Macro for your setup, but that
will make it easier to use Webmin, as Webmin can find those new Macros if setup
correctly.
But the best thing is visually to figure out w
Alex:
I have been using Webmin for about 10 years. Just make sure you change port
from 1 to an arcane port for security reasons.
edit /etc/webmin/miniserv.conf
You can install using Yum:
If you like to install and update Webmin via RPM, create the
/etc/yum.repos.d/webmin.repo file contain
JD
A stab in the dark may be that you have two web servers on the the same port 80
try changing the second web server to a different port say 9001 as your
translating
it should work. Your game is not on port 80 is it?
hope this helps!
- Original Message -
From: "Joseph DeGraw"
To: shor
Răzvan
If all you need is a macro you can write one yourself and then send it in
and Tom will be happy to include it in the next iteration of Shorewall. There
is enough information in the documantation, or just reuse and rename another
macro,
which is what I do.
I have summited a few macros myse
Tom:
Macro you can add for Citrix Goto Meeting
#
# Shorewall version 4 - Citrix/Goto Meeting macro
#
# /usr/share/shorewall/macro.Goto-Meeting
# by Eric Teeter
# This macro handles Citrix/Goto Meeting
# Assumed that ports 80 and 443 are already open
# If need use those macros that open
Squid by it self won't but if you add something like SquidGuard to Squid,
which is desinged to block spcific sites was as down to pages. They have
thosands of prebuilt urls to block (i.e. porn, shopping, hacking all in groups
to add).
There are several packages to Squid which uses helper apps to d
Tom:
charter.com IPv6 link
Is their web site that gives the information I can call them to confirm. It
will take some time.
Point me to the tools as I am new to IPv6 and will try them.
Eric
- Original Message -
From: "Tom Eastep"
To: shorewall-users@lists.sourceforge.net
Sent
Dear Tom:
I am trying to do IPv6 using the the peramaters that Charter gave me the
following for Shorewall6 version 4.5.21.6.
Prefix = 2602:100::/32
Boarder Relay Address 68.114.165.1
Prefix length = 32
IPv4 mask length = 0
DNS 1 Address = 2607:f428:1::5353:1
DNS 2 Address = 2607:f428:2:
Tadd:
I would run web test sites to see if that is true, like one or all of the
following:
http://www.speedtest.net/
http://www.speakeasy.net/speedtest/ I like this one as you can test different
cites (distance) to see if that might be the problem.
I ran test on my shorewall against a lin
- Original Message -
From: "Tom Eastep"
To: shorewall-users@lists.sourceforge.net
Sent: Wednesday, May 7, 2014 6:16:00 PM
Subject: Re: [Shorewall-users] My Shorewall configuration crashes kernel
3.13.9
On 5/7/2014 3:17 PM, Tom Eastep wrote:
> On 5/7/2014 2:55 PM, Tom Eastep wrote:
y Steam but he never had to do that. The main
difference between our setups is he is running version 4.4.17 and I am running
4.4.26.1.
Thank you for your reply.
Jesse
On 17 April 2014 17:16, Eric Teeter < teet...@charter.net > wrote:
Jesse:
I would compare all your file(s) se
Jesse:
I would compare all your file(s) setting against your friends that works and
see what is missing/incorrect. I would print out on paper both then use the
sheets to manually compare them.
I find that making macros for opening port for a specific application easier
for debugging problems
Dear Pete:
You need to use ports and either tcp or udp for definitions for the firewall.
the best thing I did was look at the macros that come with Shorewall (ie
macro.DNS) it usually is under /usr/share/shorewall/
for example:
#
# Shorewall version 4 - DNS Macro
#
# /usr/share/shorewall/
looks like you forgot a line in your rules
rules:
ACCEPT$FWnet tcp www <- looks like you forgot this line
REDIRECT loc3128 tcp www
To check if it is the fire wall or the proxy place #'s in front of both ACCEPT
and REDIRECT this will effectiv
Internal comment so it is possible to follow, what ever you think is needed.
- Original Message -
From: "Tom Eastep"
To: shorewall-users@lists.sourceforge.net
Sent: Tuesday, January 15, 2013 3:18:16 PM
Subject: Re: [Shorewall-users] Samba 4
On 01/15/2013 01:08 PM, Eric Te
can comment out each that they do not need, you also know what port is
related to AD.
I hope you put in you next version of Shorewall.
--
Eric Teeter
macro.ActiveDir
Description: Binary data
--
Master SQL Server
Dear Tom:
I am trying to use tcrules to give TOS to my phone system.
The following does not give me any error but is there improvements that can be
made?
/etc/shorewall/tcrules
#ACTION SOURCE DEST PROTO PORT(S) SOURCE USER TEST LENGTH TOS CONNBYTES HELPER
1 0.0.0.0/0 192.168.1.249 udp 100
Tom:
No, I do not have either file.
Eric
- Original Message -
From: "Tom Eastep"
To: shorewall-users@lists.sourceforge.net
Sent: Thursday, October 11, 2012 12:11:56 PM
Subject: Re: [Shorewall-users] Up Grade not fully working
On 10/11/2012 09:59 AM, Eric Teeter wrote:
&g
use=1
Eric
- Original Message -
From: "Tom Eastep"
To: shorewall-users@lists.sourceforge.net
Sent: Thursday, October 11, 2012 10:56:05 AM
Subject: Re: [Shorewall-users] Up Grade not fully working
On 10/11/2012 08:30 AM, Eric Teeter wrote:
> I want to say about 4.3 but I
I want to say about 4.3 but I am not shure
- Original Message -
From: "Tom Eastep"
To: shorewall-users@lists.sourceforge.net
Sent: Thursday, October 11, 2012 9:59:40 AM
Subject: Re: [Shorewall-users] Up Grade not fully working
On 10/11/2012 07:49 AM, Eric Teeter wrote:
> To
Check IP Address
None of your cards have a 172.28.5 address
- Original Message -
From: "Bart Smink"
To: shorewall-users@lists.sourceforge.net
Sent: Thursday, March 22, 2012 4:31:14 PM
Subject: [Shorewall-users] Problems with reaching ppp+ interfaces
Hi everyone,
I am having some
know the port numbers
have a referance to work with.
Eric
- Original Message -
From: "Chris Boot"
To: "Shorewall Users"
Sent: Saturday, March 17, 2012 10:01:57 AM
Subject: Re: [Shorewall-users] new macros I use
On 16 Mar 2012, at 17:58, Eric Teeter wrote:
> Tom:
wall-users] new macros I use
On Fri, 16 Mar 2012 12:58:07 -0500 (CDT)
Eric Teeter wrote:
> Tom:
>
> I have two macro's that you may want to add to the new versions of
> Shorewall.
>
> Hope this helps!
>
> macro.Phone works for IP Phones (example Asterisk et
Tom:
I have two macro's that you may want to add to the new versions of Shorewall.
Hope this helps!
macro.Phone works for IP Phones (example Asterisk etc.)
macro.Prelude works for Prelude IDS
--
Eric Teeter
macro.Prelude
Description: Binary data
macro.Phone
Description: B
That's it.
Thanks
Eric
- Original Message -
From: "Tom Eastep"
To: shorewall-users@lists.sourceforge.net
Sent: Thursday, March 15, 2012 12:37:30 PM
Subject: Re: [Shorewall-users] Firewall up not letting traffic through
On 03/15/2012 09:29 AM, Eric Teeter wrote:
> Tom
mputer can ping computer on inside network and "yahoo.com"
--
Eric Teeter
504 Main St.
Brooklyn, WI 53521
(608) 807-4277
status.txt.gz
Description: GNU Zip compressed data
--
This SF email is sponsosred b
dles ports for Telephone Service
#
# By Eric Teeter
#
###
#ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/
# PORT(S) PORT(S) LIMIT GROUP
PARAM - - udp 5060:5090 #SIP Ports
PARAM - - udp 4569 #IAX
PARAM - - udp 5036 #IAX v2
40 matches
Mail list logo
