Hi,
I'm trying to setup accounting, but I want to get it down to a
particular IP behind the firewall.
As an example, I could have a simple smtp accounting rule like this:
smtp:COUNT - eth0
eth1 tcp 25
smtp:COUNT - eth1
eth0 tcp
Hi,
I don't know what's happened suddenly to my firewall.
I see no sign of device trouble, nothing very telling in my logs. All
of a sudden my data transfer rate has dropped drastically, but this is
only for servers behind the firewall.
I've rebooted the servers, rebooted the firewall, rebooted
At Monday, 12-05-2011 on 23:52 "Ricardo Kleemann" wrote:
Hi,
I don't know what's happened suddenly to my firewall.
I see no sign of device trouble, nothing very telling in my logs. All
of a sudden my data transfer rate has dropped drastically, but this is
only for servers
ing data (from internet to server) and the
> transfer is fast as expected. But try to download and we're back
down
> to ridiculously low data rates.
>
> :-(
>
> At Monday, 12-05-2011 on 23:52 "Ricardo Kleemann" wrote:
>
> Hi,
>
> I don't know wha
Hi,
I run a small system with an older version of shorewall (1.4.2). It has been
extremely solid for a long time.
But recently I have noticed the connection table filling up, which has never
happened before. My guess is that the box is getting hit with floods.
The system only has 64M of ram
Hi,
I run an older version of shorewall (1.4.2) and need some helping setting up
some rules.
I received an abusenet notification that one of my servers is being used to
hack elsewhere. I don't know if anyone here is familiar with
Linux.Backdoor.Small.o, any help would be greatly appreciated.
(or even a
catch-all).
Thank you
Ricardo
On Mon, 2008-09-08 at 16:31 -0700, Tom Eastep wrote:
> Ricardo Kleemann wrote:
> > Hi,
> >
> > I run an older version of shorewall (1.4.2) and need some helping
> > setting up some rules.
> >
> > I received an
up only after all the ACCEPT rules?
On Mon, 2008-09-08 at 19:43 -0700, Tom Eastep wrote:
> Ricardo Kleemann wrote:
>
> > However I understand I need to also block outbound for those ports as
> > being sources as well. How would I go about doing that?
>
> I have no id
, Ricardo Kleemann wrote:
> I apologize for my lack of knowledge.
>
> Ok, but I have some doubts as far as how I would go about first blocking
> all traffic "anywhere" from the servers lan except for the few ports
> allowed.
>
> For example, won't dns requests
tc/shorewall/rules" for necessary inbound traffic.
> 8) Add rules in "/etc/shorewall/rules" for necessary outbound traffic.
>
> We are here to help you, but since this is not a paid support line you are
> also
> expected to have made your homework first.
> <http:
Is there a way for show connections to show only the outbound?
It's seems to be very difficult to filter out the outbound only from
such a large output.
Ricardo
On Tue, 2008-09-09 at 16:25 -0700, Tom Eastep wrote:
> Tom Eastep wrote:
>
> > As Martin has described, the left part of each entry de
I'll answer my own question... ;-)
I simply took the output of show connections, put it into excel and
sorted the data in order to be able to better diagnose it. ;-)
Ricardo
On Thu, 2008-09-11 at 07:36 -0700, Ricardo Kleemann wrote:
> Is there a way for show connections to show
Hi,
I'm setting up shorewall (v. 3.4.8) and have established some IPs in the
nat file.
For testing purposes only, I have my main eth0 interface for shorewall
(the "net" interface) in network 192.168.0. The dmz interface is eth2 in
network 192.168.1.
Here's a snippet of ip addr output:
3: eth0:
On Thu, 2008-09-18 at 17:59 -0700, Tom Eastep wrote:
> Ricardo Kleemann wrote:
> > Hi,
> >
> > I'm setting up shorewall (v. 3.4.8) and have established some IPs in the
> > nat file.
> >
> > For testing purposes only, I have my main eth0 interfac
On Thu, 2008-09-18 at 18:07 -0700, Tom Eastep wrote:
> Ricardo Kleemann wrote:
> > On Thu, 2008-09-18 at 17:59 -0700, Tom Eastep wrote:
> >> Ricardo Kleemann wrote:
> >>> I know packets are not being dropped so it's not shorewall that's
> >>> b
On Thu, 2008-09-18 at 18:07 -0700, Tom Eastep wrote:
> Ricardo Kleemann wrote:
> > On Thu, 2008-09-18 at 17:59 -0700, Tom Eastep wrote:
> >> Ricardo Kleemann wrote:
> >>> I know packets are not being dropped so it's not shorewall that's
> >>> b
> >> What is the setting of IP_FORWARDING in /etc/shorewall/shorewall.conf?
> >>
> >
> > It's set to On... :-/
> >
> > Could it be because I have the fw connected directly to the server
> > (rather than via switch)? I wouldn't think so since ping from the
> > firewall (fw -> dmz) works... it's
On Thu, 2008-09-18 at 19:53 -0700, Tom Eastep wrote:
> Ricardo Kleemann wrote:
> >>>> What is the setting of IP_FORWARDING in /etc/shorewall/shorewall.conf?
> >>>>
> >>> It's set to On... :-/
> >>>
> >>> Could it be bec
Hi guys,
My shorewall appliance has 3 eth interfaces. I have one as the main net i/f,
and another is the dmz. The third I'm not currently using.
I currently have 2 subnets assigned to me, and I'm wondering how is it possible
to have shorewall make use of both subnets?
The 2 subnets I have are:
- Original Message -
From: "Martin Leben" <[EMAIL PROTECTED]>
To:
Sent: Friday, October 03, 2008 2:42 PM
Subject: Re: [Shorewall-users] net interface and 2 subnets
> Ricardo Kleemann wrote:
>> Hi guys,
>>
>> My shorewall appliance has 3 eth interfaces. I hav
On Fri, 2008-10-03 at 15:48 -0700, Tom Eastep wrote:
> Ricardo Kleemann wrote:
> > Thanks.
> >
> > The examples show how to setup 2 local subnets. In my case, I have to
> > external subnets, and only 1 local (or dmz) subnet.
> >
> > All the examples I
21 matches
Mail list logo
