On Fri, Mar 01, 2024 at 12:43:24PM +0200, Tuomo Soini wrote:
> On Thu, 29 Feb 2024 17:17:15 -0500
> Roberto C. Sánchez wrote:
>
> > The odd thing is that I know I have other helpers working correctly. I
> > have AUTOHELPERS=Yes in /etc/shorewall/shorewall.conf and thi
On Fri, Mar 01, 2024 at 12:43:24PM +0200, Tuomo Soini wrote:
> On Thu, 29 Feb 2024 17:17:15 -0500
> Roberto C. Sánchez wrote:
>
> > The odd thing is that I know I have other helpers working correctly. I
> > have AUTOHELPERS=Yes in /etc/shorewall/shorewall.conf and thi
of what is going with this.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
erno con la misma dirección (https://ip-publica:59154)
> desde la red interna y no consigo hacerlo.
>
> Puede ayudarme por favor ?
>
Es dificil estar seguro sin ver la configuración completa, pero me
parece posible que falta la opción 'routeback' en una u otra entrada en
el fichero i
1.x is probably new enough to do everything you need.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.source
entre la IP publica y la
IP externa.
Saludos,
-Roberto
[0] https://shorewall.org/FAQ.htm#faq2b
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
ink that you might need this: https://shorewall.org/shorewall_logging.html
Regards,
-Roberto
--
Roberto C. Sánchez
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
s://shorewall.org. So I wonder why the link in
> the box isn't shorewall.org or https://shorewall.org.
>
> Is the inconsistency desirable? Any objection to a revision?
>
It is likely outdate just because nobody has updated since the domain
migration. I have no objection to a revision.
gt;
>Sorry for the stupid question. I could'nt easily find the answer from your
>website.
No worries.
For handling IPv4, you need Shorewall and for handling IPv6 you need
Shorewall6.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
ht
debian project for me to
investigate whether the Debian packages have the same issue. I will
address it when I can get to the 5.2.8 update.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
___
Shorewa
would need to be able to help you determine what that something else is,
we are at an impasse.
> I removed Shorewall and switched to OPNsense. It took care of it in just a
> few minutes.
>
If that solves your problem, then that is good news.
Regards,
-Roberto
--
Roberto C. Sánc
ress of
your server and forwards the packet to that server. When your server
responds, the firewall automatically performs SNAT to rewrite the source
address in the response.
Everything you need should be on that page, below the text I quoted.
Regards,
-Robe
something is missing on the
> Server1 Shorewall rules?
>
Until you provide the information detailed on the support page, it is
not possible make this determination. If you do not want to post it to
a public list, email me directly.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people
tion described here: https://shorewall.org/support.htm
That should enable a more complete understanding of your problem and
allow for troubleshooting in a way that will allow us to help you
resolve it.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.c
|
> [Server2 with Shorewall]
> |
> [ Service, listening on 10.0.0.2:1234]
>
>
> What rules/SNAT/DNAT do I need for each Shorewall firewall to make it work so
> the 'world' can access the service?
>
You need DNAT, as described here:
ut for a simple setup it
should still apply.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net
ll.
Is there any what that you can run wakeonlan on the Shorewall FW router?
That should simplify things since that machine will be in the two
network segments by virtue of being a router between them.
Regards,
-Roberto
--
Roberto C. Sánchez
http://peo
On Mon, Dec 23, 2019 at 09:53:00AM -0800, Tom Eastep wrote:
> On 12/23/19 6:23 AM, Roberto C. Sánchez wrote:
> >
> > I'd like to see if we can exercise the merge request process. Would you
> > be willing to submit your proposed change as a merge request?
> >
>
&
On Mon, Dec 23, 2019 at 11:47:21PM +0100, Vieri Di Paola wrote:
> On Mon, Dec 23, 2019 at 3:25 PM Roberto C. Sánchez
> wrote:
> >
> > I thought the wiki was set so that anyone who is logged in can edit or
> > create content.
>
> Hi,
>
> I logged in wit
On Mon, Dec 23, 2019 at 10:53:52AM +0100, Vieri Di Paola wrote:
> Hi Roberto,
>
> On Mon, Dec 23, 2019 at 12:57 AM Roberto C. Sánchez
> wrote:
> >
> > Let me encourage you to capture it as a wiki page in GitLab:
> > https://gitlab.com/shorewall/code/-/wikis/home
lab.com/shorewall/code/issues/3
> >
>
> And I have coded and tested a fix. From this point forward, I think
> that I would like to submit fixes to gitlab, but let it be the new
> team who decides when to release either point releases or new
> minor/major releases. I will keep the
470:a:227::2-2001:470:a:227::10]:1000-1010
> > Note: the internal ']-[' should be just a dash '-'.
>
> Ok. That is really a bug in shorewall ipv6 range parser.
>
I have created an issue in GitLab to capture this:
https://gitlab.com/shorewall/code/issu
writing up your guide.
Let me encourage you to capture it as a wiki page in GitLab:
https://gitlab.com/shorewall/code/-/wikis/home
I think it would be beneficial, as others will be able to read it and
benefit from it, and perhaps also update it based on their own
experiences.
Regards,
-Roberto
--
Ro
so, it looks like none of the man pages made the move over to the new
www.shorewall.org hosting.
Matt, Tuomo, do you have any idea about what happened with the man
pages?
> Thanks to all for creating/maintaining such a useful product.
>
We're trying to keep it going. Thanks for your assist
gt;/dev/null ; [ $? -ne 0 ] &&
/sbin/shorewall6 status
That protects against the two mistakes I am most likely to make with
Shorewall:
1. Clearing or stopping the firewall and then forgetting to restart
2. Disabling Shorewall from starting on boot or making a configuration
cha
On Tue, Sep 24, 2019 at 10:55:52AM -0400, Roberto C. Sánchez wrote:
> I have received word from Tom that the server which hosts shorewall.org
> is down. He is working on restoring service. A follow-up note will be
> sent when everything is up and running again.
>
I have heard b
I have received word from Tom that the server which hosts shorewall.org
is down. He is working on restoring service. A follow-up note will be
sent when everything is up and running again.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
erms of the HOWTO, your interfaces would be like this:
eth3 - LAN
eth8 - Internet/WAN
eth6 - DMZ
At least, that is what I think you are trying to accomplish. Have a
look at the HOWTO and follow-up if you still have questions.
Regards,
-Roberto
[0] http://www.shorewall.org/three-interface.ht
Free Software
and Open Source Community.
The Shorewall Project Committee
Matt Darfeuille
Paul Gear
Roberto C. Sánchez
Tuomo Soini
signature.asc
Description: PGP signature
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https
rl/Shorewall/Chains.pm line 5822.
>
This is a known issue. It was also reported in Debian:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903734
Version 5.2.1.3 of Shorewall fixed it.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
___
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
y, expect that
you may not receive the best help if you encounter problems. Feel free
to ask here on the list or in IRC, but not many of us still deal with
such old versions.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http:
ackaging.
If we encounter some unsolvable problem, it would seem we would need to
decide between requesting removal of Shorewall from the Buster release
(I would much prefer to avoid that) or to document the fallback to the
old backend. Either way, a package that works with the
ed and observed that Shorewall started correctly, even though the
> entry in /etc/network/interfaces for the single NIC specified
> 'allow-hotplug'.
>
> So in summary, I am unable to reproduce your findings.
>
My experience was the same.
Regards,
-Roberto
--
Roberto C. Sánc
rding Shorewall, but I am glad you and others benefit
from it. And of course Debian is the best Linux distro :)
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
--
Check out the vibra
'dpkg -i' as there are no dependencies which cannot
be met in Debian Stretch, or even Jessie.
If you use the packages and encounter any issues, please be sure to
report them to the Debian BTS.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
need to add the 'routeback' option to the eth0 line in
/etc/shorewall/interfaces on both hosts. If that does not resolve the
problem, please post the complete output of 'shorewall dump' so that we
can help you identify the cause.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/
om a lan pc, dont receive
> answer (and the network connection icon in the system Tray show
> alert). But if i do a tracert to 8.8.8.8, the alert dissapear and can
> access to internet again.
>
Can you provide the output of 'shorewall dump' run as root after
attempting the pi
how any drops or rejects for UDP port 123. Could you induce the
failure and run 'shorewall dump' again and then provide that output?
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
nd destination addresses
being accessible through the same interface and that you probably have
not set the routeback option on the interface (enp5s2 in this case).
By default Shorewall will not send packets out the same interface which
they entered.
Regards,
-Roberto
--
Roberto C. Sánchez
http:
put of
'shorewall dump' (run as root)?
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
--
Check out the vibrant tech community on one of the world's most
engaging tech
you compared the
configurations you are using via NetworkManager and the CLI client?
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
---
/system is the same between home and
> school setups. However, at school I also seem to have a
> shorewall-init.service, not present at home (where Shorewall starts as
> it should).
>
What is the output of these commands?
systemctl is-enabled shorewall
systemctl is-enabled shorew
r way
around). It should be just a matter of ensuring you have forwarding (I
assume you do or you would have other problems), the right policy (loc
-> vpn == OK), and possibly masquerading (depending on the address
ranges involved).
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~ro
agnose this, we will need the output of 'shorewall dump'
just after a boot/crash. It would be helpful if you could also include
other relevant logs (e.g., the Xorg.log).
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signatur
ing in the version field for "Installed", then look at the output
of `systemctl is-enabled shorewall`. If that spits out "disabled" then
you can turn it on with `systemctl enable shorewall` and it will start
on boot as you would expect.
Regards,
-Roberto
--
Roberto C. Sánchez
ly that your problem has to do with
Shorewall not starting at boot, what init system are you using?
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Descri
sn't
> start on boot.
>
What version of Shorewall and what installation source (upstream
installer or distro packages)?
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description:
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
--
that now redundant?
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
Mobile security can be enabling, not merely re
docker.service to the After line under
[Unit] in shorewall.service, but the problem persists. Do I need to
declare the docker0 bridge as option in /etc/shorewall/interfaces?
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
econ this is the only change you made in the 5.0.7-1 version, am I
>right?
>
>Good solution for anyone installing this version until it emerges in the
>standard repositories.
>
>Thanks and cheers Roberto!
>
>Wouter
> 2016-04-01 14:11 GMT+0
> Accelerate data analysis in your applications with
> Intel Data Analytics Acceleration Library.
> Click to learn more.
> http://pubads.g.doubleclick.net/gampad/clk?id=278785471=/4140
> ___________
> Shorewall-users mailing list
> Shorewall-use
mber of cases where targeted fixes are either
not possible or feasible).
The bottom line is that they version of the Shorewall package in Debian
stale will remain the same for life of the particular stable release.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~ro
interface. Each domU is then connected
to the bridg by the dom0, but the domU is responsible for its own
filtering.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
, so I don't plan to update until the freeze is over.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
Download BIRT
?
I've packaged the Debian versions of shorewall-lite and shorewall6-lite
to only depend on iptables, iproute, and bc. You should not even need
shorewall-core.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description
advantage of install.sh,
but the issue of a dependency on shorewall-core never came up.
Do I need to have the -lite packages depend on shorewall-core? I am
surprised that no bug reports have every been reported on this issue.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
to start
here:
http://shorewall.net/VPNBasics.html
http://shorewall.net/IPSEC-2.6.html
http://shorewall.net/IPSEC.htm
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
--
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net
and it
co-exists? Does shorewall need it for wildcard interfaces in the masq
file..?
What version of Debian, what version of Shorewall, and what version of
the kernel?
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
will let Tom weigh in with any
specific insights he may have on your problem.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
and ignore all the rest.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
features for a fair amount of time. My
experience has been that I always have ample time to sort out any
changes I need to make. Of course, as you point out, sometimes it is
hard to remember *why* you did a specific thing.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com
at the application layer.
I would look at Squid and see if that does what you need.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
/lists/listinfo/shorewall-users
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
HPCC Systems Open Source Big Data Platform from LexisNexis
. I updated the three links you provided and removed
the Shorewall CIA tracker link. I have pushed the changes to Git and
they will be public the next time site content is published.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
and SSH packages and
sometimes a few others depending on my specific needs and the
environment in which it will run (e.g., NFS, Kerberos, NTP, logcheck,
etc.).
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital
/lib/shorewall:
fw firewall
loc ipv4 eth3:0.0.0.0/0
net ipv4 eth2:0.0.0.0/0
What is the output of 'shorewall dump' (run as root, of course).
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
. What is the value of
STARTUP_ENABLED in /etc/shorewall/shorewall.conf? (I probably should
have asked that first).
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
are
seeing.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
Is your legacy SCM system holding you back? Join Perforce May
page:
This file is used to define Proxy ARP. There is one entry in this file
for each IP address to be proxied.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
on how long it has been like this and
whether your backups have been compromised.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
Managing the Performance of Cloud-Based Applications
Take advantage of what
.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
Managing the Performance of Cloud-Based Applications
Take advantage of what
ranges,
then put the addresses/ranges in a blrules file and then restart
Shorewall. There may already be a script floating around for that.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
of apps break in a mandatory access
control environment. This would require some amount of testing to
ensure that everything functions as expected.
Incidentally, I don't think that this something that Shorewall can help
with.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com
.
If you need help with backporting, I wrote HOWTO on that. It is pretty
old, but I have kept it up to date:
http://www.connexer.com/articles/debcustomize
Let me know if you need any assistance in creating backported packages
for your older systems.
Regards,
-Roberto
--
Roberto C. Sánchez
http
the suggestions.
If they do not reply in this thread, I recommend joining the IRC channel
and asking your question there.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
On Fri, Jan 31, 2014 at 11:35:27PM +0100, matt darfeuille wrote:
Hi, while upgrading shorewall to 4.5.21.6 from Roberto C. S�nchez's
repository the following error comes up regarding shorewall-init:
Setting up shorewall-init (4.5.21.6-1~bpo70+1) ...
update-rc.d: warning: stop runlevel
connection. Also, the output of 'ssh -vvv [host]'
might be helpful, but we may not need that just yet.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
://www.shorewall.fi/Shorewall_and_Aliased_Interfaces.html
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
Rapidly troubleshoot
are you using?
Can you have a look at this bug report:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729256
Are you experiencing anything similar to what was reported in that bug?
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
of
reasons, the website redesign did not take place as planned. Now,
almost 5 yeasr later, the website has been redesigned.
Please email feedback/questions/comments to webmas...@shorewall.net.
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description
, or I have also
set up a wheezy repository at my website:
http://people.connexer.com/~roberto/debian/
The packages from my website are signed with my GPG key that is in the
Debian keyring and they are identical to those found in Sid.
Regards,
-Roberto
--
Roberto C. Sánchez
http
will not need to mess
with DynDNS.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
October Webinars: Code for Performance
the Debian Shorewall packages. I am happy to make the
change, but it will have to wait until after the Wheezy release. The
best thing would be if you could file a bug against the shorewall-init
package so that I don't forget about it.
Regards,
-Roberto
--
Roberto C. Sánchez
http
not familiar with OpenVSwitch, but I have all sorts of VPN
interfaces filtered by Shorewall, and the fact that they are not there
at boot time has never been an issue. Can you provide some specific
hints about your configuration?
Regards,
-Roberto
--
Roberto C. Sánchez
http
available to the VPN clients, routing may be a better option.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
Precog
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
Own the Future-Intelreg; Level Up Game Demo Contest 2013
Rise to greatness in Intel's independent
port 80
traffic to enter and go to any host on your network (if you have an UPS
or a router running a web interface for administration, that could be a
bad thing).
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description
, but it appears to not be included in the base Perl
package.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
Everyone
https://lists.sourceforge.net/lists/listinfo/shorewall-users
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
--
Everyone hates slow websites
some action based on some
application-level notion of the content. Shorewall has no notion of
this, and consequently cannot help you.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
192.168.123.3 rather
than the network 192.168.123 violates the principle of least surprise.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital signature
iphone (from mobile Internet G3) over VPN
(l2tp/ipsec) with the firewall.
But I can´t open the necessary Port 1701.
What do you have in your /etc/shorewall/tunnels file?
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
by a 'shorewall start' once you have tested the connectivity).
If after clearing Shorewall, the problem persists, then you have an
Apache configuration issue.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
signature.asc
Description: Digital
considered - may I ask to add a possibility
to retain appropriate route rules and routing tables after shorewall is
stopped ? (extended routestopped functionality ?)
Did you mean to execute 'shorewall safe-restart' instead?
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com
/port-scanner/server/
and I mark that the port is closed least 80, and with the firewallup.
2012/3/9 Roberto C. Sánchez robe...@connexer.com
William,
Can you provide more details as to how you are trying to access the
https paages? For example, can you give an example of a URL
1 - 100 of 267 matches
Mail list logo
