On 11/26/10 7:50 PM, Alan Madill wrote:
> To make it more complicated I think he is trying to make use of voice VLANs
> which seem to be a sort of hybrid.
> http://cciepursuit.wordpress.com/2009/01/01/group-study-good-explanation-of-the-voice-vlan/
No Cisco equipment here, only linux, Netgear, and
figure it out. All what I can offer
to you is to reproduce each time on one of our machines with vlan
support enabled.
Cheers
Michael
--------
*Von:*Stephen Brown [mailto:stephen.brow...@gmail.com]
*Gesendet:* Donnerstag, 25. N
That was my suspicion as well, but I wasn't entirely sure... thanks I'll
keep digging :)
On 11/25/10 3:37 PM, Tom Eastep wrote:
On 11/25/10 12:25 PM, Stephen Brown wrote:
Thanks Tom, here's the output of shorewall show routing:
Table main:
70.90.228.192/29 dev eth0 proto ker
2, on dev eth1
Nov 25 15:24:36 bubastis kernel: [28104.130152] ll header:
d8:5d:4c:b0:70:8e:00:25:90:01:35:44:08:00
I kinda think I know what's going on, but not really.
Any help appreciated :)
Thanks,
Stephen
On 11/25/10 2:24 PM, Tom Eastep wrote:
On 11/25/10 11:11 AM, Stephen Brown w
I'm playing around with VLAN's and I have a VLAN capable (layer 2) smart
switch. I see a steady stream of martians in the logfile if I have the
routefilter option set on the loc zone interfaces in
/etc/shorewall/interfaces. I have two interfaces in the loc zone, eth1
and vlan2 respectively. vla
have originated from 70.90.228.196 on the net
side. I'll also have some other servers, vm's etc. in this subnet using
various TCP/UDP ports that I would like to restrict to this address as
well.
Thanks,
Stephen
On 11/19/10 11:34 AM, Tom Eastep wrote:
On 11/19/10 3:32 AM, Stephen Bro
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've just ordered a Comcast business class connection with 5 static IP
addresses.
Reading over the aliased interfaces documentation, I'm not real clear on
what to do with /etc/shorewall/interfaces (if anything).
I'll be setting up eth0:0-eth0:4 all i
On 8/5/10 8:47 AM, Stephen Brown wrote:
>> I am having some weird issues that I can't quite figure out.
>>
>> My first issue is if I am logged into the box running shorewall I can
>> not SSH to a machine sitting on the local LAN segment, shorewall rejects
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am having some weird issues that I can't quite figure out.
My first issue is if I am logged into the box running shorewall I can
not SSH to a machine sitting on the local LAN segment, shorewall rejects
the packet with this log:
Aug 5 11:40:57 fw2l
>
> The 'optional' option in the providers file is deprecated in favor if
> the same option in the interfaces file (which Steven is obviously setting).
>
> The Warnings are fine.
>
> -Tom
Yes indeed :)
neteth0detecttcpflags,optional
neteth1detect tcpflags,o
s,
Stephen
On 7/27/10 11:12 AM, Tom Eastep wrote:
> On 7/27/10 6:21 AM, Stephen Brown Jr wrote:
>> Thanks Tom... this appears to work as intended now, but I need
>> clarification on one additional item.
>>
>> I simulated a DSL outage by shutting the modem off and resta
Thanks Tom... this appears to work as intended now, but I need clarification
on one additional item.
I simulated a DSL outage by shutting the modem off and restarting shorewall,
however I can not route via the cable connection? My initial thought is that
Shorewall does not (and has no way of knowi
Well I'm still having a tough time getting this to work and I can't
figure out why, I am most likely missing something or misconfiguring
something.
I have two providers, one is local to the box with a static IP (DSL) on
it's own interface (eth0), the other is on eth1 hanging off a wireless
rou
Well my requirements have changed. Due to multiple attempts to get
things working and the limitation of not being able to use a dhcp
assigned address as a fallback provider, and not to mention an angry
wife for the internet being up and down (I've GOT to keep her happy at
all costs lol), I'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> Right -- I should have mentioned that having a dynamic IP provider as
> a 'fallback' won't work because DHCP will automatically add the
> cable default route in the main routing table. Using weights as you
> are doing simply makes the balancing choos
, Stephen Brown wrote:
I understand the tcrules setup (I think) in regards to what I am trying
to accomplish for outbound VoIP traffic. Inbound traffic will be
directed to the cable link as well, I'm going to create SRV records to
provide redundancy, will shorewall still process my DNAT
/1050858
Some of my configs may undoubtedly be wrong or not optimized, so any
help appreciated :)
Thanks,
Stephen
On 7/19/10 11:36 AM, Tom Eastep wrote:
> On 7/19/10 8:25 AM, Stephen Brown wrote:
>> I recently ordered a residential class cable connection from Comcast to
>> comp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thanks Tom I'll give this a whirl tonight when I get home and see
how it goes, I'll undoubtedly have more questions :)
On 7/19/10 12:25 PM, Tom Eastep wrote:
> On 7/19/10 8:36 AM, Tom Eastep wrote:
>> On 7/19/10 8:25 AM,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I recently ordered a residential class cable connection from Comcast to
complement my static DSL connection for redundancy.
My eventual goal is to run all of my VoIP traffic (SIP and IAX) over the
cable connection and to also use it as a backup to my
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am thinking about signing up for Comcast Business class internet with
5 public IP's.
I run a shorewall box with two network cards, and no space to add any
more. eth0 is currently pointing towards my existing DSL provider (with
a single IP) and eth1
Eastep wrote:
> On Thu, 2010-02-04 at 19:47 -0500, Stephen Brown wrote:
>
>> Ok I'm almost there! The tunnel is up, and I changed what you mentioned
>> below, everything is working as intended except I can not get the
>> OpenVPN client to pull an IP via DHCP.
>>
Yes, here is what I have in /etc/shorewall/interfaces:
loc br0 192.168.1.255
routeback,bridge,dhcp,tcpflags,nosmurfs,routefilter,logmartians
Thanks,
Stephen
On 2/4/10 7:59 PM, Tom Eastep wrote:
> On Thu, 2010-02-04 at 19:47 -0500, Stephen Brown wrote:
>
>> O
2/4/10 4:00 PM, Tom Eastep wrote:
> Stephen Brown wrote:
>
>> Thanks Tom, I did see the link you referenced below and it's thrown me
>> off just a bit.
>>
>> To clarify, as it stands now I have this in /etc/shorewall/interfaces:
>> loc eth1
r the wrap, but hopefully you'll get the idea)
So I would just change eth1 to tap0 instead? How will this affect my
normal lan routing, if at all?
On 2/4/10 2:41 PM, Tom Eastep wrote:
> Stephen Brown wrote:
>
>>
>> Am I on the right track for accomplishing what I am trying to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm running Shorewall 4.4.0/Debian Lenny and I'm trying to setup OpenVPN
with a mild degree of success so far.
My ultimate end goal is to basically have an extension of my home lan to
my laptop as well as my wife's when we are away from home, and have
it's static IP configuration, but I could be wrong
Or am I completely off base alltogether? :)
Thanks,
Stephen
On Tue, Dec 15, 2009 at 10:05, Tom Eastep wrote:
> Stephen Brown wrote:
> >> I didn't even add a static route. I've a similar setup (Netgear
> >&g
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> I didn't even add a static route. I've a similar setup (Netgear
> DM111P) and the only thing I've had to do is add a rule to allow the
> traffic to that IP address (otherwise it gets blocked by all the
> RFC1918 rules). The modem knows that to reach
I can't, hence the reason I setup an aliased interface. My LAN is setup
for 192.168.1.x and the modem is 192.168.2.1, I can't think of any other
way to do it unless I create a static route maybe?
Open to suggestions :)
Thanks,
Stephen
On 12/13/09 8:01 PM, Roberto C. Sanchez wrote:
I'm running Shorewall 4.4.0 on a two NIC system. eth0 is facing the
internet on a DSL circuit, and eth1 is facing my local LAN.
I setup a virtual interface on eth0:0 as 192.168.2.2 to be able to
access the modem configuration, the modem's address is 192.168.2.1 I'm
able to get to it ok, but I a
29 matches
Mail list logo
