@lists.sourceforge.net
Cc: Charrua [EMAIL PROTECTED]
Sent: Monday, January 09, 2006 9:37 PM
Subject: Re: [leaf-user] Firewall hangup
---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX
Hi,
I am migrated to Leaf bering-uclibc 2.4beta1, with shorewall 2.4.7. My
problem is each twelve hours the firewall hang up.
If I reboot the PC, all works ok again. I don`t have more information
because the firewall is located in another city.
I know is poor information, but now is only this
.
Maybe this the problem? when I use the Bering 2.3 modules.lrp, the system
hangup.
Thanks,
Andrés
- Original Message -
From: Charrua [EMAIL PROTECTED]
To: leaf-user@lists.sourceforge.net
Sent: Monday, January 09, 2006 3:08 PM
Subject: [leaf-user] Firewall hangup
Hi,
I am
m 2006.01.09 19:23 schrieb(en) Charrua:
The configuration is a Two ISP providers, one of them is ADSL with
dinamic
ip.
I use SNAT, DNAT, and publics IP.
- Original Message - From: Charrua [EMAIL PROTECTED]
To: leaf-user@lists.sourceforge.net
Sent: Monday, January 09, 2006 3:08 PM
this problem because the ip of the adsl changes? Is it
necessary to configure Shorewall to take the adsl ip changes?
Thanks,
Andrés
- Original Message -
From: Bodo Meissner [EMAIL PROTECTED]
To: leaf-user@lists.sourceforge.net
Sent: Monday, January 09, 2006 3:41 PM
Subject: Re: [leaf-user
@lists.sourceforge.net
Sent: Monday, January 09, 2006 5:05 PM
Subject: Re: [leaf-user] Firewall hangup
That is posible.. but the problem is I cant't check the logs because the
PC was rebooted, so I can´t verify this.
But I don´t use the ADSL line, all the traffic is routed via de primary
connection(LMDS
Andres,
The configuration is a Two ISP providers, one of them is ADSL with
dinamic ip. I use SNAT, DNAT, and publics IP.
Today, I change the modules.lrp, with one created with
www.ucbering.de/cgi-bin/modules.cgi for kernel 2.4.32, before I used the
modules.lrp from Bering 2.3.
Maybe
when, the ip of my
adsl change?
Thanks,
Andrés
- Original Message -
From: Eric Spakman [EMAIL PROTECTED]
To: Charrua [EMAIL PROTECTED]
Cc: leaf-user@lists.sourceforge.net
Sent: Monday, January 09, 2006 5:25 PM
Subject: Re: [leaf-user] Firewall hangup
Andres,
The configuration
On Monday 09 January 2006 17:22, Charrua wrote:
Yes I used 2.3 modules with Bering-uClibc-2.4beta1 (kernel 2.4.32). Now I
use the correct modules.
When i see your message, with subject [leaf-user] 2.4.32 available in
modules.cgi , I created the new modules.lrp.
Maybe this the problem?
But I
Now I'm all snug and cosy behind my Leaf Bering firewall (thanks to the helpful
folk
on this forum), I'd like to see just how secure it appears from the outside.
There are
various sites, some of them commercial, that give a free firewall security test.
I've tried some of them and they give
On Wednesday 30 November 2005 10:09, Jim Ford wrote:
Now I'm all snug and cosy behind my Leaf Bering firewall (thanks to the
helpful folk on this forum), I'd like to see just how secure it appears
from the outside. There are various sites, some of them commercial, that
give a free firewall
Tom Eastep wrote:
On Wednesday 30 November 2005 10:09, Jim Ford wrote:
Now I'm all snug and cosy behind my Leaf Bering firewall (thanks to the
helpful folk on this forum), I'd like to see just how secure it appears
from the outside. There are various sites, some of them commercial, that
Jaime
Thanks for the info
Jaime Nebrera wrote:
...
D) FreeBSD (actually dont know what BDS m0n0wall uses) is much more
linear and predictable on its behavior, standing for higher loads.
Did you test Linux in router configuration?
cheers
Erich
Hi all,
For all people just testing firewall performance.
We are in the process of publishing some graphs regarding firewall
performance (mainly in low end hardware). We have compared mainly Linux
(2.4.30 and 2.6.11) and FreeBSD (m0n0wall) on a Geode 266, Via 533 and
Via 1Ghz all with
Hi,
http://svn.netfilter.org/cgi-bin/viewcvs.cgi/trunk/netfilter-ha/
You want ct_sync, or connection tracking syncronization. I am not sure what
it's status really is, but I think it is in 'testing' or 'works for me'.
Yep, all of you agreed on this solution. It seems active know, it
Hi all,
We are investigating on firewall failover design. I have searched the
net and found that projects like LVS have it mostly solved for their
side but that netfilter lacks it.
Of course, a simple failover of the firewall is available using things
like VRRP (KeepAlive software) but
We are investigating on firewall failover design. I have
searched the net and found that projects like LVS have it
mostly solved for their side but that netfilter lacks it.
Of course, a simple failover of the firewall is available
using things like VRRP (KeepAlive software) but
HI,
I am new to leaf and am running bering_uclibc 2.1.3. Ihave only just recently got my
firewall up and runnng, protecting my local network using the default shorewall
settings. However,in Weblet, I have a red light for Firewall under LEAF status and it
says error. When I click on the red
:40:27 GMT
To: [EMAIL PROTECTED]
Subject: [leaf-user] Firewall error on Weblet
HI,
I am new to leaf and am running bering_uclibc 2.1.3. Ihave only just
recently got my firewall up and runnng, protecting my local network using
the default shorewall settings. However,in Weblet, I have a red light
Hello All,
Please be patient with me, I am new to the Linux world and I am not a
security expert.
I built a uClibc firewall version 2.0 Linux firewall kernel 2.4.20 from the
image Bering-uClibc_2.0_img_bering-uclibc-1680.exe and I have been
compromised. I have included a lot of information here
On Mon, 22 Dec 2003, Ken wrote:
Please be patient with me, I am new to the Linux world and I am not a
security expert.
Then big red flashing lights should have been going off in your head
before you posted. I'm not going to respond -- when you can provide
conslusive evidence that your
On Monday 22 December 2003 08:16 pm, Ken wrote:
Hello All,
Please be patient with me, I am new to the Linux world and I am not a
security expert.
I built a uClibc firewall version 2.0 Linux firewall kernel 2.4.20 from the
image Bering-uClibc_2.0_img_bering-uclibc-1680.exe and I have been
Preliminary comment: Tom is right. You've provided here nothing to indicate
that your router/firewall has been compromised, so there is no way we (or
anyone) can tell you how they did it.
Some more specific comments appear inline. I hope you consider them
patient ... you are unlikely to get
Couple of things on this. Interspersed where relevant.
Brian Kolaci wrote:
Hi,
I'm looking to setup a box mainly as a routing decision maker.
I'll have 2 DSL lines, a primary and backup (to 2 different ISP's). I'd
like traffic to go out the primary (faster and static IP's) when its up
and have
Hi,
I'm looking to setup a box mainly as a routing decision maker.
I'll have 2 DSL lines, a primary and backup (to 2 different ISP's). I'd
like traffic to go out the primary (faster and static IP's) when its up
and have it automatically failover to the second DSL router when the first
dies. I
- Original Message -
From: Ronny Aasen [EMAIL PROTECTED]
To: leaf [EMAIL PROTECTED]
Cc: AdStar [EMAIL PROTECTED]
Sent: Tuesday, October 21, 2003 6:03 PM
Subject: Re: [leaf-user] Firewall load and shorewall accounting questions.
only problem i have is that i have no idea how to set
On Tue, 2003-10-21 at 01:25, AdStar wrote:
Hi all,
I'm running a bering firewall in my production environment and have a couple
of questions about the accounting side of things with shorewall and firewall
load.
How often are the counters reset, is it only on a shorewall restart (firewall
Hi all,
I'm running a bering firewall in my production environment and have a couple
of questions about the accounting side of things with shorewall and firewall
load.
How often are the counters reset, is it only on a shorewall restart (firewall
reboot etc)?
If I wanted to track traffic from a
On Monday 20 October 2003 06:25 pm, AdStar wrote:
[...]
How can I track how hard the firewall is working?
When I say how hard, as in packet throughput, cpu load etc.
What do I check for to know if I need to upgrade the CPU, or go to 1000/100
NIC's etc
/proc and 'netstat'. There should be
obviously the advantage over REJECT.
Thanks again.
Regards,
joe.
- Original Message -
From: Tony [EMAIL PROTECTED]
Date: Tue, 07 Oct 2003 07:31:46 -0400
To:
Subject: Re: [leaf-user] Firewall Getting Hammered.
Joe,
Are you implementing a blacklist with Shorewall? Just add the offending
Hi Joe
On Mon, 06 Oct 2003 20:23:58 -0500, j d [EMAIL PROTECTED] wrote:
Anyway, in the last two days I've had a lot of hits on my external eth0
from these two sources (x.x.x.x is my eth0 address leased from the
upstream DNS server via pump):
Oct 5 07:43:33 cerberus Shorewall:net2all:DROP:
Joe,
Are you implementing a blacklist with Shorewall? Just add the offending
SRC addys to your list and refresh. If they're spamming you with
Messenger spam, why would you want them connecting to any legitimate
services you have running?
I figure if they're lowlifes to begin with, they can
Hi all.
I've recently had some trouble with my Bering-uClibc configuration, so I've been
spending a lot of time with re-installation problems and not much with watching the fw
logs. Anyway, I've lately seen a real spike in behavior coming into the firewall, and
since I haven't changed any
After some problems getting my second floppy recognized under Dachstein,
I am wondering whether or not I should switch to something else.
But, that leaves me with a lot more questions:
How do the various LEAFirewalls differ?
What are the major minimum requirements for each?
Why should I use
Arnold Wiegert wrote:
After some problems getting my second floppy recognized under
Dachstein, I am wondering whether or not I should switch to something
else.
Did you edit syslinux.cfg on the first floppy and make sure the second
floppy is defined for floppies
PKGPATH=/dev/fd0,/dev/fd1
or
Hi. Just me again.
I'm confused about what I can use in Shorewall Policies and Rules to
indicate the Firewall itself. The text seems to tell me I must use $fw
but the initially commented out line in the Policy file uses just fw.
Are $fw and fw interchangeable in rules and policies? Loc, dmz
On Thursday 30 January 2003 09:28 pm, you wrote:
Hi. Just me again.
I'm confused about what I can use in Shorewall Policies and Rules to
indicate the Firewall itself. The text seems to tell me I must use $fw
but the initially commented out line in the Policy file uses just fw.
Are $fw and
--On Friday, January 31, 2003 11:28 AM +0800 David Pitts
[EMAIL PROTECTED] wrote:
I'm confused about what I can use in Shorewall Policies and Rules to
indicate the Firewall itself. The text seems to tell me I must use $fw
but the initially commented out line in the Policy file uses just fw.
i dont know if this makles sense but anyway
will the router be a good firewall so i can take zonealarm pro off my main computer
to
hopefully speed it up abit???
thanks
---
Sponsored by:
ThinkGeek at http://www.ThinkGeek.com/
Gatesy (family of Bill?),
From: Gatesy [EMAIL PROTECTED]
Date: Sun, 23 Jun 2002 21:22:04 +1000
i dont know if this makles sense but anyway
Makes sense to me at least...
will the router be a good firewall so i can take zonealarm pro off
my main computer to hopefully speed it up
Gatesy,
From: Gatesy [EMAIL PROTECTED]
Date: Sun, 23 Jun 2002 23:26:36 +1000
no sorry not family of billy.
;-)
how do i set this thing up??
I am afraid I can't hold your hand here very much...
This is not the world of 'download the executable, start the
installer, click on OK three or
Gatesy,
From: Gatesy [EMAIL PROTECTED]
Date: Mon, 24 Jun 2002 00:12:31 +1000
This thread should go over the mailing list, *please* don't just email
me, at least 'CC: [EMAIL PROTECTED]'.
If you go over the list and I should stop answering your emails,
others might be prepared to take over the
On Sun, 2002-06-23 at 06:47, [EMAIL PROTECTED] wrote:
From: Gatesy [EMAIL PROTECTED]
Date: Sun, 23 Jun 2002 23:26:36 +1000
how do i set this thing up??
May I suggest that you visit Charles Steinkuehler's site at
http://lrp.steinkuehler.net/ for 'Easy to use disk images and lots of
On Sunday 23 June 2002 07:32, Mark Plowman wrote:
Gatesy (family of Bill?),
From: Gatesy [EMAIL PROTECTED]
Date: Sun, 23 Jun 2002 21:22:04 +1000
i dont know if this makles sense but anyway
Makes sense to me at least...
will the router be a good firewall so i can take zonealarm
i dont know if this makles sense but anyway
will the router be a good firewall so i can take zonealarm pro off my
main computer to
hopefully speed it up abit???
You could, but you shouldn't. The LEAF firewall makes a very good first
line of defense, but *ANY* border router firewall (ie
Gentlemen,
Thank you for the *very* constructive additions to my feeble
offering. I was staring to worry that I was going to be the only
person fielding this thread, and that was starting to scare me!
Greetings
--
Mark Plowman
---
I need to setup a firewall for my office. There is already a
router/gateway box
but we dont have access to it in order to put a firewall on.
I would like to
use a LEAF box as a firewall directly behind the router. Is
You should provide lots more information about your existing setup. I'll
I need to setup a firewall for my office. There is already a
router/gateway box
but we dont have access to it in order to put a firewall on.
I would like to
use a LEAF box as a firewall directly behind the router. Is
You should provide lots more information about your existing setup. I'll
Ray Olszewski wrote:
snip
Having found it, we still have to fix it. I don't use the Dach default
firewall, but someone else can tell you the edit for it ... or you can try
scanning the list archives (the external-privvate-address problem comes up
regularly on the list). [Mike, is this problem
Put a blank floppy in the LEAF floppy drive.
At a prompt, enter mount -t msdos /dev/fd0 /mnt
cat /etc/network.conf /mnt/network.txt
umount /mnt
send any other information on other things you've done to configure the
box. You shouldn't have to modify anything
DUH!
Thanks Ray!
nm my post.
--
~Lynn Avants
aka Guitarlynn
guitarlynn at users.sourceforge.net
http://leaf.sourceforge.net
If linux isn't the answer, you've probably got the wrong question!
___
Leaf-user mailing list
[EMAIL PROTECTED]
[EMAIL PROTECTED] wrote:
Ok. I have spent the last 2 days messing with Dachstein (Floppy based).
I still can't get it to work.
I have gone through all menu option on lrcfg about 20 times. I have looked over
most of
the documentation I have found.
This is my situation:
I am getting
Hi. The excerpt you quote looks like womething I wrote. If that's so ...
... what I was trting to indicate is that if the LEAF router has in place an
ipchains rule that DENYs input going to the address you try to ping (or,
possibly, to your gateway), you will get this message from sendto(). The
On Mon, 14 Jan 2002, Dr. Richard W. Tibbs wrote:
I have sporadically had the same problem, probably due to network
misconfig on my end.
What I am still curious about --- maybe someone can explain this --- is
why a unix socket system call, sendto(), is being invoked by ping ---
which
Richard,
From: Dr. Richard W. Tibbs [EMAIL PROTECTED]
Date: Mon, 14 Jan 2002 11:06:13 -0500
I have sporadically had the same problem, probably due to network
misconfig on my end.
What I am still curious about --- maybe someone can explain this --- is
why a unix socket system call,
While sifting through docs I found this error which I have been receiving, while
trying to
ping any internet IP from the LRP box:
sendto(): operation not permitted
It says that this is the result of incorrect setup of the Firewall rules. Where can I
find some
documentation on setting up a
What distribution are you using?
What IP addresses are you using for your external interface?
Quoting [EMAIL PROTECTED]:
While sifting through docs I found this error which I have been
receiving, while trying to
ping any internet IP from the LRP box:
sendto(): operation not permitted
It
A couple of things are happening. First, it seems that your Dach box is not
obtaining a proper address from your ISP. If your address used to be
24.116.x.x, you should be seeing something similar now. Since it is getting
assigned a 10.x.x.x address, the ipfilter code is generating the
When I attempt to ftp our server (192.139.75.6) it was taking up to
30 sec to connect. (It should take 2 sec) I turned on logging and this is
the output.
Nov 27 22:12:12 firewall kernel: Packet log: remote DENY eth0 PROTO=6
192.139.75.6:1083 192.139.75.156:113 L=60 S=0x00 I=19689
Well ... assuming you are correct that this DENY is associated with the ftp
attempt ... your ftp server, or some related application (like tcp wrappers)
on the system it is running on (192.139.75.6), is sending an ident query to
the client (192.139.75.156 in the log entry you posted) you are
On Wednesday 28 November 2001 08:22 am, Troy Aden wrote:
When I attempt to ftp our server (192.139.75.6) it was taking up to
30 sec to connect. (It should take 2 sec) I turned on logging and this is
the output.
Nov 27 22:12:12 firewall kernel: Packet log: remote DENY eth0 PROTO=6
Dale Long, 2001-06-29 09:58 +0930
On Thu, 28 Jun 2001, Mike Noyes wrote:
Do you still need me to complete the scanning task, or is the web
based scanner enough for each user/leader to do?
Yes. I think they will provide a good reference for users to compare
there setup with. Also, scans
Jonathan Rawson, 2001-06-26 23:27 -0400
I checked this site, questionable results. It successfully determined
I have port 80 open. Didn't report any ports as being open that
really aren't, but it missed ssh, whois, and smtp. So, out of four
ports I know are open, it missed three, and only hit
with shieldsup and dslreports.
Jonathan Rawson
-Original Message-
From: Michael Leone [EMAIL PROTECTED]
To: [EMAIL PROTECTED] [EMAIL PROTECTED]
Date: Tuesday, June 26, 2001 10:54 PM
Subject: Re: [Leaf-user] Firewall testing
On 09 Jun 2001 08:55:01 -0400, Sean E. Covel wrote:
To all
Chambers
Sent: Tuesday, June 26, 2001 11:35 PM
To: [EMAIL PROTECTED]
Subject: Re: [Leaf-user] Firewall testing
I have also tried this site, and the same for me open ports 135, 137, 138,
139 and visable ports 1080, 3128. I am also running Eigerstien2beta.
When I test my system with Steve Gibson's site
: Tuesday, June 26, 2001 11:35 PM
To: [EMAIL PROTECTED]
Subject: Re: [Leaf-user] Firewall testing
I have also tried this site, and the same for me open ports 135, 137, 138,
139 and visable ports 1080, 3128. I am also running Eigerstien2beta.
When I test my system with Steve Gibson's site grc.com
, June 26, 2001 11:35 PM
To: [EMAIL PROTECTED]
Subject: Re: [Leaf-user] Firewall testing
I have also tried this site, and the same for me open ports 135, 137, 138,
139 and visable ports 1080, 3128. I am also running Eigerstien2beta.
When I test my system with Steve Gibson's site grc.com
Hmmm
I guess I'll have to try some of these.
Thanks,
Glenn
[EMAIL PROTECTED] wrote:
On Tue, 26 Jun 2001, Glenn A. Thompson wrote:
Hey,
I'm a newbie also. I have a question. Doesn't using these testing sites say;
hey, here I am come and get me?
I mean are they really to be trusted?
68 matches
Mail list logo