hello all i have now my shapping control running ( i hope , because shorewall start without any boot error message). I appreciate Any help to find whats wrong in my setting. Thanks
i just discovered the weblet interface. The firewall status are in Error ( just 5min after rebooting): firewall Firewall Status: error You have 518 denied or rejected packets in your recent packet logs. ::Hits sorted by porttype:: hits port Service 134 80 www 119 137 netbios-ns 110 138 netbios-dgm 28 1214 27 1428 20 1900 18 28431 7 5499 7 27024 7 27023 ########################## After 1 hour : i have that firewall Firewall Status: error You have 2637 denied or rejected packets in your recent packet logs. ::Hits sorted by porttype:: hits port Service 422 137 netbios-ns 335 138 netbios-dgm 295 80 www 127 27015 118 27024 118 27023 118 27022 118 27021 118 27020 118 27019 118 27018 118 27017 118 27016 There are some of my Shorewall setting. ALL THE REST ARE DEFAULT ############################################################################## Shorewall.conf ADD_IP_ALIASES=Yes (because i am usint SNAT) MANGLE_ENABLED=Yes TC_ENABLED=Yes CLEAR_TC=No MARK_IN_FORWARD_CHAIN=Yes ############################################################################## TCRULES: #MARK SOURCE DEST PROTO PORT(S) CLIENT PORT(S) 1 eth1 0.0.0.0 all 2 fw 0.0.0.0 all 3 fw 0.0.0.0 tcp 80 4 fw 0.0.0.0 tcp 20 4 fw 0.0.0.0 tcp 21 4 fw 0.0.0.0 tcp 1214 - 4 fw 0.0.0.0 tcp 4329 4 fw 0.0.0.0 tcp 4661:4665 4 fw 0.0.0.0 tcp 412 ############################################################################## TOS: #SOURCE DEST PROTOCOL SOURCE PORTS DEST PORTS TOS all all tcp - ssh 16 all all tcp ssh - 16 all all tcp - ftp 4 all all tcp ftp - 4 all all tcp 80 80 16 all all tcp ftp-data - 2 all all tcp - ftp-data 2 all all tcp - 1214 2 all all tcp 1214 - 2 all all tcp 4329 - 2 all all tcp - 4329 2 all all tcp 4661:4665 - 2 all all tcp - 4661:4665 2 all all tcp 412 - 2 all all tcp - 412 2 ############################################################################## RULES: # Playing Games online : Camelot # ACCEPT fw net:193.252.123.0/24 tcp 1280 ACCEPT fw net:193.252.123.0/24 tcp 10500:10504 ACCEPT fw net:193.252.123.0/24 tcp 10622:10624 ############################################################################## TCSTART run_tc qdisc add dev eth0 root handle 1: htb default 30 run_tc class add dev eth0 parent 1: classid 1:1 htb rate 128kbps ceil 128kbps run_tc class add dev eth0 parent 1:1 classid 1:10 htb rate 72kbps ceil 128kbps burst 2k prio 1 run_tc class add dev eth0 parent 1:1 classid 1:11 htb rate 32kbps ceil 128kbps prio 2 run_tc class add dev eth0 parent 1:1 classid 1:12 htb rate 24kbps ceil 128kbps prio 3 run_tc filter add dev eth0 protocol ip parent 1:0 prio 4 handle 2 fw classid 1:10 run_tc filter add dev eth0 protocol ip parent 1:0 prio 5 handle 3 fw classid 1:11 run_tc filter add dev eth0 protocol ip parent 1:0 prio 6 handle 4 fw classid 1:12 ------------------------------------------------------- This SF.net email is sponsored by: eBay Get office equipment for less on eBay! http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
