Shorewall version 4.4.7
I have managed to configure Shorewall successfully for traffic shaping on
the upload and that all seems to be working ok.
Today I'm trying to control downloading as well, rather than using Squids
delay pools. I followed the on-line documentation but when I try to start
Thanks Tom, no hurry .
-Original Message-
From: Tom Eastep [mailto:teas...@shorewall.net]
Sent: Tuesday, February 16, 2010 18:19
To: Shorewall Users
Subject: Re: [Shorewall-users] Adding download control for internal
interface - qdisk errors out
Nigel Aves wrote:
Please find
On Tue, 16 Feb 2010 22:52:45 -0800, Tom Eastep teas...@shorewall.net
wrote:
Nigel Aves wrote:
Thanks Tom, no hurry .
I've been able to reproduce the problem here.
-Tom
Sounds like we found a bug.
Thanks for your very prompt action on this - Nigel.
--
From the desk of Nigel
http
wrote:
Nigel Aves wrote:
Thanks Tom, no hurry .
I've been able to reproduce the problem here.
Here's a patch:
patch /usr/share/shorewall/Shorewall/Tc.pm sfqclassnum.diff
Please let me know if it works for you.
-Tom
--
Tom Eastep\ When I die, I want to go like my Grandfather
I agree with Trent.
Shorewall is a mature, well craft product that pretty well (if not does)
supports everything that a user would want a firewall to do.
I'm just not the person to do this (not being a programmer) but if there was
thing I would like to see enhanced and that's the plugin module
I am no expert on this but your tcrules file is missing.
You need to define those rules so shorewall knows what traffic to mark
On 8/23/2010 11:16, Jonh Jonh wrote:
Traffic Shaping
I try to limit bandwidth, but doesn't work. Don't limit bandwidth
correctly . I'm using openwrt, shorewall
Quick question on interface names.
I'm building a Centos 7 server and the interface names are no longer
eth* but (on this machine) are:-
enp2s0 - Outside world
enp8s0 - Internal network
enp7s0 - Internal network
I've tried checking the documentation but can not find a definitive answer.
TION=="add", DRIVERS=="?*", ATTR{dev_id}=="0x0",
ATTR{address}=="00:0e:b7:34:10:3a", ATTR{type}=="1", KERNEL=="enp*",
NAME="eth2"
You can get creative with the naming. For mine, I use 'wan0', 'lan0',
'wifi0', etc.
Hope this help
r not, but thought I should pass
it along.
Nigel Aves.
--
from the desk of Nigel
http://soft-focus-imagining.com
http://twin-peaks-video.com
<>--
Check out the vibrant tech community on one of the world'
Is there a way of "knowing" that ipsets are working correctly?
I've looked through the dump file and that does not seem to contain the
information I need. The reason I ask, is that I have changed fail2ban to
use ipsets to pass the information across to shorewall. The reason I
have done this
://www.shorewall.org/shorewall_logging.html
It has an example of using a more meaningful tag (IPv6 tunneling).
Bill
On 2/22/2017 7:56 PM, Nigel Aves wrote:
I recently implemented "blacklist if connection attempt on unused port" from
Tom's help and one of the rules was the following:-
ADD(S
Thank you Vieri, I'll give it a go.
On 2/23/2017 9:04 AM, Vieri Di Paola wrote:
- Original Message -
From: Nigel Aves <ni...@twin-peaks-video.com>
Thanks for reply. I'm very uncertain what it should be changed too. Thom
E. published the setting in an email to help out on a p
no IT specialist, just home hobbyist)
explanation as to what I have done wrong or missed, and seemed to have
hit a brick wall.
If someone could point me in right direction I would be very gratefully.
Kind Regards, Nigel Aves.
In case it helps, here is my rules file.
DHCPfwd/ACCEPTlocfw
Tom,
Just tested your fix. Everything seems to be working perfectly from the
outside and the inside.
Many Thanks,
Nigel.
On 1/18/2017 10:12 AM, Tom Eastep wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 01/18/2017 07:01 AM, Nigel Aves wrote:
I've become a little stuck
l hold off for the moment, though
I did find all the required RPMs.
Kind Regards - Nigel.
On 12/1/2016 12:49 AM, Vieri Di Paola wrote:
- Original Message -----
From: Nigel Aves <ni...@twin-peaks-video.com>
But following this post, when I try and change "DYNAMIC_BLACKLIST" it alway
I was trying to implement this "ipset" solution and I keep hitting a brick
wall. I'm no expert on this, so I was hoping for some guidance.
I have searched and searched trying to find the solution but to no avail.
In the Shorewall dump I have the following (which from some documentation seems
Pete,
Do you have a AT or Bellsouth email address? If you do, or know
someone who does, check out the email header.
I've found in the past that it is a good source for debugging.
Nigel.
email address? If you do look at the header information.
On 1/5/2017 8:29 AM, pgeenhuizen wrote:
I'm
Well, I thought I had this working, but no. So confused ( :) ) ..
Start Fail2Ban and do a list of ipsets
[root@apache-web-server ~]# ipset list
Name: SW_DBL4
Type: hash:net
Revision: 6
Header: family inet hashsize 1024 maxelem 65536 timeout 3600 counters
Size in memory: 384
References: 0
ngs to push directly into
iptables?
3/ Anything I might have missed ( )?
Kind Regards - Nigel Aves.
___
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
ny Thanks, Stay Safe, Nigel.
On Sun, Nov 15, 2020 at 12:36 PM Nigel Aves wrote:
> Shorewall version 5.2.3.4
> Ubuntu Server 20.04.1
> Apache web server with mod_security
>
> I've run into an issue that no matter what I have tried, no success. This
> started a few days ago, my
Shorewall version 5.2.3.4
Ubuntu Server 20.04.1
Apache web server with mod_security
I've run into an issue that no matter what I have tried, no success. This
started a few days ago, my internal network keeps getting "cut off" from
Google. Can not search, open google.com, google messenger
I've run into a strange issue, and it's only been happening over the last
couple of months.
But every now and then we lose the connection to Facebook (and very very
occasionally to Google) and no one can connect. But if I clear the IPSETS
then Facebook will start working again.
Has anyone else
___
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
--
*Be Safe Out There.*
*Nigel Aves*
p.s. We have many fine video podcasts on YouTube. These are al
All I'm doing is saying how it works on my server.
On Wed, Feb 14, 2024 at 7:05 AM Tuomo Soini wrote:
> On Wed, 14 Feb 2024 06:35:02 -0700
> Nigel Aves wrote:
>
> > I had a similar issue with Debian 12 ,,, Discovered this works in the
> > snat file:
> >
>
24 matches
Mail list logo