Hi,
I have the same task to do as Mr Jim Duda in his original posting at
Jan 20, 2007. Jim, would you please post on the mailing list your
final Shorewall configs for VoIP?
It will save a lot of time for other Shorewall users, who have such a
task in rare occasions.
Thanks in advance.
Hi,
I have this setup of shorewall with 2 ISPs, and need to auto-switch connection
if main (LTC1) provider fails, and the revert back if it becomes alive.
*** shorewall.conf ***
USE_DEFAULT_RT=Yes
*** providers ***
LTC1 1 0x1 - eth0 gw1.xx.xx.xx track,balance=1 -
BTC2 2 0x2
> On 20 Jul 2017, at 12:04, Simon Hobson <li...@thehobsons.co.uk> wrote:
>
> andreil1 <andre...@starlett.lv> wrote:
>
>> I have this setup of shorewall with 2 ISPs, and need to auto-switch
>> connection if main (LTC1) provider fails, and the
> On 20 Jul 2017, at 13:33, Simon Hobson <li...@thehobsons.co.uk> wrote:
>
> andreil1 <andre...@starlett.lv> wrote:
>
>> shorewall disable LTC1 <— Doesn’t work
>>
>> ERROR: LTC1 is not an optional provider interface: Firewall state not change
> On 20 Jul 2017, at 18:15, Tom Eastep <teas...@shorewall.net> wrote:
>
> On 07/20/2017 03:59 AM, andreil1 wrote:
>>
>>
>>> On 20 Jul 2017, at 13:33, Simon Hobson <li...@thehobsons.co.uk> wrote:
>>>
>>> andreil1 <andre...@starle
Hi,
I have 2 links and this config:
LTC11 0x1 - eth0gw1.xx.xx.xx
track,balance=1 -
BTC22 0x2 - eth1gw2.yy.yy.yytrack
-
net eth0tcpflags,nosmurfs,rpfilter,sourceroute=0
net eth1
gt; wrote:
>
> On vendredi, 15 septembre 2017 12.32:37 h CEST andreil1 wrote:
>> Hi,
>>
>> I’ve got really strange problem, which seem to be appeared after update from
>> shorewall 4.6.13.4 to 5.1.4.3 on OpenSUSE 42.2 (shorewall update was run
>> after upgrad
Hi,
I’ve got really strange problem, which seem to be appeared after update from
shorewall 4.6.13.4 to 5.1.4.3 on OpenSUSE 42.2 (shorewall update was run after
upgrade).
I have not used this DNAT for a while, so can’t tell for sure when it stopped.
DNAT currently working
ACCEPT net dmz tcp xx
gt; DNAT rule will never be triggered, though you say it is?
It works for DMZ, it doesn’t work for loc
>
> - Bob
>
> On 9/15/2017 6:32 AM, andreil1 wrote:
>> DNAT currently working
>> ACCEPT net
Hi,
I’m planning to deploy Suricata with Shorewall, so far have not found any
copy-paste receipt.
Here is an article describing how to use Suricata with another firewall
front-end - vormuur.
https://www.howtoforge.com/how-to-set-up-an-ips-intrusion-prevention-system-on-fedora-17
rule in
Hi !
I have 2-ISP setup, and after one of the upgrade cycles (probably to Shorewall
5.1.8 on OpenSuSE Leap) my 2-ISP setup no longer works as expected.
Unfortunately, I can't say for sure when this stuff becomes broken.
After run shorewall disable LTC1 (cut off provider #1), its possible to
Hi,
What happened with "detect" option in “interfaces” in 5.x ?
Seems its not present here anymore.
/etc/shorewall/interfaces:
#ZONEINTERFACEBROADCAST OPTIONS
net eth0 detect …
net eth1 detect …
12 matches
Mail list logo