> > > > ADSLProvider in /var/lib/naat/configuration is cuted of after the 24
> > > > char... BTW... i don't configure the ADSL-Section in the webiface new
> > > > to see if it happens again... inet is working... i only notice this
> > > > having a look at the configuration-file
> > >
> > > what variable are you talking about ?
> > >
> > > ADSLProviders=
> > > ADSLProviderDomain=
> > > ADSLProviderDNS1=
> > > ADSLProviderDNS2=
> >
> > upps...sorry... it was ADSLLogin (which is included in ADSLProviders)....
> > and i think that is no matter of the char-length...
> > i have to put a suffix behind my user:
> > '[EMAIL PROTECTED]'....
> > seems it cuts of all with/behind '#'....
> > in mnf8.2 this wasn't, i think... correct me if i wrong...
>
> Well, there are some issues indeed with some special characters. Indeed
> the frontend will convert these characters. This was also present in mnf
> 8.2. I'll have a closer look and come back to you :o)
no strezz... i think your to-do list is filled-up with other fishs to fry :-)
>
> > this is not realy bad, dsl-configuration is done once and works...
> > it's only nice2have for backups...
>
> can you develop more this please because I'm not sure I have understood
> what you're saying :o)
I mean, after n fresh install of mnf i used the hand-backuped
configuration-file to read all my needed settings for the new one...
and that this is known, i don't have to wonder at this point the next time i
use the configuration file for a fresh up-setting an mnf :-)
> > > and what did you change exactly, by hand, in your file ?
> >
> > nothing...not that i remember :)
> >
> > > > i have to modprobe ip_conntrack_ftp and ip_nat_ftp manual to get ftp
> > > > working.... a look into
> > > > /usr/share/naat/templates/etc/shorewall/modules shows this modules
> > > > (tftp & irc not loaded 2, not to bad... they arent needed at this
> > > > time)... is this intended? or is there a screw2turn?
>
> hum ... this seems to work here ... I'll check again.
>
> > > > javascript-checking in the host-section (ip-adress) is blocking my
> > > > input (192.168.10.0/24)... BTW at my first setup (with older
> > > > shorewall packages) after configure the hosts... shorewall breaks...
> > > > it only runs by if the hosts section was empty... now, after n update
> > > > with the new shorewall packages (florin's community) i get in trouble
> > > > with the jscript...
> > >
> > > Well, this is network address, not an IP/Netmask one so I should
> > > improve the javascript test or remove the test from those tags where
> > > both ips and network addresses are allowed. But, one question though,
> > > you can continue even if you get this invalid IP address error, can you
> > > ?
> >
> > your right... i can.. gived up to soon....
> > but the shorewall dont runs by, after configure the hosts...
> >
> > ----------------------------------
> > [EMAIL PROTECTED] admin]# service shorewall check
> > Loading /usr/share/shorewall/functions...
> > Processing /etc/shorewall/params ...
> > Processing /etc/shorewall/shorewall.conf...
> > Loading Modules...
> >
> > Notice: The 'check' command is unsupported and problem
> > reports complaining about errors that it didn't catch
> > will not be accepted
> >
> > Shorewall has detected the following iptables/netfilter capabilities:
> > NAT: Available
> > Packet Mangling: Available
> > Multi-port Match: Available
> > Connection Tracking Match: Available
> > Verifying Configuration...
> > Determining Zones...
> > Zones: lan wan
> > Validating interfaces file...
> > Validating hosts file...
> > Determining Hosts in Zones...
> > Error: Invalid zone definition for zone lan
> > /sbin/service: line 148: 14483 Terminated $debug
> > $servicedir/ $service $options
> > ----------------------------------
> > here are my files:
> >
> > ----------------------------------
> > [EMAIL PROTECTED] admin]# cat /etc/shorewall/zones
> > #
> > ~ snip ~
> > # Shorewall /etc/shorewall/zones
> >
> >
> > #zone display comments
> > lan LAN local_area_network
> > wan NET internet
> > #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
> > [EMAIL PROTECTED] admin]# cat /etc/shorewall/hosts
> > #
> > ~ snip ~
> > # Shorewall /etc/shorewall/hosts
> >
> >
> > #zone host options
> > lan eth1:192.168.10.0/24
> > wan ppp+:0.0.0.0/0
> > #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
> > ----------------------------------
> >
> > after deleting all the hosts i can run service shorewall start:
> > ----------------------------------
> > ~ snip ~
> > Determining Zones...
> > Zones: lan wan
> > Validating interfaces file...
> > Validating hosts file...
> > Determining Hosts in Zones...
> > LAN Zone: eth1:0.0.0.0/0
> > NET Zone: ppp+:0.0.0.0/0
> > Validating policy file...
> > ~ snip ~
> > ----------------------------------
>
> I'm not sure why you're using these definitions in hosts. A global picture
> of your shorewall configuration would help:::
>
> what is the result of this one-line command ?
>
> grep -v ^$
> /etc/shorewall/{zones,interfaces,masq,hosts,routestopped,policy,rules}
>
> |grep -v :#
[EMAIL PROTECTED] root]# grep -v ^$ /etc/shorewall/
{zones,interfaces,masq,policy,rules,modules} |grep -v :#
/etc/shorewall/zones:lan LAN local_area_network
/etc/shorewall/zones:wan NET internet
/etc/shorewall/interfaces:lan eth1 detect
/etc/shorewall/interfaces:wan ppp+ -
/etc/shorewall/masq:ppp+:0.0.0.0/0 192.168.10.0/24
/etc/shorewall/policy:lan all REJECT info
/etc/shorewall/policy:fw all REJECT info
/etc/shorewall/policy:wan all DROP info
/etc/shorewall/policy:all all REJECT info
/etc/shorewall/rules:ACCEPT fw wan tcp 53 -
/etc/shorewall/rules:ACCEPT fw wan udp 53 -
/etc/shorewall/rules:ACCEPT lan wan udp 53 -
/etc/shorewall/rules:REJECT wan fw tcp 113 -
/etc/shorewall/rules:ACCEPT lan fw tcp 22 -
/etc/shorewall/rules:ACCEPT lan fw tcp 8443 -
/etc/shorewall/rules:ACCEPT fw lan icmp 8 -
/etc/shorewall/rules:ACCEPT lan fw icmp 8 -
/etc/shorewall/rules:ACCEPT lan wan tcp pop3 -
/etc/shorewall/rules:ACCEPT lan wan tcp smtp -
/etc/shorewall/rules:ACCEPT lan wan tcp http -
/etc/shorewall/rules:ACCEPT lan wan tcp https -
/etc/shorewall/rules:ACCEPT lan wan tcp ssh -
/etc/shorewall/rules:ACCEPT lan wan tcp ftp -
/etc/shorewall/rules:ACCEPT lan wan tcp nntp -
/etc/shorewall/rules:ACCEPT fw wan udp ntp -
/etc/shorewall/rules:ACCEPT lan wan tcp imap -
/etc/shorewall/rules:ACCEPT lan fw udp 53 -
/etc/shorewall/rules:ACCEPT fw lan udp 68 -
/etc/shorewall/rules:ACCEPT lan fw udp 67 -
/etc/shorewall/rules:ACCEPT fw wan:158.36.2.10 tcp ftp -
/etc/shorewall/rules:ACCEPT fw wan:193.99.144.71 icmp 8
-
/etc/shorewall/rules:ACCEPT fw wan:69.57.154.51 udp 49153
-
/etc/shorewall/rules:ACCEPT lan wan tcp 8080 -
/etc/shorewall/rules:ACCEPT lan wan tcp 1723 -
/etc/shorewall/rules:ACCEPT lan wan udp 500 -
/etc/shorewall/rules:ACCEPT lan wan gre - -
/etc/shorewall/rules:ACCEPT fw wan:66.35.250.207 tcp 2401
-
/etc/shorewall/rules:REDIRECT lan 3328 tcp www - all
/etc/shorewall/rules:ACCEPT fw wan tcp www -
/etc/shorewall/modules: loadmodule ip_tables
/etc/shorewall/modules: loadmodule iptable_filter
/etc/shorewall/modules: loadmodule ip_conntrack
/etc/shorewall/modules: loadmodule ip_conntrack_ftp
/etc/shorewall/modules: loadmodule ip_conntrack_tftp
/etc/shorewall/modules: loadmodule ip_conntrack_irc
/etc/shorewall/modules: loadmodule iptable_nat
/etc/shorewall/modules: loadmodule ip_nat_ftp
/etc/shorewall/modules: loadmodule ip_nat_tftp
/etc/shorewall/modules: loadmodule ip_nat_irc
[EMAIL PROTECTED] root]# rpm -qa | grep shorewall
shorewall-2.0.2d-1mdk
> > BTW routestop function takes not care of any hosts.. if i fire shorewall
> > stop (connected from Lan/SSH) im not realy disconnected from the box....
>
> if you do shorewall stop ... the extisting connections are maintained :o)
>
aha... is this new in shorewall2 or kernel 2.6?
if i correct remind, for my first steps with shorewall at that time on mnf8.2
i get this uuuh-experience, get kicked-off from ssh after "service shorewall
stop" and be informed about routedstopped :-))
> > > > are here any knowlege about madwifi?
> > > > with the 2.6.3 kernel i cant compile the driver...
> > > > now with the 2.6.7 compiling (actual cvs-snapshot) seems to run by,
> > > > but with insmod the wlan.ko i get an "invalid module format" error...
> > > > perhaps someone has ready2use packages?
> > > > its not easy to find anything about madwifi playing with mandrake...
> > >
> > > I'm talking right now with the kernel maintainer and he says that,
> > > indeed, the mad wifi driver doesn't work too well ... and that is not
> > > only a mandrake issue :o) I didn't look at that so I take his word for
> > > it ..
> >
> > hmm... ok... i have a atheros card for windows to sell :-))
>
> keep as this might change soon :o)
>
fine...
> > > > now, at last... florin, are there devel packages for the new naat...
> > > > im playing with a thought of porting the webiface language to german
> > > > and give my little part to a great product (if there is a need
> > > > of!??)... perhabs some other guys playing with the same thought, and
> > > > share with me??
> > >
> > > well, MNF is maintained using CVS. It's quite easy to work with :o)
> > > there is is this firewall2 module which contains, mainly, some
> > > directories:
> > > frontend (the web interface code), backend (the backend engine), mnf
> > > (the mnf-en cirtual rpm package), monitoring (the naat-monitoring
> > > package), and httpd-naat (the httpd-naat and httpd2-naat packages).
> > >
> > > Now, one can simply compile the packages using the 'make rpm' command.
> > > Concerning the translations in general: most of MNF is already
> > > translated into German, French, Portuguese, Italian and Spanish if I'm
> > > not mistaking.
> > >
> > > For practical reasons, I have commented out the differents sections in
> > > the Makefile so I won't build all the languages packages every day. I
> > > have noticed after some time that the translations compile is broken.
> > > It is based on xml files, as the whole frontend description of the
> > > pages.
> > >
> > > I will have to come back and fix that during the next week or two but
> > > if you can have a look and fix that, it would be great.
> > >
> > > You can also contributed to the translations (see how they are done in
> > > the cvs) and eventually contact [EMAIL PROTECTED] (translation
> > > coordinator) or/and [EMAIL PROTECTED] (documentation
> > > coordinator) or simply translate the pages and let me know ... I'll
> > > commit that and fix the translations compile if don't do it.
> > >
> > > I hope I was clear enough,
> >
> > yes,ok... thx... perhaps i will check out from cvs and look at it...
> >
greatz FrankB
____________________________________________________
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________
