Maybe you should try giving away more info first ?
OS, shorewall version etc.
I have used shorewall in very complex setups ( 2 or more providers with
loadbalancing, failover + 5 or more internal network + up to 10 OpenVPN tunnels
+ bridged KVM's on both internal, external interfaces AND their own virtual
network ) and i have had no trouble in making things just work.
----- "felis nigripes" <[email protected]> wrote:
Thanks Tom, Roberto,
apparently i'm way too stupid to get a simple cookbook config to run in a
reasonable time.
I spend a lot of time looking for ways to get the config's notation right -
commented examples in the config files would probably help me better than a lot
of documentation and might be a nice idea for noobs like me -
f.i. in shorewall.conf:
# lograte example: 15/minute, if you use this option also fill in the logburst
number
LOGRATE=
Anyway, thank you for the software, pity i can't get it to do what i need it to
do
cheers
2010/3/19 felis nigripes < [email protected] >
Hi Roberto,
thank you for your speedy reply!
'k will follow your advice, but still wonder about what i'm doing wrong.
I have a server in a local network, with a gateway. The local network needs
more access, f.i. ssh, the Net only web. Simple i agree, i bet it's easy in
shorewall too, just have to find out how :)
kind regards
2010/3/19 Roberto C. Sánchez < [email protected] >
On Fri, Mar 19, 2010 at 08:25:58PM +0100, felis nigripes wrote:
>
> SSH/ACCEPT loc $FW
> > with 'loc' in hosts specified as [1] 192.168.0.150/32
>
> If i specify a debug loglevel i see no change. How can i debug shorewall?
> What am i missing?
> shorewall-hosts(5) says this:
"This file is used to define zones in terms of subnets and/or individual
IP addresses. Most simple setups don´t need to (should not) place
anything in this file."
I am guessing that your setup is simple, so you should remove that entry
from the hosts file, restart Shorewall and try again.
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkuj0bIACgkQ5SXWIKfIlGQzpQCdFXR7zt5JYLaBk3YAjyEHK+Ue
nR8AnRnjbk53u9VOOv72Na91I2IxhmUm
=fJNT
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
--
Nikolai K. Bochev
System Administrator
Website : GrandstarCO | http://www.grandstarco.com
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
