Shorewall rule communication between zones
location: ubuntuforums.com - date: July 31, 2013
I've currently set up my shorewall firewall on my router.
eth0 -> connected to the inet
eth1-> 192.168.1.0/24 (vlan1 | zone sw)
vlan50 -> 192.168.50.0/24 (@eth1 | vlan50 | zone v50)
inet eth0 detect dhcp
sw eth1 detect dhcp
v50 vlan50 detect dhcp
###vlan1 - switch config lan
###eth0 - internet
###vlan50 - private
inet all DROP debug
sw all DROP debug
v50 all DROP debug
v60 all DROP debug
all all REJECT debug
Shorewall nested zones
location: linuxquestions.com - date: June 30, 2004
Ok, I've managed to screw up on the shorewall config. I'm on another system so I can type this, so let's see if I can accurately get across what my configuration looks like right now.
I'm setting up a pretty basic network. I have a cable modem connected to a wireless router talking to a wireless bridge. The bridge is connected to a switch on which reside all my computers at the moment. The three permanant ones are WinXP, Win98SE, and MDK 9.2.
I'd like to set up the mandrake box as a web server, but also have it trust my local machines (so ... set them up as a specific zone and allow broader access to that zone). I'm not using the linux box as a firewall for the network, but more as a client/server /on/ the network, so I've only got one ethernet card installed.
I set up the interfaces file something like this:
Ubuntu 12.04 Shorewall + OpenVpn limited communication
location: linuxquestions.com - date: June 17, 2013
I have some issues with one of my servers (let's call it ServerA). It runs Ubuntu 12.04 with:
- Shorewall (184.108.40.206)
- OpenVPN (2.2.1 x86_64-linux-gnu)
- Squid (3.1.19)
ServerA connects to the internet router by eth0. It connects via eth1 to the internal network. Openvpn is offered via tap0. The interface br0 bridges the interfaces eth1 and tap0.
I can connect from outside (with ClientA) via OpenVPN to the server. I get an IP address from OpenVPN, can ping ServerA (and vice versa) and connect through the proxy to the internet.
BUT: I can not reach any client or server connected to ServerA via eth1.
I spent a lot of time to investigate the issue. I found that my ping from ClientA to ClientB reaches ClientB, but the response packet seems to be dropped by ServerA.
A ping from ClientB to ClientA is also dropped by ServerA.
How can I figure out why ServerA drops the packages from internal LAN (ClientB) to ClientA?
Here are some of my config files. Please let
shorewall firewall rules config
location: linuxquestions.com - date: June 6, 2010
does anyone experienced with this sort of thing see anything wrong with this?
the entries commented out, i have plans for in the future, but not now.
Shorewall not allowing other ports te open as 22
location: ubuntuforums.com - date: August 9, 2012
I have Ubuntu 11.04 desktop as server at home for filesharing and incoming internet. I've installed:
- ISC DHCPd version 4.1.1 (working)
- BIND version 9.7.3
- Shorewall version 4.4.17
My server has 2 connections, ppp0 ( 3g modem, dynamic IP ) and eth0 ( local network ). My server is running on 10.42.43.1 internal.
I've used this guide to install shorewall:
http://ubuntuforums.org/showthread.php?t=926001 and the help from the shorewall setup guide.
Shorewall works and i can acces what i want on my local network and have internet to my computers. I have a portforward stated in the rules section and this works to. I want to open ports 5555 ( webmin ) and 8000 ( VLC mms streaming server ) to the internet. This is the configuration i have:
# Shorewall version 4.0 - Sample Interfaces File for two-interface configuration.
# Copyright (C) 2006 by the Shorewall Team
# This library is free software; you can redistribute it and/or
# modify it under the t
Solaris 10 with zones, outbound Internet traffic blocked. HElP!
location: linuxquestions.com - date: April 3, 2011
I have a T 2000 box with solaris 10 installed. Three zones were also defined in shared-IP mode.
The box is connected to CISCO 3750G, and the router is a CISCO ASA5510.
This box is inherited from a contract vender change, I have no records on previous admin activities.
The problem: I could not get to the Internet. LAN works fine, I am able to ssh to the box from my PC. The default router has been set from global console.
I can access the Internet from my PC.
So what might block the outbound traffic? Thanks
how to setup shorewall 4 to only allow ports 80 and 22
location: ubuntuforums.com - date: February 21, 2011
I am in the process of setting up my first web server and I was told to use shorewall for the firewall. I got it installed and copied the rules file over but now I cannot figure out how to deny all access except from ports 80 and 22. Do i add it under SECTION ESTABLISHED, SECTION RELATED or SECTION NEW.
I was told to add
HTTP/ACCEPT net $FW
SSH/ACCEPT net $FW
above #LAST LINE however i have a newer version. I feel like im taking crazy pills... any help would be appreciated.
World Time/Zones API
location: ubuntuforums.com - date: June 9, 2011
I'm looking at a way to get the current Time in a number of places.
Is there some API made available to the Linux community?
Basically, I would call that API 4 times a day.
Comfort zones: Windows vs. Linux
location: ubuntuforums.com - date: July 13, 2009
Did not see any subject heading like this so far. For those who might care.
Solaris Zones, Linux Chroot
location: linuxquestions.com - date: September 30, 2012
How does Linux chroots compare to Solaris zones?
I've been told zones are better, but I haven't played with them yet. Does better mean that somethings can escape out of the chrooted environment?
What advantages does each one offer over the other?
I imagine the chroot command is already available to Solaris, so there must have been a reason why chroot was created.
Page: 1 2 3 4 5 6 7 8 9 10