The default gateway is 192.168.10.1
iPv4 routing is already enabled and working.
With vpnc I've built up an VPN connection and can access my home network (192.168.0.0/24) about the tun0 interface.
I want to leave the default gateway from 192.168.10.0/24 unchanged, but I want access the whole internet traffic vom 192.168.11.0/24 trough the VPN connection.
Unfortunately I don't get ideas in my head how I could solve this problem.
Thanks for your help and Merry Christmas
regards
Last edited by jim mcnamara; 12-24-2015 at 12:17 AM..
Hi All:
I need a script that can be timed to run every half hour to an hour to run a traceroute through a VPN to test that a connection is still up from a Win XP system. Which would be the best, C++ or Perl and what are some good resources to look at.
(If anyone has a script to do this... (1 Reply)
I'm having fedora core4.I have a ADSL modem and can access through Windows.I tried setting up internet connection in linux using setup command and netconfig,but doesn't work. can anybody help me with the steps in detail.also can i use the same ip address as in windows? (7 Replies)
Hello,
I have question about VPN connection thats,
I have two networks
1-Office Network
2-Home Network
both are connected to internet
i have in Office network PPTP VPN Server with real or static ip and on the home network all clients working with local ip
Now ,
I need to connect to... (3 Replies)
I got solaris 10 works, but I cannot set up my internet connection. When I ping a website and i open the web browser, it doesn't work.
When the installation asked 'Am I in a network?' i answerd 'no'. I think this is my minstake. How can i get Internet, now?
I have a ADSL modem (not router).... (5 Replies)
I would like to know if anyone has a way to PRINT TO a printer attached to a Windows 7 PC, from SCO, while logged in via a VPN connection.
I am able to attach to a Samba share on the SCO server for files while attached to the VPN, so I know my Samba is workling - but my print jobs return:
... (2 Replies)
I have a Cisco 1841 router configured as Easy VPN Server. Here is the configuration of the router:
Cisco# Cisco#show running-config Building configuration... Current configura - Pastebin.com
I have a Centos 5.7 server with installed Cisco VPN client for Linux. The client successfully... (0 Replies)
Dear all,
Hope you are all fine & enjoying your good health.
Look at this equation
1+1+1=3
So simple I just want to say that I have three internet connections of 1mb, 1mb & 1mb but I can use only 1mb connection at a time & other two connections are useless for me. But now I want to make all... (0 Replies)
Hello all,
Recently took a dive into Unix using Fedora 12 atm. I have cable modem with DHCP and a linksys 8 port router. With windows I was able to simple use the uplink port and plug each computer into the switch and use the internet connection. Having no luck doing the same in Unix. I have... (0 Replies)
On this forum was already posted similar question, but it was 4 years ago and didn't give me answers.
I have two groups of engineers that works in far locations connected via VPN. Physically, the connection is a DSL. Currently we have a linux server in one location that provide files over... (4 Replies)
Hey everyone. I have a problem, but it may be my lack of understanding that is the cause. Ok so I attend a technical school, and needless to say there's a lot of wannabe hackers, pranksters and what not.
So from my laptop I'd like to connect to the wireless AP's around campus, but security is a... (1 Reply)
Discussion started by: Lost in Cyberia
1 Replies
LEARN ABOUT DEBIAN
shorewall-exclusion
SHOREWALL-EXCLUSION(5) [FIXME: manual] SHOREWALL-EXCLUSION(5)NAME
exclusion - Exclude a set of hosts from a definition in a shorewall configuration file.
SYNOPSIS
!address-or-range[,address-or-range]...
!zone-name[,zone-name]...
DESCRIPTION
The first form of exclusion is used when you wish to exclude one or more addresses from a definition. An exclaimation point is followed by
a comma-separated list of addresses. The addresses may be single host addresses (e.g., 192.168.1.4) or they may be network addresses in
CIDR format (e.g., 192.168.1.0/24). If your kernel and iptables include iprange support, you may also specify ranges of ip addresses of the
form lowaddress-highaddress
No embedded whitespace is allowed.
Exclusion can appear after a list of addresses and/or address ranges. In that case, the final list of address is formed by taking the first
list and then removing the addresses defined in the exclusion.
Beginning in Shorewall 4.4.13, the second form of exclusion is allowed after all and any in the SOURCE and DEST columns of
/etc/shorewall/rules. It allows you to omit arbitrary zones from the list generated by those key words.
Warning
If you omit a sub-zone and there is an explicit or explicit CONTINUE policy, a connection to/from that zone can still be matched by the
rule generated for a parent zone.
For example:
/etc/shorewall/zones:
#ZONE TYPE
z1 ip
z2:z1 ip
...
/etc/shorewall/policy:
#SOURCE DEST POLICY
z1 net CONTINUE
z2 net REJECT
/etc/shorewall/rules:
#ACTION SOURCE DEST PROTO DEST
# PORT(S)
ACCEPT all!z2 net tcp 22
In this case, SSH connections from z2 to net will be accepted by the generated z1 to net ACCEPT rule.
In most contexts, ipset names can be used as an address-or-range. Beginning with Shorewall 4.4.14, ipset lists enclosed in +[...] may also
be included (see shorewall-ipsets[1] (5)). The semantics of these lists when used in an exclusion are as follows:
o !+[set1,set2,...setN] produces a packet match if the packet does not match at least one of the sets. In other words, it is like NOT
match set1 OR NOT match set2 ... OR NOT match setN.
o +[!set1,!set2,...!setN] produces a packet match if the packet does not match any of the sets. In other words, it is like NOT match set1
AND NOT match set2 ... AND NOT match setN.
EXAMPLES
Example 1 - All IPv4 addresses except 192.168.3.4
!192.168.3.4
Example 2 - All IPv4 addresses except the network 192.168.1.0/24 and the host 10.2.3.4
!192.168.1.0/24,10.1.3.4
Example 3 - All IPv4 addresses except the range 192.168.1.3-192.168.1.12 and the network 10.0.0.0/8
!192.168.1.3-192.168.1.12,10.0.0.0/8
Example 4 - The network 192.168.1.0/24 except hosts 192.168.1.3 and 192.168.1.9
192.168.1.0/24!192.168.1.3,192.168.1.9
Example 5 - All parent zones except loc
any!loc
FILES
/etc/shorewall/hosts
/etc/shorewall/masq
/etc/shorewall/rules
/etc/shorewall/tcrules
SEE ALSO shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5),
shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5),
shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-routestopped(5), shorewall-rules(5),
shorewall.conf(5), shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5),
shorewall-tunnels(5), shorewall-zones(5)NOTES
1. shorewall-ipsets
http://www.shorewall.net/manpages/shorewall-ipsets.html
[FIXME: source] 06/28/2012 SHOREWALL-EXCLUSION(5)