03-19-2003
Shorewall
I recently started working with Shorewall (
www.shorewall.net). It uses IPTables and IPChains. You may find it useful!
Ciao,
N
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have already compiled the kernel and configured it to run as a firewall. My computer has 2 NICs and is on two seperate networks. I can ping both networks from my computer, but workstations on one network can not ping workstations on the other.
What Scripts or commands do I need to install ? (2 Replies)
Discussion started by: Deuce
2 Replies
2. IP Networking
ON A LINUX NETWORK, HOW DO I ASSIGN IP ADDRESSES TO OTHER TERMINALS AND AFTER THAT HOW I CAN DENY/GRANT ACCESS TO TERMINALS ON A LAN TO MY TERMINAL.PLEASE SPECIFY THE EXACT COMMANDS.kINDLY HELP ME (3 Replies)
Discussion started by: ameya_shaligram
3 Replies
3. Shell Programming and Scripting
could anybody please tell me the best fire wall for linux . (3 Replies)
Discussion started by: Raom
3 Replies
4. UNIX for Advanced & Expert Users
I have set up a linux (red hat 9) box as my main internet router. I am also running a DNS server on it. What are the rules i have to implement to allow DNS queries through the firewall from outside so that the outside world can see my domains? (1 Reply)
Discussion started by: frankkahle
1 Replies
5. Cybersecurity
HI all,
I have setup IPTables firewall/Router and my home network, with address space 192.168.10.XXX
Form my private network hosts, i can ping the gateway ( 192.168.10.101 ) , but the reverse is not happening.
Can someone help me as of what i need to do, so that i can ping my private... (1 Reply)
Discussion started by: chandan_m
1 Replies
6. IP Networking
i have a linux server runnig oracle applications.
i need to access this server from putty using ssh through internet.
i did by registering my static ip with the dnydns.org and i am able to connect to the server.
but now there is no security to authenticate any user as any one knowing the... (6 Replies)
Discussion started by: u.n.i.x
6 Replies
7. UNIX for Advanced & Expert Users
Hi All,
I successfully configured a DEBIAN Lenny bridged firewall
using ebtables.
The bridged interface is br0.
The ethernet interface are eth0 & eth1 respectively.
All the traffic are transparently passing my firewall but i need to find & block temporarily the bandwidth abusers.
Can... (1 Reply)
Discussion started by: coolatt
1 Replies
8. Shell Programming and Scripting
Hi,
I need to know what kind of firewall settings does the linux box have? Is port 25 blocked in any way?
Linux techx 3.10.0-514.10.2.el7.x86_64 #1 SMP Fri Mar 3 00:04:05 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
I'm coming from this thread. (1 Reply)
Discussion started by: mohtashims
1 Replies
9. Linux
I' m playng a little retrocomputing.
I have setup a virtual machine with SCO unix(3.2v4.2) on qemu
The machine start, the novell2000 card(ne2k_pci,ne2k_isa) unfortunately not,probably driver issue.
So I try the slirp with this procedure
On SCO
netconfig
add chain..sl ..etc
On... (2 Replies)
Discussion started by: Linusolaradm1
2 Replies
LEARN ABOUT DEBIAN
shorewall-maclist
SHOREWALL-MACLIST(5) [FIXME: manual] SHOREWALL-MACLIST(5)
NAME
maclist - Shorewall MAC Verification file
SYNOPSIS
/etc/shorewall/maclist
DESCRIPTION
This file is used to define the MAC addresses and optionally their associated IP addresses to be allowed to use the specified interface.
The feature is enabled by using the maclist option in the shorewall-interfaces[1](5) or shorewall-hosts[2](5) configuration file.
The columns in the file are as follows (where the column name is followed by a different name in parentheses, the different name is used in
the alternate specification syntax).
DISPOSITION - {ACCEPT|DROP|REJECT}[:log-level]
ACCEPT or DROP (if MACLIST_TABLE=filter in shorewall.conf[3](5), then REJECT is also allowed). If specified, the log-level causes
packets matching the rule to be logged at that level.
INTERFACE - interface
Network interface to a host.
MAC - address
MAC address of the host -- you do not need to use the Shorewall format for MAC addresses here. If IP ADDRESSESES is supplied then MAC
can be supplied as a dash (-)
IP ADDRESSES (addresses) - [address[,address]...]
Optional - if specified, both the MAC and IP address must match. This column can contain a comma-separated list of host and/or subnet
addresses. If your kernel and iptables have iprange match support then IP address ranges are also allowed. Similarly, if your kernel
and iptables include ipset support than set names (prefixed by "+") are also allowed.
FILES
/etc/shorewall/maclist
SEE ALSO
http://shorewall.net/MAC_Validation.html
http://shorewall.net/configuration_file_basics.htm#Pairs
shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5),
shorewall-ipsets(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5), shorewall-policy(5),
shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5),
shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
shorewall-zones(5)
NOTES
1. shorewall-interfaces
http://www.shorewall.net/manpages/shorewall-interfaces.html
2. shorewall-hosts
http://www.shorewall.net/manpages/shorewall-hosts.html
3. shorewall.conf
http://www.shorewall.net/manpages/shorewall.conf.html
[FIXME: source] 06/28/2012 SHOREWALL-MACLIST(5)