10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Below is what i did to open the firewall port on
# sudo firewall-cmd --zone=public --add-port=27012/tcp --permanent
Warning: ALREADY_ENABLED: 27012:tcp
success
# sudo firewall-cmd --reload
success
# firewall-cmd --list-all
public
target: default
icmp-block-inversion: no
... (10 Replies)
Discussion started by: mohtashims
10 Replies
2. IP Networking
My son does homework on a school laptop. I was thinking about setting up a gateway on my home network, so that I can monitor web traffic and know if he is doing his homework without standing over his shoulder. Ideally I would like to use the Raspberry Pi Model b that I already have. However, I... (15 Replies)
Discussion started by: gandolf989
15 Replies
3. AIX
Hi Friends,
How to do port forwarding in AIX? We would like to re route traffic from port A to port B on AIX LPAR.
for example: my application is using 8080 port on LPAR and would like to use the 8081 instead of 8080. By default application was configured with 8080. But instead of changing... (2 Replies)
Discussion started by: System Admin 77
2 Replies
4. UNIX for Advanced & Expert Users
Hi All
I am resilience testing an application that is spread across multiple servers.
One thing I will need to do soon is throttle the network traffic for specific interfaces within the test cluster. Specifically, maybe make a connection take twice or three times as long to respond....
I... (3 Replies)
Discussion started by: bbq
3 Replies
5. IP Networking
I am trying to block ALL traffic except when from ports 9100,22,23 to destination network 192.0.0.0 (my WAN): 2 networks 192.0.3.0 with static route to 192.0.0.0
Shouldn't this work?:
iptables -A INPUT -p tcp -d 192.0.0.0/24 --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -d 192.0.0.0/24... (3 Replies)
Discussion started by: herot
3 Replies
6. Solaris
Hi Everyone,
In my environment, I have few T5220. On the iLOM Management Card, I have both Network and Serial port are cabled, I don't have any issues while I try to connect using Network Management port, but when I try to connect the serial port for the same server which is actually connected... (3 Replies)
Discussion started by: bobby320
3 Replies
7. HP-UX
I Colleagues,
Somebody can say me how to monitoring traffic in the network. also I am interested in monitoring memory. if somebody to know a guide with command advanced in unix welcome for me.
Thank you for adcanced. (0 Replies)
Discussion started by: systemoper
0 Replies
8. Infrastructure Monitoring
Hi all,
Got a strange one here, well not so much strange, different :-)
I need to work out if a server is particulary chatty, whether its talking / communicating heavily to a particular server, as Im planning to physically move the server to a different server, over a link. Hence the... (6 Replies)
Discussion started by: sbk1972
6 Replies
9. Cybersecurity
Hi,
Can someone give me the clue on how to capture network traffic at gateway.
Thanx (2 Replies)
Discussion started by: kayode
2 Replies
10. UNIX for Dummies Questions & Answers
there are commands to monitor the memory, paging, io... how about network traffic. i mean commands to see whether the network traffic (LAN) is congested? the closest i got is netstat
thanks (6 Replies)
Discussion started by: yls177
6 Replies
SHOREWALL6-NETMAP(5) [FIXME: manual] SHOREWALL6-NETMAP(5)
NAME
netmap - Shorewall6 NETMAP definition file
SYNOPSIS
/etc/shorewall/netmap
DESCRIPTION
This file is used to map addresses in one network to corresponding addresses in a second network. It was added in Shorewall6 iin 4.4.23.3.
Warning
To use this file, your kernel and ip6tables must have RAWPOST table support included.
The columns in the file are as follows (where the column name is followed by a different name in parentheses, the different name is used in
the alternate specification syntax).
TYPE - {DNAT|SNAT}:{P|O|T}
Must be DNAT or SNAT followed by :P, :O or :T to perform stateless NAT. Stateless NAT requires Rawpost Table support in your kernel and
iptables (see the output of shorewall6 show capabilities).
If DNAT:P, traffic entering INTERFACE and addressed to NET1 has its destination address rewritten to the corresponding address in NET2.
If SNAT:T, traffic leaving INTERFACE with a source address in NET1 has it's source address rewritten to the corresponding address in
NET2.
If DNAT:O, traffic originating on the firewall and leaving via INTERFACE and addressed to NET1 has its destination address rewritten to
the corresponding address in NET2.
If DNAT:P, traffic entering via INTERFACE and addressed to NET1 has its destination address rewritten to the corresponding address in
NET2.
If SNAT:P, traffic entering via INTERFACE with a destination address in NET1 has it's source address rewritten to the corresponding
address in NET2.
If SNAT:O, traffic originating on the firewall and leaving via INTERFACE with a source address in NET1 has it's source address
rewritten to the corresponding address in NET2.
NET1 - network-address
Network in CIDR format (e.g., 2001:470:b:227/64). Beginning in Shorewall6 4.4.24, exclusion[1] is supported.
INTERFACE - interface
The name of a network interface. The interface must be defined in shorewall6-interfaces[2](5). Shorewall allows loose matches to
wildcard entries in shorewall6-interfaces[2](5). For example, ppp0 in this file will match a shorewall6-interfaces[2](8) entry that
defines ppp+.
NET2 - network-address
Network in CIDR format
NET3 - network-address
Optional - added in Shorewall 4.4.11. If specified, qualifies INTERFACE. It specifies a SOURCE network for DNAT rules and a DESTINATON
network for SNAT rules.
PROTO (Optional - protocol-number-or-name
Only packets specifying this protocol will have their IP header modified.
DEST PORT(S) (dport) - port-number-or-name-list
Destination Ports. An optional comma-separated list of Port names (from services(5)), port numbers or port ranges; if the protocol is
icmp, this column is interpreted as the destination icmp-type(s). ICMP types may be specified as a numeric type, a numberic type and
code separated by a slash (e.g., 3/4), or a typename. See http://www.shorewall.net/configuration_file_basics.htm#ICMP.
If the protocol is ipp2p, this column is interpreted as an ipp2p option without the leading "--" (example bit for bit-torrent). If no
PORT is given, ipp2p is assumed.
An entry in this field requires that the PROTO column specify icmp (1), tcp (6), udp (17), sctp (132) or udplite (136). Use '-' if any
of the following field is supplied.
SOURCE PORT(S) (sport) - port-number-or-name-list
Optional source port(s). If omitted, any source port is acceptable. Specified as a comma-separated list of port names, port numbers or
port ranges.
An entry in this field requires that the PROTO column specify tcp (6), udp (17), sctp (132) or udplite (136). Use '-' if any of the
following fields is supplied.
FILES
/etc/shorewall/netmap
SEE ALSO
http://shorewall.net/netmap.html
http://shorewall.net/configuration_file_basics.htm#Pairs
NOTES
1. exclusion
http://www.shorewall.net/manpages6/shorewall6-exclusion.html
2. shorewall6-interfaces
http://www.shorewall.net/manpages6/shorewall6-interfaces.html
[FIXME: source] 06/28/2012 SHOREWALL6-NETMAP(5)