Re: Odd network issue
On Thu, Nov 11, 2010 at 11:54:36AM -0500, Wayne Topa wrote:
>
> What, if any, firewall do you have installed?
>
> I had the same problem here when I (finally) got a wireless setup.
> I tried a bunch of firewalls and and settled on
> arno-iptables-firewall
> and privoxy.
>
> Now I can surf the web and don't have many sites eating not only my
> bandwidth but also eating up my 5 Gig monthly allocation.
>
> HTH
>
> Wayne
I have shorewall installed with the following...
######################### I N T E R F A C E S
##################################
#ZONE INTERFACE BROADCAST OPTIONS
net wlan0 detect dhcp,tcpflags,logmartians,nosmurfs
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
########################### P O L I C Y
########################################
#SOURCE DEST POLICY LOG LEVEL
LIMIT:BURST
$FW net ACCEPT
net $FW DROP info 1/sec:2
net all DROP info
# The FOLLOWING POLICY MUST BE LAST
all all REJECT info
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE
############################ R U L E S
#########################################
#ACTION SOURCE DEST PROTO DEST SOURCE
ORIGINAL RATE USER/ MARK
# PORT PORT(S)
# DEST
# LIMIT
# GROUP
# Drop Ping from the "bad" net zone.. and prevent your log from being
# flooded..
Ping/DROP net $FW
# Permit all ICMP traffic FROM the firewall TO the net zone
ACCEPT $FW net icmp
# MY ENTRIES
BitTorrent/ACCEPT net $FW
SSH/ACCEPT net $FW tcp 12211
Ping/ACCEPT $FW net
REJECT net:~1e:90:32:82:b2:08 $FW
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
############################ Z O N E S
#########################################
#ZONE TYPE OPTIONS IN OUT
# OPTIONS OPTIONS
fw firewall
net ipv4
#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE
I won't be back on campus until Monday if anyone has a need to see some
additional log etc. I hope I can figure something out..
Reply to: