Exempt from mimetype filter

Hi there,
We currently have the mime-type filter on to stop people listening to 
streamed radio stations (chews through too much bandwidth). However, 
there is at least one person in the company who has an actual business 
purpose for listening to a couple of streams. I was wondering, is there 
anyway to either make him exempt from the filter or make the streams he 
listens to exempt? Or is it all or nothing?
Thank you,
- Kate

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone

Re: 1 to 1 natting without internal ips.

Yes but I can not accomplish this. If you read my whole post thats all what I
need. So first I want to make sure that is possible. Think that endian will
be just next to swtich and behind the switch, there will be bunch of servers
with many different ips (a data center). So I want to use endian as a
transparent firewall. Only use its filtering option or protection methods
like Ddos and so on. If this is possible, what should I considr when
configurating it. Thank you

Marco Gabriel wrote:
> 
> sure. this is just a standart port forward, as far as I can see. Or did 
> I miss something special? If it is just a port forward, every endian 
> version that I know can do this.
> 
> from a security point of view, you should only do port forwards to 
> orange networks if your green network should stay secure.
> 
> marco
> 
> ozgurerdogan schrieb:
>> I want to create such policy which forwards incoming request through
>> endian
>> to internal network which is connected to green interface. 
>> A sample of policy is attached as picture to this post.
>> Would it be possible?
>> For example;
>>
>> source interface=red
>> source address= ALLs

Problem with ClamAV and SMTP

Hi,

it looks like that the virus signature update dated 01.May is killing the clamav process,
if I enable the virus scanner no smtp mail comes in:

SMTP Log:

May 3 01:32:37  	amavis[3807]: (03807-01) (!)Clam Antivirus-clamd: Can't connect to INET socket
127.0.0.1:3310: Connection refused, retrying (2)
May 3 01:32:43 	amavis[3807]: (03807-01) (!)run_av (Clam Antivirus-clamd, built-in i/f): Too many
retries to talk to 127.0.0.1:3310 (Can't connect to INET socket 127.0.0.1:3310: Connection refused) at
(eval 40) line 293.
May 3 01:32:43 	amavis[3807]: (03807-01) (!!)Clam Antivirus-clamd av-scanner FAILED:
CODE(0x9dabe00) Too many retries to talk to 127.0.0.1:3310 (Can't connect to INET socket
127.0.0.1:3310: Connection refused) at (eval 40) line 293. at (eval 40) line 491.
May 3 01:32:43 	amavis[3807]: (03807-01) (!!)WARN: all primary virus scanners failed, considering backups
May 3 01:34:37 	postfix/smtpd[3953]: connect from dslb-084-063-018-112.pools.arcor-ip.net[84.63.18.112]
May 3 01:34:38 	postfix/smtpd[3953]: NOQUEUE: reject: RCPT from
dslb-084-063-018-112.pools.arcor-ip.net[84.63.18.112]: 554 Service unavailable; Client host
[84.63.18.112] blocked using dul.dnsbl.sorbs.net; Dynamic IP Addresses See:
http://www.sorbs.net/lookup.shtml?84.63.18.112; from= to= proto=ESMTP helo=
May 3 01:34:39 	postfix/smtpd[3953]: disconnect from dslb-084-063-018-112.pools.arcor-ip.net[84.63.18.112]
May 3 01:37:59 	postfix/anvil[3954]: statistics: max connection rate 1/60s for (smtp:84.63.18.112) at
May 3 01:34:37
May 3 01:37:59 	postfix/anvil[3954]: statistics: max connection count 1 for (smtp:84.63.18.112) at May
3 01:34:37
May 3 01:37:59 	postfix/anvil[3954]: statistics: max cache size 1 at May 3 01:34:37
May 3 01:39:18 	amavis[3807]: (03807-01) (!)killing process [3929] running Clam Antivirus - clamscan
(reason: on reading: timed out)
May 3 01:39:19 	amavis[3807]: (03807-01) (!)run_av (Clam Antivirus - clamscan): collect_results -

Re: Problem with ClamAV and SMTP

On May 2, 2008, at 2:22 PM, Werner Seifert wrote:

> Hi,
>
> it looks like that the virus signature update dated 01.May is  
> killing the clamav process,
> if I enable the virus scanner no smtp mail comes in:
>

What version on Endian, what version of clam? Try restarting the  
clamd process via the /usr/local/bin/restartclamav check the clamd  
logs /var/log/clamav/clamd.log for errors.

-Mike

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone

Antw: Re: Problem with ClamAV and SMTP

Hi,

Endian Firewall Community release 2.1.2, clam as with this release delivered. Have seen this on two
machines ...

Werner 

>>> Mike Tremaine <mgt@...> schrieb am Freitag, 02. Mai 2008 um 23:32
in Nachricht <01EDDA4E-4AEC-480E-ACEF-FB3E2E7F0625@...>:

> On May 2, 2008, at 2:22 PM, Werner Seifert wrote:
> 
>> Hi,
>>
>> it looks like that the virus signature update dated 01.May is  
>> killing the clamav process,
>> if I enable the virus scanner no smtp mail comes in:
>>
> 
> What version on Endian, what version of clam? Try restarting the  
> clamd process via the /usr/local/bin/restartclamav check the clamd  
> logs /var/log/clamav/clamd.log for errors.
> 
> -Mike
> 
> 
> 
> -------------------------------------------------------------------------
> This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
> Don't miss this year's exciting event. There's still time to save $100. 

Re: Antw: Re: Problem with ClamAV and SMTP

On May 2, 2008, at 2:36 PM, Werner Seifert wrote:

> Hi,
>
> Endian Firewall Community release 2.1.2, clam as with this release  
> delivered. Have seen this on two machines ...
>
> Werner
>

You need to check the clamd.log for more info, if I had to guess it  
could be a corrupt database in which case you need to delete it and  
re-run freshclam.

-Mike

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone

Re: Antw: Re: Problem with ClamAV and SMTP

I am a ..x newbie, how to do?

>>> Mike Tremaine <mgt@...> schrieb am Samstag, 03. Mai 2008 um 04:29
in Nachricht <FB143C62-C0D7-485F-8CB0-515B8A9F589A@...>:

> On May 2, 2008, at 2:36 PM, Werner Seifert wrote:
> 
>> Hi,
>>
>> Endian Firewall Community release 2.1.2, clam as with this release  
>> delivered. Have seen this on two machines ...
>>
>> Werner
>>
> 
> You need to check the clamd.log for more info, if I had to guess it  
> could be a corrupt database in which case you need to delete it and  
> re-run freshclam.
> 
> -Mike
> 
> -------------------------------------------------------------------------
> This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
> Don't miss this year's exciting event. There's still time to save $100. 
> Use priority code J8TL2D2. 
> http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javao 
> ne
> _______________________________________________
> Efw-user mailing list
> Efw-user@... 

Re: 2.2beta4 install - problems

Re: Proxy prob 2.2b4   
by wharfratjoe Apr 25, 2008; 12:26pm :: Rate this Message:    (use ratings
to moderate[?])

Reply | Reply to Author | Show Only this Message 

I just tried to install the rpm's and received the following   

root <at> fw001:~/content filter policy # rpm -Uvh
efw-base-2.6.101-1.endian3.noarch.rpm 
error: failed to stat /tmp/tmp.CIkHJox498: No such file or directory 
Preparing...                ###########################################
[100%] 
   1:efw-base               ###########################################
[100%] 
root <at> fw001:~/content filter policy # rpm -Uvh
efw-interfaceeditor-2.2.22-0.endian1.noarch.rpm 
error: failed to stat /tmp/tmp.CIkHJox498: No such file or directory 
Preparing...                ###########################################
[100%] 
   1:efw-interfaceeditor    ###########################################
[100%] 
root <at> fw001:~/content filter policy # rpm -Uvh
efw-proxy-2.2.54-1.endian1.noarch.rpm 
error: failed to stat /tmp/tmp.CIkHJox498: No such file or directory 
Preparing...                ###########################################
[100%] 
   1:efw-proxy              ###########################################
[100%] 

Blacklisting modules on installer disk

I have an issue installing efw community and I was hoping someone could help
me out. I'm trying to install 2.2beta4 on a Compaq Proliant DL360 Gen1. The
install does not correctly recognize the Compaq Raid Array. I had the same
issue in ubuntu.  To solve the problem in ubuntu, I could pass a command
that would blacklist modules on start up. Is there anyway to do this in the
efw installer? Thanks in advance.

Daniel

--

-- 
View this message in context: http://www.nabble.com/Blacklisting-modules-on-installer-disk-tp16996073p16996073.html
Sent from the efw-user mailing list archive at Nabble.com.

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone

endian only with content filter

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone

_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user