Paul McWhinnie | 3 Sep 23:23 2009

Port forwarding by MAC

Hi

I would like to know if it is possible to port forward based on MAC
address rather than source IP?

Basically I would like to allow incoming RDP sessions based on MAC
address - is there a better way of doing this?

Regards
Paul

--

-- 
Acceptable use of my email address:
http://www.mcwhinnie.com/acceptable_use.txt

------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
Julio Cesar | 4 Sep 20:03 2009
Picon

NTOP problems

Use the Endian NTOP 2.2 and works for a while, then it just stops working.
 
Hang up and call the service NTOP (traffic monitoring) and he returns to work, but after a while stops working and I can not access it from any formal. Has anyone experienced this?
 
 
Thanks,
 
Julio
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user
Lane.Beneke | 4 Sep 20:05 2009

Re: Port forwarding by MAC

Use the DHCP server to assign a fixed lease to the MAC.  Then port
forward to the fixed address.

 
Lane Beneke
Network Administrator
Southern Piping Co.
(252) 291-1561 ext. 148
-----Original Message-----
From: Paul McWhinnie [mailto:efw@...] 
Sent: Thursday, September 03, 2009 5:24 PM
To: efw-user@...
Subject: [Efw-user] Port forwarding by MAC

Hi

I would like to know if it is possible to port forward based on MAC
address rather than source IP?

Basically I would like to allow incoming RDP sessions based on MAC
address - is there a better way of doing this?

Regards
Paul

-- 
Acceptable use of my email address:
http://www.mcwhinnie.com/acceptable_use.txt

------------------------------------------------------------------------
------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008
30-Day 
trial. Simplify your report design, integration and deployment - and
focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user

------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
Steven Sher | 5 Sep 16:17 2009
Picon

Re: NTOP problems

I also often have this problem, I turn the traffic monitoring off and on again in the GUI and usually works again, but then you lose all your traffic information very annoying.

 

Steve

 

From: Julio Cesar [mailto:juliobici <at> gmail.com]
Sent: 04 September 2009 08:04 PM
To: efw-user <at> lists.sourceforge.net
Subject: [Efw-user] NTOP problems

 

Use the Endian NTOP 2.2 and works for a while, then it just stops working.

 

Hang up and call the service NTOP (traffic monitoring) and he returns to work, but after a while stops working and I can not access it from any formal. Has anyone experienced this?

 

 

Thanks,

 

Julio

------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user
Christopher Salinardi | 5 Sep 18:23 2009
Picon

Re: NTOP problems

Hi,  it is believed that this is a bug with NTOP, does your firewall CPU utilization hit 100% when this happens?
 
I found a workaround for this issue, it seems to have something to do with SSL.  Edit the ntop init script to use http for port 3001.
 
Location: /etc/init.d/ntop
 
Find this line and change the options in bold:
 
option="--user ntop --daemon --db-file-path /var/ntop --interface br0 --trace-level 3 --https-server 0 --http-server 3001 --disable-schedyield --no-fc"
 
Restart ntop: etc/init.d/ntop restart
 
Of course, this change breaks the url on the page, change it to http:// instead of https:// and it will work.
 
Thanks,
Chris


On Fri, Sep 4, 2009 at 2:03 PM, Julio Cesar <juliobici-Re5JQEeQqe8@public.gmane.orgm> wrote:
Use the Endian NTOP 2.2 and works for a while, then it just stops working.
 
Hang up and call the service NTOP (traffic monitoring) and he returns to work, but after a while stops working and I can not access it from any formal. Has anyone experienced this?
 
 
Thanks,
 
Julio

------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Efw-user mailing list
Efw-user-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/efw-user


------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user
Julio Cesar | 8 Sep 18:50 2009
Picon

Re: NTOP problems

Hi Christopher,
 
The problem has occurred with the CPU under 100%. I did the updates that you passed and is working so far, let's see how it goes.

Thank you for your help.

Julio Cesar



2009/9/5 Christopher Salinardi <csalinardi <at> gmail.com>
Hi,  it is believed that this is a bug with NTOP, does your firewall CPU utilization hit 100% when this happens?
 
I found a workaround for this issue, it seems to have something to do with SSL.  Edit the ntop init script to use http for port 3001.
 
Location: /etc/init.d/ntop
 
Find this line and change the options in bold:
 
option="--user ntop --daemon --db-file-path /var/ntop --interface br0 --trace-level 3 --https-server 0 --http-server 3001 --disable-schedyield --no-fc"
 
Restart ntop: etc/init.d/ntop restart
 
Of course, this change breaks the url on the page, change it to http:// instead of https:// and it will work.
 
Thanks,
Chris


On Fri, Sep 4, 2009 at 2:03 PM, Julio Cesar <juliobici-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
Use the Endian NTOP 2.2 and works for a while, then it just stops working.
 
Hang up and call the service NTOP (traffic monitoring) and he returns to work, but after a while stops working and I can not access it from any formal. Has anyone experienced this?
 
 
Thanks,
 
Julio

------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Efw-user mailing list
Efw-user-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/efw-user



------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Efw-user mailing list
Efw-user-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/efw-user


------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user
Mike Knisely | 9 Sep 15:12 2009

Re: Port forwarding by MAC

Are you talking about allowing outside users to RDP into your network if
their MAC address matches a list?  If so, that is not possible.  The
reason for this is that the Source MAC Address is only consistent to the
first router.  After that, the Source MAC Address is rewritten each time
a new frame is created.

Mike K.

-----Original Message-----
From: Paul McWhinnie [mailto:efw@...] 
Sent: Thursday, September 03, 2009 5:24 PM
To: efw-user@...
Subject: [Efw-user] Port forwarding by MAC

Hi

I would like to know if it is possible to port forward based on MAC
address rather than source IP?

Basically I would like to allow incoming RDP sessions based on MAC
address - is there a better way of doing this?

Regards
Paul

-- 
Acceptable use of my email address:
http://www.mcwhinnie.com/acceptable_use.txt

------------------------------------------------------------------------
------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008
30-Day 
trial. Simplify your report design, integration and deployment - and
focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user

------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
Paul McWhinnie | 10 Sep 10:02 2009

Re: Port forwarding by MAC

Thanks Lane and Mike for your feedback.

I use a VPN for clients that connect from the same PC each time and I
tunnel RDP via SSH for some others.

I have a few clients that move around different customer premises and
use the PCs there.  Not all of these customers have static public IPs so
the clients come in from a different IP each time.  I was trying to
avoid installing VPN clients on the PCs.

I had in mind something similar to MAC filtering on a wireless, but I
see now that that works because the PC connects directly. I did learn
something about MAC addresses though!

Thanks again to you both.

Mike Knisely wrote:
> Are you talking about allowing outside users to RDP into your network if
> their MAC address matches a list?  If so, that is not possible.  The
> reason for this is that the Source MAC Address is only consistent to the
> first router.  After that, the Source MAC Address is rewritten each time
> a new frame is created.
> 
> Mike K.
> 
> -----Original Message-----
> From: Paul McWhinnie [mailto:efw@...] 
> Sent: Thursday, September 03, 2009 5:24 PM
> To: efw-user@...
> Subject: [Efw-user] Port forwarding by MAC
> 
> Hi
> 
> I would like to know if it is possible to port forward based on MAC
> address rather than source IP?
> 
> Basically I would like to allow incoming RDP sessions based on MAC
> address - is there a better way of doing this?
> 
> Regards
> Paul
> 

--

-- 
Acceptable use of my email address:
http://www.mcwhinnie.com/acceptable_use.txt

------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
Julio Cesar | 10 Sep 14:58 2009
Picon

Block IP originated from the external network (red)

Greetings,

There is the possibility of blocking an IP address, originating from an external network, whatever the service (port) to access my network in Endian.

The situation is I have a high traffic from a particular IP to my network, for example accessing a web server from my internal network.

I want to block this IP and they can stop this high traffic, there is this possibility?
 
 
Thanks,
 
Julio Cesar
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user
Santhosh Kumar Gulla | 15 Sep 09:37 2009
Picon

Remote logging from Endian


Dear All,

Can any one guide me how to log the logs in a remote syslog server. I 
have ticked the remote logging option in endian firewall and given a IP 
w.x.y.z, but it is not logging into that machine. The remote machine is 
running debian lenny with rsyslog installed in it.

Can any one guide me how to configure the remote logging machine as well.

Is there any other syslog server which supports endian remote logging. 
Please list them.

With Regards
--
Santy

------------------------------------------------------------------------------
Come build with us! The BlackBerry&reg; Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay 
ahead of the curve. Join us from November 9&#45;12, 2009. Register now&#33;
http://p.sf.net/sfu/devconf

Gmane