Sunscreen 3.2 / Stateful UDP

  • Permalink
  • submit to reddit
  • Email
  • Follow


I'm running Sunscreen 3.2 (routing mode) on Solaris 9 with only one
public IP address (using hme0). I've got a local network
192.168.1.0/27 (using znb0).  I also have one DMZ
192.168.1.224/27 (using znb1). Since Sunscreen doesn't support
port forwarding I've statically NAT'd the external IP to DMZ host
and have two packet filter rules that allow SMTP in/out for that
host.  Currently the internal net is being NAT'd using Dynamic mode on the
Screen. This works fine and all TCP traffic is tracked via the statetable.
But, UDP is not. For example, I have a Cisco VPN client machine on the
internal net and when using UDP for encapsulation of ESP packets none
of the returning UDP packets are passed back to the Cisco VPN host (using
a hub and sniffer in front of the Screen's hme0 interface).  Although both
'ssadm lib/statetables' and ssadm lib/nattables' have the communication
properly listed; nothing is even logged as being passed or dropped on hme0
interface. Detailed logging is enabled for everything except broadcast &
NetBIOS type traffic.  If I switch the Cisco VPN client to use TCP for esp
encapsulation everything works.  I tried other udp communications like
ntp, but no luck. The only UDP that's works is DNS. Anyone have similar
experiences with Sunscreen? Maybe know the cause here and/or even a
solution?

Thanks in advance.

0
Reply Techniq 10/11/2003 9:02:34 PM

See related articles to this posting

comp.sys.sun.admin 3735 articles. 4 followers. Post

0 Replies
224 Views

Similar Articles

[PageSpeed] 4


Reply:

Similar Artilces:

how can i write this statement labels=[1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;1;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;2;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3;3;]; in compress fo
How to write it in compact form to avoid repetition "shah " <shahkhn3@gmail.com> wrote in message <lodugh$8hr$1@newscl01ah.mathworks.com>... > How to write it in compact form to avoid repetition You'll find in this thread different solutions for similar question http://www.mathworks.fr/matlabcentral/newsreader/view_thread/335814 Bruno ...

[1 1 1 1 1 ;2 2 2 2 2 ;3 3 3 3 3 3;....;n n n n n]
Hi, Anybody knows how to create this matrix but without using any loops? a=[1 1 1 1 1 ;2 2 2 2 2 ;3 3 3 3 3 ;.......;n n n n n ] Thank you. Hana. Hana wrote: > Hi, > Anybody knows how to create this matrix but without using any loops? > a=[1 1 1 1 1 ;2 2 2 2 2 ;3 3 3 3 3 ;.......;n n n n n ] HELP REPMAT - Randy Hana wrote: > > > Hi, > Anybody knows how to create this matrix but without using any > loops? > a=[1 1 1 1 1 ;2 2 2 2 2 ;3 3 3 3 3 ;.......;n n n n n ] > > Thank you. > Hana. Hope this isn't homework. >> repmat([1:n]'...

Aix 5.2 and gcc 3.3
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Any bleading edgers out there get this to work? Building with BerkeleyDb 4.1.25 and TLS Had some problems with propolice (stack smashing protection) causing gcc to fail. Removed that option and now it compiles but won't link... yeah I know AIX what's new? The configure script for newdb had some of the same errors while testing for mutex's but eventually found configure:17733: result: UI/threads/library Fails with ld: 0711-317 ERROR: Undefined symbol: .mutex_init ld: 0711-317 ERROR: Undefined symbol: .cond_init ld: 0711-317 ERRO...

Upgrade from VO 1 - 2 - 2..1 -2.2 - 2.3 -2.4 - 2.5 - 2.6 - 2.7
About upgrade 2.5 - 2.7 at $ 384.00 For most products I'm using - the updates (2.0 - 2.1 - 2.7) are free... 2.0 to 3.0 might be worth + 10-30% of the original price? VO is + full price again & again - Full program price for every minor upgrade/bug-fix? I dropped out of the money/bugs [VO] at 2.5 after starting at 1.0 more than 10 years ago. Certainly whoever is making VO have to make a living; earning moneys: - that is OK! A 10 years old VO site; - 10 years later, how much have changed? http://www.yi.com/prany/cavo/cavofront.htm Even MS is not ...

compiling gcc 3.2.3 on aix 4.3.2 using gcc 3.2.1
All, I am trying to compile gcc-3.2.3 on aix-4.3.2 using a prebuilt gcc-3.2.1. I am using GNU make, native as,ar,ld. There are the errors I get. Can anyone help? thx balaji $ gmake bootstrap gmake[1]: Entering directory `/mnt/gcc-3.2.3/aix/libiberty' gmake[2]: Entering directory `/mnt/gcc-3.2.3/aix/libiberty/testsuite' gmake[2]: Nothing to be done for `all'. gmake[2]: Leaving directory `/mnt/gcc-3.2.3/aix/libiberty/testsuite' gmake[1]: Leaving directory `/mnt/gcc-3.2.3/aix/libiberty' gmake[1]: Entering directory `/mnt/gcc-3.2.3/aix/zlib' : gmake ; exec true "AR_...

how to convert union(2*x+y=3,3*x+2*y=5) to {2*x+y=3,3*x+2*y=5}
Thanks! In article <1140494713.980133.168190@f14g2000cwb.googlegroups.com>, loric <dr.huiliu@gmail.com> wrote: >Thanks! It isn't clear exactly what your question is, but: > `union`({2*x+y=3},{3*x+2*y=5}); {2 x + y = 3, 3 x + 2 y = 5} > Union := proc() { seq( `if`(s::'set',op(s),s), s=args ) } end proc: > Union(2*x+y=3,3*x+2*y=5); {2 x + y = 3, 3 x + 2 y = 5} > Union(2*x+y=3,{3*x+2*y=5}); {2 x + y = 3, 3 x + 2 y = 5} ...

ANN: ActivePython 2.3.2 & ActivePython 2.2.3
We are pleased to announce that versions 2.3.2 and 2.2.3 of ActivePython are now available for download from: http://www.ActiveState.com/ActivePython ActivePython 2.3.2 is the first ActivePython release for the Python 2.3.x series. ActivePython 2.2.3 is a bugfix release for, and supercedes, ActivePython 2.2.2. ActivePython is ActiveState's quality-assured binary build of Python. Builds are currently available for Windows, Linux and Solaris. In addition to the core language, ActivePython features: * zlib and bzip2 for data compression; * Tkinter for Tk development; * a lar...

ANN: ActivePython 2.3.2 & ActivePython 2.2.3
We are pleased to announce that versions 2.3.2 and 2.2.3 of ActivePython are now available for download from: http://www.ActiveState.com/ActivePython ActivePython 2.3.2 is the first ActivePython release for the Python 2.3.x series. ActivePython 2.2.3 is a bugfix release for, and supercedes, ActivePython 2.2.2. ActivePython is ActiveState's quality-assured binary build of Python. Builds are currently available for Windows, Linux and Solaris. In addition to the core language, ActivePython features: * zlib and bzip2 for data compression; * Tkinter for Tk development;...

[RELEASED] Release candidates for Python 2.6.8, 2.7.3, 3.1.5, and 3.2.3
We're pleased to announce the immediate availability of release candidates for Python 2.6.8, 2.7.3, 3.1.5, and 3.2.3 . The main impetus for these releases is fixing a security issue in Python's hash based types, dict and set, as described below. Python 2.7.3 and 3.2.3 include the security patch and the normal set of bug fixes. Since Python 2.6 and 3.1 are maintained only for security issues, 2.6.8 and 3.1.5 contain only various security patches. The security issue exploits Python's dict and set implementations. Carefully crafted input can lead to extremely long computation times a...

[RELEASED] Release candidates for Python 2.6.8, 2.7.3, 3.1.5, and 3.2.3
We're pleased to announce the immediate availability of release candidates for Python 2.6.8, 2.7.3, 3.1.5, and 3.2.3 . The main impetus for these releases is fixing a security issue in Python's hash based types, dict and set, as described below. Python 2.7.3 and 3.2.3 include the security patch and the normal set of bug fixes. Since Python 2.6 and 3.1 are maintained only for security issues, 2.6.8 and 3.1.5 contain only various security patches. The security issue exploits Python's dict and set implementations. Carefully crafted input can lead to extremely long computation...

[RELEASED] Second release candidates for Python 2.6.8, 2.7.3, 3.1.5, and 3.2.3
We're chuffed to announce the immediate availability of the second release candidates for Python 2.6.8, 2.7.3, 3.1.5, and 3.2.3. The only change from the first release candidates is the patching of an additional security hole. The security issue fixed in the second release candidates is in the expat XML parsing library. expat had the same hash security issue detailed below as Python's core types. The hashing algorithm used in the expat library is now randomized. A more thorough explanation of the "hash attack" security hole follows. The main impetus for these releases is fi...

[RELEASED] Second release candidates for Python 2.6.8, 2.7.3, 3.1.5, and 3.2.3
We're chuffed to announce the immediate availability of the second release candidates for Python 2.6.8, 2.7.3, 3.1.5, and 3.2.3. The only change from the first release candidates is the patching of an additional security hole. The security issue fixed in the second release candidates is in the expat XML parsing library. expat had the same hash security issue detailed below as Python's core types. The hashing algorithm used in the expat library is now randomized. A more thorough explanation of the "hash attack" security hole follows. The main impetus for these rele...

#1 #n+1 #2n+1 #2 #n+2 #2n+2 #3 #n+3 #2n+3 #n #2n #3n #1 #2 #3 #n #n+1 #n+2 #n+3 #2n #2n+1 100 Gbps aggregate stream of 64/66b words virtual lane markers virtual lane 1 virtual lane 2 virtual lan
#1 #n+1 #2n+1 #2 #n+2 #2n+2 #3 #n+3 #2n+3 #n #2n #3n #1 #2 #3 #n #n+1 #n+2 #n+3 #2n #2n+1 100 Gbps aggregate stream of 64/66b words virtual lane markers virtual lane 1 virtual lane 2 virtual lane 3 virtual lane n Simple 66-bit word level round robin distribution Transmit PM Transmit PM Receive PM Receive PM Transmit PC Receive PC 1 0.0 1.0 0.1 0.2 0.3 1.2 1.2 1.1 0.0 1.0 0.1 1.1 2.0 3.0 4.0 6.0 7.0 9.0 10.0 11.0 12.0 13.0 14.0 15.0 17.0 18.0 19.0 2.0 3.0 4.0 5.0 6.0 7.0 8.0 9.0 10.0 11.0 12.0 13.0 14.0 15.0 16.0 17.0 1...

how to "(1-3*x^2)/(1-3*x+x^2+2*x^3) => 1/(1-2*x) + x/(1-x-x^2)"?
hi normal(1/(1-2*x) + x/ (1-x-x^2),expanded); 1/(1-2*x) + x/(1-x-x^2) => (1-3*x^2)/(1-3*x+x^2+2*x^3) how to do the reverse? dillogimp@gmail.com writes: > normal(1/(1-2*x) + x/ (1-x-x^2),expanded); > 1/(1-2*x) + x/(1-x-x^2) => (1-3*x^2)/(1-3*x+x^2+2*x^3) > how to do the reverse? convert(%,parfrac,x); -- Joe Riel ...

[ANN] gettext-2.0.3, gettext_activerecord-2.0.3, gettext_rails-2.0.3
Hi, Ruby-GetText-Package-2.0.3 and the families (gettext-2.0.3, gettext_activerecord-2.0.3 and gettext_rails-2.0.3) are now available. Ruby-GetText-Package is the library/tools for message localization. * gettext - Message localization libraries and tools for all kind of apps/libs. * gettext_activerecord - ActiveRecord Localization * gettext_rails - Rails support with gettext. Changes ------- == gettext-2.0.3, gettext_activerecord-2.0.3, gettext_rails-2.0.3 * Fixed dependencies [Reported by Hans de Graaff] (NOTE) * Rails-2.3.1 and earlier aren't supported. Website ------- ...

HoldForm[1*2*3] should give 1 x 2 x 3 not 2 x 3
HoldForm[] is loosing the 1* when it apparently should not: In[1]:= HoldForm[1*2*3] Out[1]= 2 x 3 In[2]:= HoldForm[1*1*1] Out[2]= 1 x 1 x 1 In[3]:= HoldForm[3*2*1] Out[3]= 3 x 2 In[4]:= HoldForm[2*2*2] Out[4]= 2 x 2 x 2 In[5]:= HoldForm[2*1*3] Out[5]= 2 x 3 In[6]:= HoldForm[1*2] Out[6]= 1 x 2 In[7]:= HoldForm[1*2*1] Out[7]= 1 x 2 x 1 Q.E.D. Indeed, the same happens with Hold and HoldComplete. I'd say this is a bug. Cheers -- Sjoerd On Feb 25, 11:07 am, "Q.E.D." <a...@netzero.net> wrote: > HoldForm[] is loosing the 1* when it...

Problem using crosstool for powerpc-750 and gcc-3.3.2-glibc-2.3.2
Hi everybody, I wanted to build the gcc compiler 3.3.2 with glib-2.3.2 for powerpc-750 and used Dan's crosstool-0.43. After modifiying the "demo- powerpc-750.sh" script using TARBALLS_DIR=/home/stephan/downloads RESULT_TOP=/home/stephan/opt/crosstool export TARBALLS_DIR RESULT_TOP GCC_LANGUAGES="c,c++" [...] eval `cat powerpc-750.dat gcc-3.3.2-glibc-2.3.2.dat` sh all.sh -- notest I got a bunch of errors cc1: error: unrecognized command line option "-mnew-mnemonics". At the end the compilation completely failed with ...

runs with g77 3.2.2 but not with g77 3.3. Why?
I have a fortran code that reads an asc file and write it in a direct acess file. I'm running it with no problem at all in GNU F77 version 3.2.2 20030222 (Red Hat Linux 3.2.2-5) (i386-redhat-linux) I tried to use the same code in GNU F77 version 3.3 20030226 (prerelease) (SuSE Linux) (i486-suse-linux) and though it compiles with no problem, it didn't work and I have the message cdue: formatted io not allowed apparent state: unit 18 named myfile lately writing direct unformatted external IO Abort I don't have a clue about how to fix this. What's wrong? Thx for any help Pa...

Apache 2.2.3 and mod_python 3.2.10
I installed Apache 2.2.3 and mod_python 3.2.10 on WinXP plateform I configured mod_python via httpd.conf: LoadModule python_module modules/mod_python.so but my script folder configuration doesn't work correctely: Alias /myfolder D:/myfolder <Directory "/myfolder"> Order allow,deny Allow from all AddHandler mod_python .py PythonHandler mod_python.publisher PythonDebug On </Directory> for test, this is a sample script d:\myfolder\test.py # test.py # from mod_python import apache # def hello(name=None): if name: return 'Hell...

2.4 or 2.3.4 for 2.3 software?
Can we expect the current release of 2.4 to be just as reliable as 2.3.4 for 2.3 compliant software? Thanks for any help! Jens --ibTvN161/egqYuK8 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, Dec 01, 2004 at 10:23:55AM +0100, Jens Bloch Helmers wrote: > Can we expect the current release of 2.4 to be just as reliable as > 2.3.4 for 2.3 compliant software? Only time will tell. I myself had never had any problems with 2.x.0 versions of Python. Only early 2.0.x had a few problems in the C API for me. -- Gerhard --ibTvN161/egqYuK8 Content-Type: applica...

What gdb for gcc 3.2.2 or 3.3.5?
The gdb that works for gcc 3.2.1 emx does not recognise my executables compiled with Innotek gcc 3.2.2 and as far as I know there has been no update of gdb since the one that came with gcc 2.8.1. Which of course leads to the question, what does one use for debugging with the later versions of gcc? Surely it isn't necessary to learn all that OMF stuff? (If I did, could I use idebug?) On Mon, 17 Oct 2005 02:29:59 UTC, Jon Saxton wrote: > The gdb that works for gcc 3.2.1 emx does not recognise my executables > compiled with Innotek gcc 3.2.2 and as far as I know ther...

Serious trouble with https (Python 2.2.3 & 2.3.3), How to check for working ssl?
Some people tipped me off on some possibilities to tackle my https problem. Those have definitely gotten me further in cornering the problem. Thank you. But: No matter what I do to open a webconnection with httpS I always get something in this Area: urllib2.URLError: <urlopen error unknown url type: https> With both versions of Python mentioned above. My strong suspicion is that the socket stuff (dunno exact libname right now...) is compiled without ssl support. What I would like to know now is following: 1) What is the default setting for the compilation of the original Pyth...

ANN: ActivePython 2.3.2 & 2.2.3 bug fix releases
Bug fix releases for ActivePytyhon 2.3 and 2.2 are now available at: http://www.activestate.com/Products/ActivePython/ These releases are: ActivePython 2.3.2 build 232 for Windows ActivePython 2.3.2 build 231 for Linux and Solaris ActivePython 2.2.3 build 227 for Windows ActivePython 2.2.3 build 226 for Linux and Solaris Significant changes include upgrading the Windows installers with Mark Hammond's latest PyWin32 builds and fixing a bug in the Linux and Solaris builds whereby Tkinter support was absent. See the release notes for more information: http://aspn....

building GCC 3.3.2 or 3.2.3 on Unixware 7.1.1
Has anybody done this successfully? I'm running into problems with the C++ library. AFAICT, the compiler is built ok (bootstrapping all succeeds), but the C++ library chokes. It seems to mostly be complaining about the 'volatile' keyword in pthread.h. I'm using binutils, btw. The ccs based build fails to bootstrap for me. Best regards, Brent Brent Eagles wrote: > Has anybody done this successfully? > > I'm running into problems with the C++ library. AFAICT, the compiler is > built ok (bootstrapping all succeeds), but the C++ library...