On Wed, 2003-02-26 at 13:02, Florin wrote:
> > Well could you set your test setup up like mine - one machine with two
> > NICs and a network internet connection, and one machine with one NIC
> > connected to it - and send me the /etc/shorewall/interfaces file it
> > generates, for comparison? It's good to know it works on a fresh Cooker,
> > but I want to know what's going wrong on my setup, because it ought to
> > work.
>
> [EMAIL PROTECTED] root]# grep -v ^#
> /etc/shorewall/{zones,interfaces,masq,policy,rules} |grep -v ^$
>
> /etc/shorewall/zones:net Net Internet zone
> /etc/shorewall/zones:masq Masquerade Masquerade Local
> /etc/shorewall/zones:loc Local Local
>
> /etc/shorewall/interfaces:net eth1 detect
> /etc/shorewall/interfaces:masq eth0 detect
> /etc/shorewall/interfaces:loc eth2 detect
> /etc/shorewall/interfaces:loc eth3 detect
>
> /etc/shorewall/masq:eth1 10.0.0.0/255.255.255.0 -> This is my
> masqueraded network
>
> /etc/shorewall/policy:masq net ACCEPT
> /etc/shorewall/policy:loc net ACCEPT
> /etc/shorewall/policy:fw net ACCEPT
> /etc/shorewall/policy:net all DROP info
> /etc/shorewall/policy:all all REJECT info
>
> /etc/shorewall/rules:ACCEPT net fw tcp 22,6566 -
> /etc/shorewall/rules:ACCEPT masq fw tcp 22,6566 -
> /etc/shorewall/rules:ACCEPT loc fw tcp 22,6566 -
> /etc/shorewall/rules:ACCEPT masq fw tcp
> domain,bootps,http,https,631,imap,pop3,smtp,nntp,ntp -
> /etc/shorewall/rules:ACCEPT masq fw udp
> domain,bootps,http,https,631,imap,pop3,smtp,nntp,ntp -
> /etc/shorewall/rules:ACCEPT fw masq tcp 631,515,137,138,139 -
> /etc/shorewall/rules:ACCEPT fw masq udp 631,515,137,138,139 -
>
> hope this helps,
Thanks Florin. I think I'll run drakgw and then try taking out each of
the duplicate eth1 lines in turn and see if doing that fixes it. I'd
still love to know why they're being generated, though.
--
adamw
