Hi As a kinda-newbie to Linux I've started using the Bering Firewall and I'm having some difficulty getting port forwarding working. Outgoing connections work fine - I can browse the net, send and receive my pop3 mail, etc. I just can't get Shorewall to allow traffic inwards to a webserver and Win2k terminal server.
I'm using 2 Ethernet cards: Eth0 is a 3Com 509, Eth1 is a Realtek PCI card using ne2k-pci. Eth0 has a staticIP. dhcpd and dnscache are both working. /etc/shorewall/policy has been left as default /etc/shorewall/rules has been left as default - it's getting the values for the port forwarding from the variables set up in /params /etc/Shorewall/params contains mostly the default options, except: Loc_tcp_ports1=80,3389 (=www and Win2k Terminal Services) server1=192.168.1.2 (=my webserver's internal address) When Shorewall starts, the Rule outputs are: Accept fw net tcp 53 Accept fw net udp 53 Accept net fw tcp 22 Reject net fw tcp 113 Accept loc fw tcp 22,80 Accept loc fw udp 53 Accept net loc:192.168.1.2 tcp 80,3389 - all Accept fw loc icmp 8 Accept loc fw icmp 8 I can access the Weblet (and ssh if I put sshd on) internally, as I'd expect. If I do a port scan from grc.com, AUTH shows up as closed rather than stealthed, which I'd also expect. However, HTTP shows up as stealthed, which I don't understand. I've had a check in the shorewall doco, and I can't see anything obvious. I've tried "ALL: ALL" in hosts.allow, but to no avail. If anyone has any suggestions as to what I'm missing, I'd be really grateful. Cheers Richard _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
