I have serious problems with my firewall/router running Bering rc3. I run the 2 interface configuration masqing my internal network on one nic to an internet connection on the other nic. Everything seems fine from the routers point of view, and everything seems to work from the internal network. (I have ran this configuration since april)
Now to my "weird" problem.. I run a web server in my internal network ( I know this isn�t the way to do it.. I should be using a DMZ, but if I cant get it to work with 2 nic�s, then why should it work with three?..) Anyway.. I forward all www connections from the firewalls internet nic to the webserver using DNAT net loc:192.168.1.2 tcp www Where 192.168.1.2 is my webserver. Now when connection my firewall from any host on the internet SOMETIMES it puts me through to my webserver and everything seems fine. But 99% of the time, it seems like the router doesn�t work at all (ie doesn�t forward and/or doesn�t respond). Mostly it works a while after bootup, but then it stops working. Meanwhile everything seems fine from the internal network. Now I have tried configuring the router to respond to ping/tracert/traceroute so that I can check if it responds, but it stops responding whenever it likes. The router logs doesn�t record any icmp connections when trying to ping it from the internet.. My PING config: # # Accept PING connections # ACCEPT net fw icmp echo-request ACCEPT fw net icmp echo-request ACCEPT loc fw icmp echo-request ACCEPT fw loc icmp echo-request # # Accept Tracert response connections from firewall # ACCEPT fw loc icmp echo-reply ACCEPT fw net icmp echo-reply # I have had the same problem with Bering rc2 as in rc3. I hardly thing shorewall has anything to do with this since it works sometimes. I have no idea why this is happening? Can it have something to do with my hardware? (eg my nic?) I use 8390 and ne2k-pci (for my internet nic a KTI ET32 10Mbit PCI card) Anyone got an idea about what could be wrong? (No.. it�s not the problem with the nics connected on the same switch..) /anders (realising the difficulty in explaining the problem..) ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
