Hi all,
I've searched everywhere on the web and have found nothing to do with this
config (Tom touches on it in his FAQ's but I can't seem to get it to work).
I'm running Bering with shorewall 1.4.2
Here is my setup.
--------------- ------------ ----------
| ADSL MODEM |------------| Firewall |-----| Switch |
--------------- ------------ ----------
PPPOE Connect to my ISP.
ADSL Modem: 192.168.0.2 on LAN Interface
Firewall eth0: 192.168.0.1
eht1: 10.0.10.1
I wish to be able to get the the web config page and SNMP on the ADSL modem
from an internal machine. My internal machines IP is 10.0.10.30
Here are the config files from my firewall. I CAN ping the ADSL modem from my
firewall but cannot access it at all from my internal network.
/etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.0.1
masklen 24
broadcast 192.168.0.255
up pon dsl-provider eth0
up shorewall restart
auto eth1
iface eth1 inet static
address 10.0.10.1
masklen 24
broadcast 10.0.10.255
talon: -root-
# ip addr show
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: dummy0: <BROADCAST,NOARP> mtu 1500 qdisc noop
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:d0:b7:90:83:21 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.1/24 brd 192.168.0.255 scope global eth0
4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:90:27:58:e2:dd brd ff:ff:ff:ff:ff:ff
inet 10.0.10.1/24 brd 10.0.10.255 scope global eth1
5: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1492 qdisc pfifo_fast qlen 3
link/ppp
inet 220.240.4.189 peer 203.194.30.234/32 scope global ppp0
talon: -root-
# ip route show
203.194.30.234 dev ppp0 proto kernel scope link src 220.240.4.189
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.1
10.0.10.0/24 dev eth1 proto kernel scope link src 10.0.10.1
239.0.0.0/8 dev eth1 scope link
default via 203.194.30.234 dev ppp0
My shorewall settings.
/etc/shorewall/zones
dsl dsl ADSL Modem
net Net Internet
upnp UPNP UPNP Network
loc Local Local Networks
/etc/shorewall/interfaces
net ppp0 - routefilter
dsl eth0 192.168.0.255
loc eth1 detect routestopped
/etc/shorewall/policy
loc dsl ACCEPT
fw dsl ACCEPT
fw upnp ACCEPT
net all DROP ULOG
all all REJECT ULOG
/etc/shorewall/rfc1918
#SUBNET TARGET
192.168.0.1 RETURN
192.168.0.2 RETURN
#
255.255.255.255 RETURN # We need to allow limited broadcast
169.254.0.0/16 DROP # DHCP autoconfig
172.16.0.0/12 logdrop # RFC 1918
192.0.2.0/24 logdrop # Example addresses
192.168.0.0/16 logdrop # RFC 1918
...............<snip>
I have tried all combinations I could come up with in my rules file,
I tried to DNAT my loc to dsl I tried redirecting my loc to dsl and still
can't seem to get it to work.
If anyone could point me in the right direction or help me out I would be
greatly appreciated.
Best regards
Adam
_________________________________________
Genis-X Webmail, http://www.genis-x.com
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
