[leaf-user] problems with Shorwall

Jose Luis Abuelo Sebio Wed, 08 Oct 2003 14:36:47 -0700

Hey how is everybody doing?

 Let see if you can spot me here with my problem. I
use to work with Bering 1.2 for VLAN issues but now I
want to configure an old machine as a firewall using
the software shorewall which is include in Berig 1.2.


  I have downloaded the quick start guide for a simple
configuration, a local net conected to the firewall
(eth1) by a hub (local PCs and the firewall by eth1
are conected to the same hub) and the firewall
conected to the router (eth0) of course eth1 has the
net IP address of the local net and eh0 has the same
net IP address of the router. Also I have configurated
all the machines within the local net with their
gateway set with the  IP address of the local
interafce of the firewall (eth1) as it is said in the
quickstart guide of shorewall for two interfaces.

  I have the following policies:

 local net ACCEPT
 net   all DROP
 all   all REJCET

Them in the rules I have 
                                         PORT
RULE       Source     DEST      Proto    DEST
ACCEPT     fw         net       tcp      53
ACCEPT     fw         net       udp      53
# For ssh conection
ACCEPT     loc        fw        tcp      22

ACCEPT     loc        fw        icmp      8
ACCEPT     net        fw        icmp      8 
ACCEPT     fw         loc       icmp      8
ACCEPT     fw         net       icmp      8

ACCEPT     loc        fw        tcp       80
ACCEPT     loc        fw        udp       53

ACCEPT     loc        fw        tcp       4662
ACCEPT     net        fw        tcp       4662
ACCEPT     fw         net       tcp       4662
ACCEPT     fw         loc       tcp       4662

ACCEPT     net        fw        udp       4672
ACCEPT     loc        fw        udp       4672
ACCEPT     fw         net       udp       4672
ACCEPT     fw         loc       udp       4672

#SMTP mail
ACCEPT     loc        fw        tcp       25
ACCEPT     net        fw        tcp       25
ACCEPT     fw         net       tcp       25
ACCEPT     fw         loc        tcp      25

#POP mail
ACCEPT     loc        fw        tcp       110
ACCEPT     net        fw        tcp       110
ACCEPT     fw         net       tcp       110
ACCEPT     fw         loc        tcp      110




and in the Masq option of the Shorwall menu I have

#Interface          Subnet    Address
 eth0               eth1      192.168.10.106

Where 192.168.10.106 is teh ip address of eth0

   Because I am not giving any service I dont use the
NAT protocol, so my question is that from any computer
of the local
net I can ping the private interface of the router
(which is conected to the fw) and from the firewall I
can ping either the router or any local PC. But when I
try to open my web broser in any of my local PCs it
doesn“t work.

  So here is my question, with Bering 1.2 and it“s
shorewall, do I have to start the firewall with any
command? or does it get set up automaticly by it self
after the sistem is booted? if so, how can I get it
started?

Did I do anything wrong in my configuration of the
firewall or in the desing of the net?

Thanks for yor time falks


 


___________________________________________________
Yahoo! Messenger - Nueva versión GRATIS
Super Webcam, voz, caritas animadas, y mįs...
http://messenger.yahoo.es


-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] problems with Shorwall

Reply via email to