[leaf-user] Portforwarding error

Sat, 17 Jul 2004 21:10:28 -0700 

Hi,

I helped a friend of mine to have his Web Server running on DMZ network. It used to work OK until now. I just know that he has changed his network card on the Web Server machine, but everything seems fine when he accesses his machine locally. I can also access that machine via OpenVPN.

I looked and I saw the corresponding rule in /etc/shorewall/rules

DNAT    net     dmz:$WIN2K   tcp   www - $ETH0_IP

'tcpdump' reports the following when I do a web request to his Web Server:

request-in:

20:53:58.122175 h0004ac37ca95.ne.client2.attbi.com.2776 > 10.0.18.201.www: S 431139811:431139811(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)

replies-out:

20:53:58.122402 10.0.18.201.www > h0004ac37ca95.ne.client2.attbi.com.2776: S 2205133957:2205133957(0) ack 431139812 win 65535 <mss 1460,nop,nop,sackOK> (DF)
20:54:01.045846 h0004ac37ca95.ne.client2.attbi.com.2776 > 10.0.18.201.www: S 431139811:431139811(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
20:54:01.046012 10.0.18.201.www > h0004ac37ca95.ne.client2.attbi.com.2776: . ack 1 win 65535 (DF)
20:54:01.088418 10.0.18.201.www > h0004ac37ca95.ne.client2.attbi.com.2776: S 2205133957:2205133957(0) ack 431139812 win 65535 <mss 1460,nop,nop,sackOK> (DF)
20:54:07.054606 h0004ac37ca95.ne.client2.attbi.com.2776 > 10.0.18.201.www: S 431139811:431139811(0) win 16384 <mss 1460,nop,nop,sackOK> (DF)
20:54:07.054771 10.0.18.201.www > h0004ac37ca95.ne.client2.attbi.com.2776: . ack 1 win 65535 (DF)
20:54:07.096386 10.0.18.201.www > h0004ac37ca95.ne.client2.attbi.com.2776: S 2205133957:2205133957(0) ack 431139812 win 65535 <mss 1460,nop,nop,sackOK> (DF)

where '10.0.18.201' is his DMZ Web Server address, and 'h0004ac37ca95.ne.client2.attbi.com' is my public IP. So it indicates that I can send request to him, then his server sent replies, however I got nothing and eventually I got error in my browser.

What could be a problem?

Thank you.

M Lu.



-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to