Hi,
I'm running shorewall 2.4.7 and I'm having trouble getting it to work
properly. I've been working with an older version of shorewall on another
leaf box for a couple of years now, without any problems.
I have this in /etc/shorewall/nat
aa.bb.cc.dd eth0 192.168.111.247 no
no
and in /etc/shorewall/rules I have (the AllowWeb entries are just to make
sure port 80 is totally open, I wasn't sure since I was having problems):
AllowWeb loc fw
AllowWeb net fw
AllowWeb net loc
AllowWeb fw loc
DNAT net loc:192.168.111.247 tcp 80 - aa.bb.cc.dd
from the fw itself I can get to the local network no problem, "nc
192.168.111.247 80" works fine.
However, from the outside, I can never connect to aa.bb.cc.dd. Neither
through a browser, nor through a simple telnet to port 80 of aa.bb.cc.dd
I've always simply added the DNAT entries and they worked. But I don't know
what's wrong with this setup. There is nothing in /var/log/shorewall.log
showing DROP or REJECT to port 80.
Of course, the firewall is properly responding to the aa.bb.cc.dd IP, since
I can ssh into it. But trying to connect to port 80 fails.
The same setup works fine in an older version of shorewall, but I don't know
what I'm doing wrong with this version.
Any pointers would be greatly appreciated. Thanks!
Ricardo
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/
