On 2/17/11 12:05 PM, superchode . wrote: > > one more update as i continue to fumble through this. > > i'm using this guide to try and work through the issue: > > http://www.shorewall.net/FAQ.htm#faq1a > > under "(FAQ 1a) Okay -- I followed those instructions but it doesn't > work" it gives some instructions. > > the results of 'shorewall show nat' fit the following: "Is the packet > count in the first column non-zero? If so, the connection request is > reaching the firewall and is being redirected to the server. In this > case, the problem is usually a missing or incorrect default gateway > setting on the local system (the system you are trying to forward to > -- its default gateway should be the IP address of the firewall's > interface to that system)." > > so the DNAT lines are being applied, and are being redirected by the > router. sadly, they're not making it to my local machine at the > specified IP.
Are the counters in the corresponding rule in net2loc incrementing? > > i've tried manually setting my IP at the local machine as well, > explicitly setting the gateway as 192.168.1.254 (the bering > firewall)... and the net connection works just as well, but again no > redirected incoming traffic from the specified ports. > > it's difficult for me to see what i'm doing wrong. hopefully someone > can help. Time for another 'shorewall dump' collected as described at http://www.shorewall.net/support.htm#Guidelines Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb
------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
