At this point I'm rather certain my issue is not specific to
shorewall, but likely something lower level that I have configured
wrong.
The box is running Proxmox (Debian Lenny basically) as the base.
eth0 is the outside interface connected to the ISP.
eth1 is the lan/bridge physical interface
On 7/9/10 9:22 PM, Mark D. Montgomery II wrote:
At this point I'm rather certain my issue is not specific to shorewall,
but likely something lower level that I have configured wrong.
The box is running Proxmox (Debian Lenny basically) as the base.
eth0 is the outside interface connected to the
Have you enabled ip forwarding (IP_FORWARDING=On in shorewall.conf)?
Yup.
If so, what is the MTU of eth0? If it is less than 1500 (Comcast has
been known to configure MTU=576 on their consumer DHCP setups), then try
setting CLAMPMSS=Yes in shorewall.conf.
Bingo!
That was it exactly.
I