> > When I run shorewall clear, I can connect to the FTP server from the > outside so it seems to be a Shorewall configuration issue for sure. > > A typical log entry when trying to connect looks like this: > > Dec 15 10:36:29 munged kernel: Shorewall:net2all:DROP:IN=eth0 OUT= > MAC=00:11:95:c5:29:43:00:90:1a:40:df:45:08:00 SRC=209.5.161.208 > DST=10.0.50.10 LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=52574 DF PROTO=TCP > SPT=34883 DPT=21 WINDOW=5840 RES=0x00 SYN URGP=0
Your report doesn't make a lot of sense. In particular, your statement that "When I run shorewall clear, I can connect to the FTP server from the outside" suggests that DNAT is not required. Do you have another router in front of the Shorewall box? -Tom ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
