Philipp Rusch wrote: > Hello Tom, > > now here's my dump file as .zip attachment, but named .txt, because the > list-server rejected the .zip, > then my second try (uncompressed) was rejected because of the size. > What I was doing is connecting from remote side of an ipsec tunnel > (behind gw 212.168.178.226), from > a windows machine with 192.168.246.20 to the firewall-system (remote ip > 217.19.188.182 / internal ip > is 192.168.115.254), using PuTTY as SSH-client. > I can login, but as soon as I start something that produces "traffic" > my session hangs (mc for example).
I don't see anything wrong with your Shorewall configuration. Incoming traffic is being sent through n012fw (correct) and output traffic is going through fw2n01 (also correct). TCPMSS setting appears to be working correctly, setting MSS to 1400 (two packets matched your TCPMSS output rule). Looks like you are going to have to analyze the problem with a packet sniffer. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
