Tom Eastep wrote: > Here's the latest post from Florian. I can't spend any more time on this > today but hopefully someone else on the list can help.
This is one of those wacky configurations that was set up using the Mandrake Firewall GUI. It has both a 'loc' zone (eth0) and a 'masq' zone (eth1). The 'masq' zone is the only one that is getting masqueraded: > NAT Table ... > Chain POSTROUTING (policy ACCEPT 6843 packets, 541K bytes) > pkts bytes target prot opt in out source destination > 1 72 ppp_masq all -- * ppp+ 0.0.0.0/0 0.0.0.0/0 > Chain ppp_masq (1 references) > pkts bytes target prot opt in out source destination > 0 0 MASQUERADE all -- * * 192.168.10.0/24 0.0.0.0/0 192.168.10.0/24 is the 'masq' zone on eth1. Yet, I'm seeing traffic from the 'loc' zone. Florian claims that this thing just stopped working but I find it hard to believe that this ever worked. Florian -- if the hosts that cannot connect to the net are attached to eth0 then you need to add an entry for them in /etc/shorewall/masq. -Tom (who really *must* get to work) -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
