Ricardo Kleemann wrote:
On Thu, 2008-09-18 at 18:07 -0700, Tom Eastep wrote:Ricardo Kleemann wrote:On Thu, 2008-09-18 at 17:59 -0700, Tom Eastep wrote:Ricardo Kleemann wrote:I know packets are not being dropped so it's not shorewall that's blocking. I guess something's just not getting routed properly? If I can go net -> fw and fw -> dmz, why is the net -> dmz failing?What is the output of "shorewall show zones"?# shorewall show zones Shorewall 3.4.8 Zones at firewall - Fri Sep 19 01:02:15 UTC 2008 fw (firewall) net (ipv4) eth0:0.0.0.0/0 loc (ipv4) eth1:0.0.0.0/0 dmz (ipv4) eth2:0.0.0.0/0What is the setting of IP_FORWARDING in /etc/shorewall/shorewall.conf?It's set to On... :-/ Could it be because I have the fw connected directly to the server (rather than via switch)? I wouldn't think so since ping from the firewall (fw -> dmz) works... it's just from the net -> dmz that doesn't work...
We're going to need the output of "shorewall dump", collected as described at http://www.shorewall.net/support.htm#Guidelines
-Tom --Tom Eastep \ The ultimate result of shielding men from the effects of folly
\ is to fill the world with fools -- Herbert Spencer
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
