Well, I did the upgrade and now I have had a total failure. None of the port forwarding is working, and trying to browse to any website times out (squid runs on the firewall) I can traceroute out, RPD out, etc.... I ended up with version 4.0.15 Should I try to remove it and go back to 3.3 or try to figure out what happened here? I changed no configs.. and I said no when the package manager asked if it could.
Mark Rutherford wrote: > Time to upgrade... I will do that. > I will have to see about getting newer packages (this is a Debian) > I guess I was bitten by a few bugs. > > I really appreciate the help guys. > > > Shorewall Guy wrote: > >> Mark Rutherford wrote: >> >> >>> I am seeing something here that may explain my troubles. >>> When you said that it was duplicated and I saw that it was in the >>> dump... it was not in the file. >>> I was changing it from one to the other but the entries in the file were >>> never there at the same time with the same priority. >>> I don't know if this is getting cleared or not. >>> >>> >> Hell -- I should have noticed that you are using Shorewall 3.2. That old >> version works very badly when you are changing your configuration on the >> fly. >> >> >From the Shorewall 3.x Multi-ISP Documentation: >> >> Warning >> >> If you are running a Shorewall version prior to 3.4.0, entries >> in /etc/shorewall/providers permanently alter your >> firewall/gateway's routing; that is, the effect of these changes >> is not reversed by shorewall stop or shorewall clear. To restore >> routing to its original state, you may have to restart your >> network. This can usually be done by /etc/init.d/network restart >> or /etc/init.d/networking restart. Check your distribution's >> networking documentation. >> >> >> >>> I rebooted the system and left it with the values as suggested and it >>> seems to be working fine now.... >>> Traffic is going out over Twc and port forwarding to the inside is >>> working over both isps so I am at a loss. >>> >>> >> >> >>> Should the system be rebooted whenever working with these rules? >>> >>> >> See above. >> >> You really should consider upgrading to Shorewall 4 and switching to >> Shorewall-perl. See the Shorewall Download page for a source of Debian >> Etch packages. >> >> >> ------------------------------------------------------------------------------ >> _______________________________________________ >> Shorewall-users mailing list >> Shorewall-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/shorewall-users >> >> > > > ------------------------------------------------------------------------------ > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users > ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
