On Mon, Apr 22, 2013 at 1:03 PM, Tom Eastep <[email protected]> wrote: > On 04/22/2013 08:37 AM, Ernesto Domato wrote: >> On Fri, Apr 19, 2013 at 4:55 PM, Tom Eastep <[email protected]> wrote: >>> >>> In /etc/shorewall/interfaces, make this change: >>> >>> kvm ovsbr0 detect routefilter=0,logmartians=0 >>> ---------------------------- >> >> Ok, I did this change on the firewall (the host machine that have the >> virtual one with the Squid) but it did no difference. >> >> Previous line was: >> >> kvm ovsbr0 detect >> routeback,logmartians,nosmurfs,routefilter,tcpflags >> >> Any other suggestion to try or way to debug the problem? :-) > > Are you seeing *any* messages in your system log (on either system) when > you try to connect? >
Ok, sorry for the late response, I didn't have time to debug this further in this last week. I don't see anything unusual on the logs. On the other hand, the test that I did today is to save the IPTABLES rules created by Shorewall to a file with "iptables-save > shorewall.rules". Then, I configured the machine to not start Shorewall at startup and reboot. When the machine comes up, I did "iptables-restore < shorewall.rules" and then configure the routing table to route the packets to the proxy and just turned on the ip_forward kernel flag and the transparent proxy worked as expected. So, I think that the problem that I'm having is maybe on some kernel parameter that Shorewall change. What did you suggest? Thanks. Ernesto ------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
