Hello everyone,
I use shorewall for years. I'm installing a new server today and have
some troubles having Shorewall working exactly the way I want.
I have the following Network:
FTTH (Orange) == ONT (fiber to ethernet) ==[eth0->vlan835->ppp0] Server
(Linux Debian Wheezy) [br0 (eth2/wlan0)]== switch == LAN
I want to allow my LAN to go on internet. I used the "two-interfaces"
example as startup base.
At boot, masquerading does not work. To make it work, I have to do:
shorewall clear && shorewall start
After these commands, everything works fine.
I have several bridges and VLANs set up :
# brctl show
bridge name bridge id STP enabled interfaces
br0 8000.78542e06ca4e no eth2
wlan0
video 8000.002590c50933 no eth3
vlan838
vlan839
vlan840
vlan841
br0 provides network for both wireless and wired clients.
video is a very specific bridge to enable Orange TV without their
proprietary box.
/etc/shorewall/masq:
ppp0 192.168.1.0/24
part of /etc/network/interfaces:
iface vlan835 inet manual
vlan-raw-device eth0
My ppp connection:
# egrep -v "^$|^#" /etc/ppp/peers/orange
pty "/usr/sbin/pppoe -I vlan835 -T 80 -m 1452"
noipdefault
usepeerdns
defaultroute
hide-password
lcp-echo-interval 20
lcp-echo-failure 3
connect /bin/true
noauth
persist
mtu 1492
noaccomp
default-asyncmap
plugin rp-pppoe.so
user "myusername_here"
I compared results of following commands, they have the same output
before and after the clear & start.
- iptables -L -n
- netstat -rtp
- lsmod
What should I check to identify why Shorewall does not behave the same
way at boot and after the full boot process occured?
Best regards.
Jerome Blion.
------------------------------------------------------------------------------
DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps
OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access
Free app hosting. Or install the open source package on any LAMP server.
Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native!
http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
