Re: [Shorewall-users] FW: DNAT Protocol 47

Tue, 16 Dec 2014 13:54:23 -0800 

Hello I'm not an expert, but your dump shows in Modules:

Modules
*
**ip_gre                  9575  0*
ip_set                 30977  1 xt_set
iptable_filter          2793  1
iptable_mangle          3349  1
iptable_nat             6051  1
iptable_raw             2264  0
ip_tables 17831 4 iptable_raw,iptable_nat,iptable_mangle,iptable_filter 
ipt_addrtype            2153  5
ipt_ah                  1247  0
ipt_CLUSTERIP           6796  0
ipt_ecn                 1507  0
ipt_ECN                 1955  0
ipt_LOG                 5845  7
ipt_MASQUERADE          2466  3
ipt_NETMAP              1832  0
ipt_REDIRECT            1840  0
ipt_REJECT              2351  4
ipt_ULOG               10765  0
*ip_tunnel              12693  1 ip_gre*

My 'rules' file shows a :

GRE/ACCEPT

line.

Hope this helps.
Nicolas


On 16/12/2014 20:45, Gary Phillips wrote:

  I have used various versions of shorewall on older Linux servers with great 
success.
  I have recently replaced one of our old servers with CentOS 6.6 and installed 
Shorewall 4.5.4 from the epel repo.
  Please find attached the Shorewall dump file as requested on your support page

When I try and use a DNAT rule to forward pptp traffic to a Microsoft ras 
server (which was working in a previous version) The client connects and 
authenticates on port 1723 and a VPN session is established but no protocol 47 
traffic is recorded by Shorewall  and I am unable to communicate with any 
computers on the local network.

Client source ip (in the dump) 85.255.233.8

Shorewall server eth0 (net) 157.228.196.187
Shorewall server eth1 (loc) 10.1.0.6

Microsoft RAS server 10.1.0.10

I have also opened the L2TP ports but the same happens, I connect and 
authenticate but no traffic is send over protocol 50

Any help would be greatly appreciated
  Gary




------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to