No good Tom, by mistake I've sent you the route ls of Host B, here is Host A:
$ sudo ip route ls default via 222.222.7.225 dev eth0 10.0.1.0/24 dev vboxnet1 proto kernel scope link src 10.0.1.1 10.234.56.0/24 dev tun1 proto kernel scope link src 10.234.56.4 10.234.56.1 dev tun1 scope link src 10.234.56.4 222.222.7.224/27 via 222.222.7.225 dev eth0 222.222.7.224/27 dev eth0 proto kernel scope link src 222.222.7.238 192.168.61.0/24 dev vboxnet0 proto kernel scope link src 192.168.61.1 192.168.99.0/24 dev tun0 proto kernel scope link src 192.168.99.201 On Host A, i've set ROUTE_FILTER=No on shorewall.conf and /etc/shorewall/interfaces are like this now: #ZONE INTERFACE OPTIONS net eth0 dhcp,tcpflags,nosmurfs,routefilter,logmartians,sourceroute=0 vm0 vboxnet0 tcpflags,nosmurfs,routefilter,logmartians vm1 vboxnet1 tcpflags,nosmurfs,routefilter,logmartians vpn tun0 routeback,routefilter vpngw tun1 routeback,logmartians=0 Same behaviour, traffic from hosts on virtualbox network go through Host B to the internet and back to Host A but nothing is routed to the virtualbox network on vboxnet0. On 16 August 2015 at 00:46, Tom Eastep <[email protected]> wrote: > On 8/15/2015 4:27 PM, Tom Eastep wrote: > > On 8/15/2015 1:05 PM, Valter Santos wrote: > >> Tom, > >> > >> $ ip route ls > >> > >> default via 111.111.116.1 dev eth1 > >> 10.128.0.0/11 <http://10.128.0.0/11> dev eth0 proto kernel scope link > >> src 10.154.72.194 > >> 10.234.56.0/24 <http://10.234.56.0/24> dev tun0 proto kernel scope > >> link src 10.234.56.1 > >> 169.255.30.1 dev eth0 scope link > >> 111.111.116.0/22 <http://111.111.116.0/22> dev eth1 proto kernel > scope > >> link src 111.111.119.12 > >> 111.111.116.1 dev eth1 scope link > >> > > > > It appears that you have ROUTE_FILTER=Yes in shorewall.conf. Setting it > > to No should resolve your issue. > > > > That's on Host A, of course. You may wish to set the route_filter option > on the other interfaces (except for tun1). > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > > > ------------------------------------------------------------------------------ > > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > >
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
