On 3/16/2017 2:09 AM, Adam Cécile wrote: > Hey, > > Can you make sure you have set IP_FORWARDING=Yes in shorewall.conf ? > > Adam > > On March 16, 2017 6:23:22 AM GMT+01:00, Ryan Joiner <[email protected]> > wrote: > > On 3/15/2017 10:02 PM, Simon Matter wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > On 03/15/2017 06:28 PM, Ryan Joiner wrote: > > Ahh, I do see that and that would definitely be a problem. > > What's odd though is I copied and pasted it from the > sample file > and I'm pretty sure it was not incorrect. Maybe that is the > problem. > > I just left the office and will check this out first > thing in the > morning. Maybe it's an issue with the CentOS RPM or I'm > just a > moron. The latter has a higher probability. :0 > > > > Unfortunately, there is a typo in the two-interface snat > sample -- the > three-interface file is correct. > > > Sorry, I remember how the typo came in but didn't report it :( > > Regards, > Simon > > > > > Oh ok. So, full disclosure on both this CentOS6 machine and the CentOS > 7 one I had done a few days ago, I did manually type in: > > MASQUERADE 192.168.0.0/16 <http://192.168.0.0/16> eth0 > > and it still didn't work. That is when I went to go try the sample file > just in case I was completely blind and not seeing what I was doing wrong. > > Either way I will make the correction, and then report back and provide > a dump. > > Thanks everyone! > > Cheers, > Ryan > > ------------------------------------------------------------------------ > > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org <http://Slashdot.org>! > http://sdm.link/slashdot > ------------------------------------------------------------------------ > > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users > > > -- > Envoyé de mon téléphone Android avec K-9 Mail. Excusez la brièveté.
Adam, That setting was it! The IP_FORWARDING was set to Keep rather than ON. Does anyone know when that became a requirement to set? And why that changed? Just curious. I apologize for not paying attention as I'm sure that was announced somewhere. Thanks to all! Ryan ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
