On 07/03/2017 12:32 AM, Vieri Di Paola via Shorewall-users wrote: > > ________________________________ From: Tom Eastep > <[email protected]> > >> >> You have failed to enable IP forwarding on fw2. > > Sorry, my mistake. However, I'm still getting the same results after > setting up IP forwarding (no ICMP replies). I'm attaching 2 shorewall > dumps taken on the same shorewall system ("fw2" in my case). During > the first dump, I'm trying to ping to 8.8.8.8 from "fw1" with IP > addr. 172.168.0.1/10.215.144.91. During the second dump (swdump_7), > I'm trying to ping to 8.8.8.8 from 10.215.144.7 (a host's IP addr. > behind "fw1"). > > > I'm still seeing echo requests with tcpdump on "fw2" but no replies.
Sorry, but I'm not going to have time to look at these today. I'll try to get to them tomorrow. > > Pings from "fw2" to 8.8.8.8 work fine. >> No -- what error are you seeing? > > > Checking /etc/shorewall/providers... ERROR: Providers interfaces may > not specify 'routefilter' when USE_DEFAULT_RT=Yes > That error is expected as 'routefilter' causes Martians when USE_DEFAULT_RT=Yes. Use 'rpfilter' instead. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
