If you want to accept traffic from the wan zone, add a policy before the wan
all DROP info line:
wan fw ACCEPT
wan all DROP info
OR add a rule:
SECTION NEW
ACCEPT wan:192.168.1.1 fw tcp http
Bill
On 12/12/2017 2:36 PM, jamby wrote:
Bill
Made those changes and attached the new files. Still not getting it to work.
Dec 12 11:19:19 nub3 kernel: Shorewall:wan-fw:REJECT:IN=enp4s0 OUT= MAC=00:18:f8:0c:9e:a6:b4:75:0e:39:a6:c4:08:00
SRC=192.168.1.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=56014 DF PROTO=TCP SPT=41759 DPT=80 WINDOW=5840 RES=0x00
SYN URGP=0
Dec 12 11:19:19 nub3 kernel: Shorewall:wan-fw:REJECT:IN=enp4s0 OUT= MAC=00:18:f8:0c:9e:a6:b4:75:0e:39:a6:c4:08:00
SRC=192.168.1.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=26910 DF PROTO=TCP SPT=43434 DPT=80 WINDOW=5840 RES=0x00
SYN URGP=0
Dec 12 11:20:19 nub3 kernel: Shorewall:wan-fw:REJECT:IN=enp4s0 OUT= MAC=00:18:f8:0c:9e:a6:b4:75:0e:39:a6:c4:08:00
SRC=192.168.1.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=650 DF PROTO=TCP SPT=58137 DPT=80 WINDOW=5840 RES=0x00 SYN
URGP=0
Dec 12 11:20:19 nub3 kernel: Shorewall:wan-fw:REJECT:IN=enp4s0 OUT= MAC=00:18:f8:0c:9e:a6:b4:75:0e:39:a6:c4:08:00
SRC=192.168.1.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=7580 DF PROTO=TCP SPT=38121 DPT=80 WINDOW=5840 RES=0x00
SYN URGP=0
Dec 12 11:20:19 nub3 kernel: Shorewall:wan-fw:REJECT:IN=enp4s0 OUT= MAC=00:18:f8:0c:9e:a6:b4:75:0e:39:a6:c4:08:00
SRC=192.168.1.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14461 DF PROTO=TCP SPT=45742 DPT=80 WINDOW=5840 RES=0x00
SYN URGP=0
Dec 12 11:26:18 nub3 kernel: Shorewall:wan-fw:REJECT:IN=enp4s0 OUT= MAC=00:18:f8:0c:9e:a6:b4:75:0e:39:a6:c4:08:00
SRC=192.168.1.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=45571 DF PROTO=TCP SPT=41082 DPT=80 WINDOW=5840 RES=0x00
SYN URGP=0
Dec 12 11:26:18 nub3 kernel: Shorewall:wan-fw:REJECT:IN=enp4s0 OUT= MAC=00:18:f8:0c:9e:a6:b4:75:0e:39:a6:c4:08:00
SRC=192.168.1.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=4613 DF PROTO=TCP SPT=35884 DPT=80 WINDOW=5840 RES=0x00
SYN URGP=0
Dec 12 11:26:18 nub3 kernel: Shorewall:wan-fw:REJECT:IN=enp4s0 OUT= MAC=00:18:f8:0c:9e:a6:b4:75:0e:39:a6:c4:08:00
SRC=192.168.1.1 DST=192.168.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=27356 DF PROTO=TCP SPT=40756 DPT=80 WINDOW=5840 RES=0x00
SYN URGP=0
On 12/12/2017 11:02 AM, Bill Shirley wrote:
For Red Hat based systems, yes remove GATEWAY= from
/etc/sysconfig/network and /etc/sysconfig/network-scripts/ifcfg-enp3s0
Ensure that there is a:
GATEWAY=192.168.1.1
DEFROUTE=yes
in /etc/sysconfig/network-scripts/ifcfg-enp4s0
Bill
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
