On 1/29/2018 5:36 PM, Bernard Drozd wrote: > Hi, > I'm new in the firewalls. > I'm trying to set up Shorewall on the newest testing ubuntu server 17.10 > in the most common configuration as firewall with two interfaces (and > WIFI). > http://shorewall.org/two-interface.htm
From what you describe below you should maybe use: http://shorewall.org/three-interface.htm > Unfortunately routing doesn't work... > Shorewall in it self does not do routing: http://shorewall.org/Shorewall_and_Routing.html#Routing > I've tried several different settings in my /etc/shorewall/snat > configuration file unfortunately without success. What did you try and what do you want? > I receive 192.168.15.145 IP address from my ISP (which is seen from the Is 192.168.15.145 the ip on the wan interface? > Internet/outside as 46.xxx.xxx.xxx public address. > I use tree network interfaces defined as static in the /etc/netplan > directory. > WAN: enp1s0 > LAN: enp3s0f1 > WLAN: wlp4s0 > I use isc-dhcp-server for LAN and WLAN and unbound package for WAN. > > Currently Shorewall service is disabled (and firewall/routing rules are j> defined in the /etc/network/if-up.d/firewall file) but I would like to > try Shorewall. See above for Shorewall and routing. You may want to disable any other firewall before starting Shorewall. > Please help me to set up routing in the Sharewall. > Using SSH please log on my testing machine and correct Shorewall settings. Setting up Shorewall for the first time requires local access incase you lose ssh access. -Matt -- Matt Darfeuille ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
