Shorewall users - Mar 2006 - Issue with Shorewall on a Fedora Core 4 box - Linux box unable to view web pages when Shorewall is activated

Hi all -

I''m a newbie to Linux and still working my way around the mechanics of
the operating system.

Anyway, I have Shorewall installed on a Fedora Core 4 OS and what is
happening is this:

If Shorewall is closed, the fedora core 4 box can access the Internet
while the PCs behind that tower can''t (which makes sense.)

However, if Shorewall is running on the fedora core 4 box, it''s the
exact opposite, which doesn''t make sense. Firefox returns a
"Connection
was refused when attempting to contact www."whatever-web-site".com,
for
example.

I''m assuming the fedora core 4 box should be able to access the
Internet
regardless of the state of Shorewall. 

I must be missing a simple parameter somewhere.

Let me know what could be missing, and whatever file outputs you need
from me.

Best, 
Michael Lopez
miguelon@mindspring.com


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642

This is what you said Michael Lopez
> Hi all -
>
> I''m a newbie to Linux and still working my way around the
mechanics of
> the operating system.
>
> Anyway, I have Shorewall installed on a Fedora Core 4 OS and what is
> happening is this:
>
> If Shorewall is closed, the fedora core 4 box can access the Internet
> while the PCs behind that tower can''t (which makes sense.)
>
> However, if Shorewall is running on the fedora core 4 box, it''s
the
> exact opposite, which doesn''t make sense. Firefox returns a
"Connection
> was refused when attempting to contact
www."whatever-web-site".com, for
> example.
>
> I''m assuming the fedora core 4 box should be able to access the
Internet
> regardless of the state of Shorewall.
>
> I must be missing a simple parameter somewhere.
>
> Let me know what could be missing, and whatever file outputs you need
> from me.
If your policy for firewall to internet is drop/reject then your firewall
would not be able to get to the internet.  Check your policy file.  If you
want your firewall to be able to access the internet make sure your policy
from firewall to internet is allow.


-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642

Scott Ruckh wrote:
> ...
>>However, if Shorewall is running on the fedora core 4 box, it''s
the
>>exact opposite, which doesn''t make sense. Firefox returns a
"Connection
>>was refused when attempting to contact
www."whatever-web-site".com, for
>>example.
>>
>>I''m assuming the fedora core 4 box should be able to access the
Internet
>>regardless of the state of Shorewall.
>>...
> 
> If your policy for firewall to internet is drop/reject then your firewall
> would not be able to get to the internet.  Check your policy file.  If you
> want your firewall to be able to access the internet make sure your policy
> from firewall to internet is allow.
If you pick up a recent version of the sample configurations, this
should be spelled out fairly explicitly.  The latest SVN version of the
samples can be found at:
    http://svn.sourceforge.net/viewcvs.cgi/shorewall/trunk/Samples/

Paul



-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642