Hi, I have configured shorewall to use multiple IP addresses at one NIC. Everything works fine from internet (web servers and etc. works fine), but when I try to reach website from internal network, it doesn''t go to the right web server. eth1 is adapter to internet, eth0 is adapter for internal network. Here is nat file: #EXTERNAL INTERFACE INTERNAL ALL INTERFACES LOCAL x.x.x.2 eth1 192.168.1.3 No No x.x.x.3 eth1 192.168.1.4 No No And here is part of rules file: ACCEPT net loc:192.168.1.3 tcp www ACCEPT net loc:192.168.1.4 tcp www Do I have to add some other ACCEPT rules like from loc to loc etc like: ACCEPT loc loc:192.168.1.4 tcp www?!? Best Regards, Ville ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
Ville Virtanen wrote:> > I have configured shorewall to use multiple IP addresses at one NIC. > Everything works fine from internet (web servers and etc. works fine), but > when I try to reach website from internal network, it doesn''t go to the > right web server. eth1 is adapter to internet, eth0 is adapter for > internal network. Here is nat file: > > #EXTERNAL INTERFACE INTERNAL ALL INTERFACES LOCAL > x.x.x.2 eth1 192.168.1.3 No No > x.x.x.3 eth1 192.168.1.4 No NoYou must specify ''Yes'' in the ALL INTERFACES column AND you need the additional ACCEPT rules. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net''s Techsay panel and you''ll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV