Hi
Have tried all I can think of but still unable to get to get it to
work,
IP_FORWARDING=ON
ADD_IP_ALIASES=Yes
my version 2 system is ok and have used the same settings as there, and
the start dialogue says the> IPv4 Forwarding Enabled
Am i missing something?
Regards Frank
> root@server:~# shorewall restart
> Compiling...
> Processing /etc/shorewall/shorewall.conf...
> Loading Modules...
> Compiling /etc/shorewall/zones...
> Compiling /etc/shorewall/interfaces...
> Determining Hosts in Zones...
> Preprocessing Action Files...
> Compiling ...
> Pre-processing /usr/share/shorewall/action.Drop...
> Pre-processing /usr/share/shorewall/action.Reject...
> Compiling /etc/shorewall/policy...
> Adding rules for DHCP
> Compiling Kernel Route Filtering...
> Compiling Martian Logging...
> Compiling /etc/shorewall/masq...
> WARNING: Using an interface as the masq SOURCE requires the
> interface to be up and configured when Shorewall starts/restarts :
> /etc/shorewall/masq (line 1)
> Compiling MAC Filtration -- Phase 1...
> Compiling /etc/shorewall/rules...
> Generating Transitive Closure of Used-action List...
> Processing /usr/share/shorewall/action.Reject for chain Reject...
> Compiling ...
> Processing /usr/share/shorewall/action.Drop for chain Drop...
> Compiling MAC Filtration -- Phase 2...
> Applying Policies...
> Generating Rule Matrix...
> Creating iptables-restore input...
> Compiling iptables-restore input for chain mangle:...
> Shorewall configuration compiled to /var/lib/shorewall/.restart
> Restarting Shorewall....
> WARNING: default route ignored on interface eth1
> Initializing...
> Setting up Route Filtering...
> Setting up Martian Logging...
> Preparing iptables-restore input...
> Running /sbin/iptables-restore...
> IPv4 Forwarding Enabled
> done.
------------------------------------------------------------------------------
WhatsUp Gold - Download Free Network Management Software
The most intuitive, comprehensive, and cost-effective network
management toolset available today. Delivers lowest initial
acquisition cost and overall TCO of any competing solution.
http://p.sf.net/sfu/whatsupgold-sd
On May 2, 2011, at 10:47 PM, Frank Richards wrote:> Hi > > Have tried all I can think of but still unable to get to get it to > work, > IP_FORWARDING=ON > > ADD_IP_ALIASES=Yes > > my version 2 system is ok and have used the same settings as there, and > the start dialogue says the >> IPv4 Forwarding Enabled > > > Am i missing something? > > Regards Frank > >> root@server:~# shorewall restart >> Compiling... >> Processing /etc/shorewall/shorewall.conf... >> Loading Modules... >> Compiling /etc/shorewall/zones... >> Compiling /etc/shorewall/interfaces... >> Determining Hosts in Zones... >> Preprocessing Action Files... >> Compiling ... >> Pre-processing /usr/share/shorewall/action.Drop... >> Pre-processing /usr/share/shorewall/action.Reject... >> Compiling /etc/shorewall/policy... >> Adding rules for DHCP >> Compiling Kernel Route Filtering... >> Compiling Martian Logging... >> Compiling /etc/shorewall/masq... >> WARNING: Using an interface as the masq SOURCE requires the >> interface to be up and configured when Shorewall starts/restarts : >> /etc/shorewall/masq (line 1) >> Compiling MAC Filtration -- Phase 1... >> Compiling /etc/shorewall/rules... >> Generating Transitive Closure of Used-action List... >> Processing /usr/share/shorewall/action.Reject for chain Reject... >> Compiling ... >> Processing /usr/share/shorewall/action.Drop for chain Drop... >> Compiling MAC Filtration -- Phase 2... >> Applying Policies... >> Generating Rule Matrix... >> Creating iptables-restore input... >> Compiling iptables-restore input for chain mangle:... >> Shorewall configuration compiled to /var/lib/shorewall/.restart >> Restarting Shorewall.... >> WARNING: default route ignored on interface eth1The above message indicates that there is a default route defined out of eth1 and that you have entered ''eth1'' in the SOURCE column of /etc/shorewall/interfaces (we can see that from the WARNING: above). If eth1 is really your internal (local) interface, then it should not have a default route defined. Otherwise, you may have the interfaces reversed. As always, the output of ''shorewall dump'' is most useful for trying to help you determine the exact cause. Please see http://www.shorewall.net/support.htm#Guidelines for information about how to collect a useful dump. Thanks, -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd
On 3/05/2011 9:58 PM, Tom Eastep wrote:> On May 2, 2011, at 10:47 PM, Frank Richards wrote: > >> Hi >> >> Have tried all I can think of but still unable to get to get it to >> work, >> IP_FORWARDING=ON >> >> ADD_IP_ALIASES=Yes >> >> my version 2 system is ok and have used the same settings as there, and >> the start dialogue says the >>> IPv4 Forwarding Enabled >> >> Am i missing something? >> >> Regards Frank >> >>> root@server:~# shorewall restart >>> Compiling... >>> Processing /etc/shorewall/shorewall.conf... >>> Loading Modules... >>> Compiling /etc/shorewall/zones... >>> Compiling /etc/shorewall/interfaces... >>> Determining Hosts in Zones... >>> Preprocessing Action Files... >>> Compiling ... >>> Pre-processing /usr/share/shorewall/action.Drop... >>> Pre-processing /usr/share/shorewall/action.Reject... >>> Compiling /etc/shorewall/policy... >>> Adding rules for DHCP >>> Compiling Kernel Route Filtering... >>> Compiling Martian Logging... >>> Compiling /etc/shorewall/masq... >>> WARNING: Using an interface as the masq SOURCE requires the >>> interface to be up and configured when Shorewall starts/restarts : >>> /etc/shorewall/masq (line 1) >>> Compiling MAC Filtration -- Phase 1... >>> Compiling /etc/shorewall/rules... >>> Generating Transitive Closure of Used-action List... >>> Processing /usr/share/shorewall/action.Reject for chain Reject... >>> Compiling ... >>> Processing /usr/share/shorewall/action.Drop for chain Drop... >>> Compiling MAC Filtration -- Phase 2... >>> Applying Policies... >>> Generating Rule Matrix... >>> Creating iptables-restore input... >>> Compiling iptables-restore input for chain mangle:... >>> Shorewall configuration compiled to /var/lib/shorewall/.restart >>> Restarting Shorewall.... >>> WARNING: default route ignored on interface eth1 > The above message indicates that there is a default route defined out of eth1 and that you have entered ''eth1'' in the SOURCE column of /etc/shorewall/interfaces (we can see that from the WARNING: above). If eth1 is really your internal (local) interface, then it should not have a default route defined. Otherwise, you may have the interfaces reversed.was an error in masq but problem still exists dump attached> As always, the output of ''shorewall dump'' is most useful for trying to help you determine the exact cause. Please see http://www.shorewall.net/support.htm#Guidelines for information about how to collect a useful dump. > > Thanks, > -Tom > > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > > > > ------------------------------------------------------------------------------ > WhatsUp Gold - Download Free Network Management Software > The most intuitive, comprehensive, and cost-effective network > management toolset available today. Delivers lowest initial > acquisition cost and overall TCO of any competing solution. > http://p.sf.net/sfu/whatsupgold-sd > > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd
On May 3, 2011, at 5:42 PM, Frank Richards wrote:> was an error in masq but problem still exists dump attachedAre you sure that the default gateway on the local system(s) is(are) set properly? (they should specify 192.168.0.220). I see no attempt to forward traffic from loc->net. -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd