Shorewall users - Oct 2004 - DNAT not working anymore

Heya guys and gals,

I had a shorewall 1.4.x running on my router and somehow it decided to
stop working.

I didn''t really change something, it just stopped working really.
Anyway, here the info that is asked for on the support page at first:

# shorewall version
2.0.9

# ip addr show
1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:60:08:cb:a5:19 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.1/24 brd 192.168.0.255 scope global eth0
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:01:03:42:da:6b brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.10/24 brd 10.0.0.255 scope global eth1
4: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1492 qdisc pfifo_fast qlen 3
    link/ppp 
    inet 80.130.189.182 peer 217.5.98.30/32 scope global ppp0

# ip route show
217.5.98.30 dev ppp0  proto kernel  scope link  src 80.130.189.182 
10.0.0.0/24 dev eth1  scope link 
192.168.0.0/24 dev eth0  scope link 
127.0.0.0/8 dev lo  scope link 
default via 217.5.98.30 dev ppp0

I got the following DNAT entry in my rules file:

DNAT            net             loc:192.168.0.3         tcp     2499
DNAT            net             loc:192.168.0.3         udp     2499

and get the following message in my logfiles

Oct 17 22:09:17 router kernel: Shorewall:rfc1918:DROP:IN=ppp0 OUT=eth0
SRC=83.135.74.*** DST=192.168.0.3 LEN=1315 TOS=0x00 PREC=0x00 TTL=57
ID=53170 DF PROTO=UDP SPT=1026 DPT=2499 LEN=1295 

Any pointers in the right dorection or help is greatly appreciated.
Thanks in advace
-Nec

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Necarus wrote:
> I had a shorewall 1.4.x running on my router and somehow it decided to
> stop working.
>
> I didn''t really change something, it just stopped working really.
> Anyway, here the info that is asked for on the support page at first:
>
> and get the following message in my logfiles
>
> Oct 17 22:09:17 router kernel: Shorewall:rfc1918:DROP:IN=ppp0 OUT=eth0
> SRC=83.135.74.*** DST=192.168.0.3 LEN=1315 TOS=0x00 PREC=0x00 TTL=57
> ID=53170 DF PROTO=UDP SPT=1026 DPT=2499 LEN=1295
>
This question gets asked every week and the answer is still the same --
you need to update your rfc1918 file; see http://shorewall.net/errata.htm.

- -Tom
- --
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBcsYzO/MAbZfjDLIRAnBsAJ9fpETB/pZRxxqxON4o5yVpOdnTIACeJQhz
q/kUBKvJGtREYXy3JwOLEts=mtLU
-----END PGP SIGNATURE-----