Today I upgraded our existing SuSE 7.2 firewall running shorewall 1.1.11 to Debian Woody running shorewall 1.4.8. Modified the configuration files a bit to make the changed shorewall happy (e.g. no "routestopped" parameter in "interfaces"). After that I surfed straight to http:://grc.com (Shields UP!) and let it shoot at my firewall. Our network is connected to the internet via a PPPoE Modem (ppp0). The internal network address is 172.20.0/24. Does anybody have a suggestion what I made wrong? I attached my complete setup of shorewall, the output of shorewall when starting and the Shields UP results. Thanks a lot in advance Xela
On Thursday 08 January 2004 07:39 am, Alexander Mueller wrote:> Today I upgraded our existing SuSE 7.2 firewall running shorewall > 1.1.11 to Debian Woody running shorewall 1.4.8. > > Modified the configuration files a bit to make the changed shorewall > happy (e.g. no "routestopped" parameter in "interfaces"). > > After that I surfed straight to http:://grc.com (Shields UP!) and let > it shoot at my firewall. > > Our network is connected to the internet via a PPPoE Modem (ppp0). The > internal network address is 172.20.0/24. > > Does anybody have a suggestion what I made wrong? > I attached my complete setup of shorewall, the output of shorewall > when starting and the Shields UP results. > > Thanks a lot in advance > XelaAlex -- please read the FAQs (#4*). Also note that this question gets asked at least once a week on the mailing lists so I have surrendered and changed the default behavior of Shorewall in 1.4.9 (Beta 2 is available) so I don''t have to answer this question anymore. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Hi Xela On Thu, 08 Jan 2004 16:39:01 +0100, Alexander Mueller <Alexander.Mueller@littleblue.de> wrote:> Does anybody have a suggestion what I made wrong?I''m sorry Xela. I don''t understand what the problem is. Everything you posted looks fine to me. What problem are you having? regards Julian -- jc@ljchurch.co.uk www.ljchurch.co.uk
Thanks a lot, Julian! Tom already answered my question. The solution lies in the file "common.def"... Xela Julian Church wrote:> Hi Xela > > On Thu, 08 Jan 2004 16:39:01 +0100, Alexander Mueller > <Alexander.Mueller@littleblue.de> wrote: > >> Does anybody have a suggestion what I made wrong? > > > I''m sorry Xela. I don''t understand what the problem is. Everything you > posted looks fine to me. > > What problem are you having? > > regards > > Julian