Hi... I need your help, how permit trafic smtp pop or imap via router cisco and route static in the shorewall, localy the fw -> loc the connection work fine, but other ip-address (lan internal) the message indicate this: Aug 4 15:18:12 www kernel: Shorewall:FORWARD:REJECT:IN=eth1 OUT=eth1 SRC=IP_INTERNAL DST=IP_VIA_VPN LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=51569 DF PROTO=TCP SPT=1039 DPT=110 WINDOW=65535 RES=0x00 SYN URGP=0 SRC=IP_INTERNAL for example 192.168.100.45 DST=IP_VIA_VPN for example 10.10.10.45 Thanks -- Darcy Roberto Ganga System Engineer and Technical Software SYA Consultores de Chile S.A mailto:dganga@syachile.cl http://www.syachile.cl Phone:56-2-9401500 Direct:56-2-9401560 Key fingerprint = 91 4F 1F 11 89 E4 84 25 36 0B 92 E6 E6 91 8D 3F 47 05 36 EC User #290674 counter.li.org
Hi Darcy, On Mon, 2003-08-04 at 12:49, Darcy Ganga wrote:> Hi... > > > I need your help, how permit trafic smtp pop or imap via router cisco > and route static in the shorewall, localy the fw -> loc the connection > work fine, but other ip-address (lan internal) the message indicate > this: > Aug 4 15:18:12 www kernel: Shorewall:FORWARD:REJECT:IN=eth1 OUT=eth1 > SRC=IP_INTERNAL DST=IP_VIA_VPN LEN=48 TOS=0x00 PREC=0x00 TTL=127 > ID=51569 DF PROTO=TCP SPT=1039 DPT=110 WINDOW=65535 RES=0x00 > SYN URGP=0 > > SRC=IP_INTERNAL for example 192.168.100.45 > DST=IP_VIA_VPN for example 10.10.10.45What version of Shorewall are you running? -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On Mon, 2003-08-04 at 14:03, Darcy Ganga wrote:> I use this version: > shorewall-1.4.2-1Then try setting the ''routeback'' option on eth1 in /etc/shorewall/interfaces. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On Mon, 2003-08-04 at 14:22, Darcy Ganga wrote:> Yes!!!!!!... > > > now work fine!!!!!!! :-) > > > Very thanks Tom... >You''re welcome, Darcy -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net