Tom Eastep
2003-Feb-09 14:00 UTC
[Shorewall-users] Re[2]: [Shorewall-devel] Re[2]: Help with Shorewall configuration using a static IP
--On Monday, February 10, 2003 3:18 AM +0530 Srinivasa R Kotu <kotu@ocimumbio.com> wrote:> Dear Tom, > > I have studied almost all the documentation on the shorewall site and > have created the required policy elements and rules to accomplish what > i want. But there is some error at some place which i am not able to > figure out. I am able to use the internet through squid proxy server > installed on the same server but not the other protocols. I am trying > to figure out whether my policy elements and rules are correctly > specified. I still can''t see any mistake in these. If there could be > other reasons which you may have come across you can help me solve it. >Do you have the default gateway set correctly on the local systems? -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net
Tom Eastep
2003-Feb-09 14:36 UTC
[Shorewall-users] Re[2]: [Shorewall-devel] Re[2]: Help with Shorewall configuration using a static IP
--On Monday, February 10, 2003 3:41 AM +0530 Srinivasa R Kotu <kotu@ocimumbio.com> wrote:> > Yes Tom, i have set the default gateway of all the internal machines > to the internal ip address of the firewall machine. I have another > machine on the LAN which acts as the DNS server and this machine has > another dialup internet connection and resolves all DNS requests for > the LAN, both internal and external lookups. >a) You have both ACCEPT rules AND an ACCEPT policy for loc->net (although you only need one or the other). b) You believe your routing is correct. c) The shorewall.conf file that you posted to me privately has IP_FORWARDING=Yes. Assuming that you don''t have DNS problems, I can''t think of anything else... -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ teastep@shorewall.net