Hi Tom,
=09I have an interesting problem. Using shoewall I cannot connect to ONE
remote server, zdnet.com , using either fqhn or URL@ 205.181.112.69. All
other sites seem to be ok. I can ping the URL. Yet, the problem is ONLY
with the gateway, all other machines can access the site, no problem.
Am using SuSE 8.0, Shorewall 1.3.5 w/2 interfaces defaults only slightly
modified. Policy =3D
loc=09=09net=09=09ACCEPT
#
# If you want open access to the internet from your firewall, uncomment the
# following line
fw=09=09net=09=09ACCEPT
net=09=09all=09=09DROP=09=09info
all=09=09all=09=09DROP=09=09info
I have 4 machines on 192.168.0.0/24 subnet.
Gateway is 192.168.0.1
eth0 to cable modem to Earthlink
my ip 24.206.105.52 dhcp
eth1 to subnet
The /var/log/firewall shows in part:
Jul 27 21:43:33 richard kernel: Shorewall:rfc1918:DROP:IN=3Deth0 OUT=3D
MAC=3Dff:ff:ff:ff:ff:ff:00:05:5f:e9:6c:54:08:00 SRC=3D10.55.96.1
DST=3D255.255.255.255 LEN=3D344 TOS=3D0x00 PREC=3D0x00 TTL=3D255 ID=3D30004
PROTO=3DUDP
SPT=3D67 DPT=3D68 LEN=3D324
Jul 27 21:43:49 richard kernel: Shorewall:rfc1918:DROP:IN=3Deth0 OUT=3D
MAC=3Dff:ff:ff:ff:ff:ff:00:05:5f:e9:6c:54:08:00 SRC=3D10.55.96.1
DST=3D255.255.255.255 LEN=3D344 TOS=3D0x00 PREC=3D0x00 TTL=3D255 ID=3D30018
PROTO=3DUDP
SPT=3D67 DPT=3D68 LEN=3D324
Jul 27 21:44:18 richard kernel: Shorewall:rfc1918:DROP:IN=3Deth0 OUT=3D
MAC=3Dff:ff:ff:ff:ff:ff:00:05:5f:e9:6c:54:08:00 SRC=3D10.55.96.1
DST=3D255.255.255.255 LEN=3D328 TOS=3D0x00 PREC=3D0x00 TTL=3D255 ID=3D30053
PROTO=3DUDP
SPT=3D67 DPT=3D68 LEN=3D308
Jul 27 21:44:26 richard kernel: Shorewall:rfc1918:DROP:IN=3Deth0 OUT=3D
MAC=3Dff:ff:ff:ff:ff:ff:00:05:5f:e9:6c:54:08:00 SRC=3D10.55.96.1
DST=3D255.255.255.255 LEN=3D328 TOS=3D0x00 PREC=3D0x00 TTL=3D255 ID=3D30060
PROTO=3DUDP
SPT=3D67 DPT=3D68 LEN=3D308
=09The first two entries are accessing another site. Next two are after
attempting to access the zdnet site. The error message is;
Could not connect to remote server.
=09What in the world am I doing wrong? Also why do I see all the info about the
SRC=3D10.55.96.1 and nothing about the ZDNET url? I recall seeing something in
one of the mail lists about this earlier but did not keep that one. Am I
looking in the right places for info?
=09Tom, do you need any volunteers to help you with the documentation??