Shorewall users - Nov 2002 - Use SSH from Internet

Hi all

I have tried to get ssh accesible from the internet address but with little
luck.I have allowed port 22 from the net to the firewall with this rule

ACCEPT    net    fw    tcp    22

I have also activated the policy allowing the firewall to access the internet in
the policy file.

Is there another rule i have to add? Also is it possible to allow ssh access
from the net without activating the fw to net policy in the policy config file?

thanks for you assistance

Quentin

--On Tuesday, November 05, 2002 4:16 PM +0200 Quentin 
<qtockar@myiafrica.com> wrote:
>
> Hi all
>
> I have tried to get ssh accesible from the internet address but with
> little luck.I have allowed port 22 from the net to the firewall with this
> rule
> ACCEPT    net    fw    tcp    22
>
> I have also activated the policy allowing the firewall to access the
> internet in the policy file.
> Is there another rule i have to add?
No.
> Also is it possible to allow ssh
> access from the net without activating the fw to net policy in the policy
> config file?
Yes.
> thanks for you assistance
You don''t say whether SSH worked with the ALLOW fw->net policy; if
it did
then, are you allowinging fw->net DNS lookups? If not, you should be. If 
you are allowing such lookups, are there any Shorewall messages in your 
firewall''s log when you try to connect?

-Tom
--
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net