Michael Albøg Olsen
2003-Apr-03 12:01 UTC
[Shorewall-users] Adding a static route in Shorewall
I hope any of you shorewall freaks would be able to help me with my problem. First a little network description: I have two zones: WAN net = eth0 (One IP address from my Internet Service Provider) LAN loc = eth1 (192.168.23.0/24) Default gateway (the Internet) for the local clients are 192.168.23.2 (the IP address of eth1) I have used all the guides at the homepage of Shorewall, and thereby configured a fully working Firewall/NAT linux box, so the basic installation is works fine. My problem is that I have a special application running on each client. The application is using an old Frame Relay line (192.168.23.1) to get connection to a shared database. So what I need is to add a static route on my Shorewall box (IP kernel routing table), like: rip:~# route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.23.1 eth1 How do I implement this in the Shorewall configuration ?? I have tried to add it manually, but after that Shorewall REJECT packet coming from my client, when passing the Shorewall box. Best regards Michael Olsen Denmark
Michael Albøg Olsen
2003-Apr-03 12:05 UTC
[Shorewall-users] Adding a static route in Shorewall
I hope any of you shorewall freaks would be able to help me with my problem. First a little network description: I have two zones: WAN net = eth0 (One IP address from my Internet Service Provider) LAN loc = eth1 (192.168.23.0/24) Default gateway (the Internet) for the local clients are 192.168.23.2 (the IP address of eth1) I have used all the guides at the homepage of Shorewall, and thereby configured a fully working Firewall/NAT linux box, so the basic installation is works fine. My problem is that I have a special application running on each client. The application is using an old Frame Relay line (192.168.23.1) to get connection to a shared database. So what I need is to add a static route on my Shorewall box (IP kernel routing table), like: rip:~# route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.23.1 eth1 How do I implement this in the Shorewall configuration ?? I have tried to add it manually, but after that Shorewall REJECT packet coming from my client, when passing the Shorewall box. Best regards Michael Olsen Denmark
On Thu, 2003-04-03 at 22:00, Michael Alb?g Olsen wrote:> I hope any of you shorewall freaks would be able to help me with my problem. > > First a little network description: > > I have two zones: > > WAN net = eth0 (One IP address from my Internet Service Provider) > LAN loc = eth1 (192.168.23.0/24) > > Default gateway (the Internet) for the local clients are 192.168.23.2 (the IP > address of eth1) > > I have used all the guides at the homepage of Shorewall, and thereby configured > a fully working Firewall/NAT linux box, so the basic installation is works fine. > > My problem is that I have a special application running on each client. The > application is using an old Frame Relay line (192.168.23.1) to get connection > to a shared database. > > So what I need is to add a static route on my Shorewall box (IP kernel routing > table), like: > > rip:~# route add -net 192.168.10.0 netmask 255.255.255.0 gw 192.168.23.1 eth1 > > How do I implement this in the Shorewall configuration ?? > > I have tried to add it manually, but after that Shorewall REJECT packet coming > from my client, when passing the Shorewall box. > > Best regards > Michael Olsen > Denmark > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: http://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm >Could you please post some more details to the list, about what packets are rejected by Shorewall, as well as relevant parts of your shorewal configuration files (interfaces,zones,policy,rules) It might help in solving your problem. Ad Koster