Shorewall users - Aug 2003 - can''t set shorewall as gateway on PPTP connected Firewall

HI,

i can''t configure my PC with Debian Woody to make as gateway of my
local
network.

Just tried with many setting but no way :(

 

I have an ADSL Line with DYNAMIC IP assignment each time I connect on
internet

I have a Ethrnet Modem in PPTP connection, his IP is 192.168.1.1

I have a eth0 card connected on the ethernet modem with IP 192.168.1.2

I have a eth1 card connected to a HUB/Switch with my local network with IP
192.168.2.1 and all the local network has 192.168.2.* ip''s

 

The internet connection work OK, the only ting that now work is the
shorewall

 

I have:

1) installed the kernel 2.4.21 with the same options as:
http://www.shorewall.net/kernel.htm

2) installes the iproute package

3) installed the shorewall 1.4.6b with two interfaces files

4) Modified /etc/shorewall/zones, the full configuration now is:

#ZONE   DISPLAY         COMMENTS

modem  Modem           ADSL Modem

net        Net                 Internet

loc        Local              Local Networks

5) Modified /etc/shorewall/interfaces, the full configuration now is:

modem   eth0    192.168.1.255   dhcp

net         ppp0        -                  routefilter,norfc1918

loc          eth1    detect

6) Modified /etc/shorewall/tunnels, the full configuration now is:

pptpclient      modem   192.168.1.1

7) Modified the line /etc/shorewall/shorewall.conf

CLAMPMSS=yes

8) Setted all traffic allowed in policy and rules ( for the moment )

 

But it don''t work as gateway. Somebody can help me looking better my
configuration and telling me what''s wrong ?

I suspect something not good in /etc/shorewall/interfaces

 

Another question.

In the others PC in the local network what IP I have to set as him gateway ?

Thanks

On Wed, 2003-08-13 at 13:01, Salvatore wrote:
> 
> 8) Setted all traffic allowed in policy and rules ( for the moment )
> 
>  
Which is ABSOLUTELY THE WORST THING THAT YOU CAN DO. Now you have no log
messages to help you find out what is wrong.
> 
> But it don''t work as gateway. Somebody can help me looking better
my
> configuration and telling me what''s wrong ?
> 
> I suspect something not good in /etc/shorewall/interfaces
> 
That looks fine.
>  
> 
> Another question.
> 
> In the others PC in the local network what IP I have to set as him gateway
?
> 
The gateway IP address for local systems should be set to the IP address
of eth1 (192.168.2.1).

What have you done to the /etc/shorewall/masq file? It should contain:

ppp0	eth1

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net