On Tuesday 16 December 2003 02:13 pm, Ted Gervais wrote:> I am wondering if I can get any tips on keeping my small network working
> when I run ''shorewall stop''. I have amended the
''routestopped'' file as
> the docs say which is like it always was:
>
> ###########################################################################
>### #INTERFACE HOST(S)
> eth1 -
> #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
>
>
> I am running version 1.4.8 and have amended the interfaces file as per the
> instructions:
>
> #ZONE INTERFACE BROADCAST OPTIONS
> net eth0 detect
> dhcp,routefilter,norfc1918,blacklist
> loc eth1 detect
> peers tunl+
>
>
> Still I have no access to the Internet when ''shorewall''
is stopped. In
> fact, even with previous versions I could never get things to work when
> shorewall was down.
>
> Any thoughts, anyone please..
To access the internet from your local network, you also need to allow traffic
through eth0 and you probably need masquerading as well (I''ll assume
so).
To give yourself internet access when Shorewall is stopped, you will have to:
a) Add eth0 to the routestopped file.
b) In /etc/shorewall/stopped, manually configure a masquerading netfilter
configuration by running ''iptables'' directly.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net