Dear List. Previuosly i use shorewall for my firewall, nad it work good, recently i have to have multiple connection to internet from my firewall, Now multiple connection to internet work fine, but without any shorewall rules :( Guide form http://www.ssi.bg/~ja/ (nano.txt), must have this rule in firewall, how to translate this rule to my shorewall system ? i put this rules at /etc/shorewall/init too, but still not work. iptables -t nat -A POSTROUTING -o IFE1 -s NWI/NMI -j SNAT --to IPE1 iptables -t nat -A POSTROUTING -o IFE2 -s NWI/NMI -j SNAT --to IPE2 iptables -t filter -N keep_state iptables -t filter -A keep_state -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -t filter -A keep_state -j RETURN iptables -t nat -N keep_state iptables -t nat -A keep_state -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -t nat -A keep_state -j RETURN iptables -t nat -A PREROUTING -j keep_state iptables -t nat -A POSTROUTING -j keep_state iptables -t nat -A OUTPUT -j keep_state iptables -t filter -A INPUT -j keep_state iptables -t filter -A FORWARD -j keep_state iptables -t filter -A OUTPUT -j keep_state please help me regarding tihi problem.. regards reza
Muhammad Reza wrote:> Dear List. > > Previuosly i use shorewall for my firewall, nad it work good, recently i > have to have multiple connection to internet from my firewall, > Now multiple connection to internet work fine, but without any shorewall > rules :( > Guide form http://www.ssi.bg/~ja/ (nano.txt), must have this rule in > firewall, how to translate this rule to my shorewall system ? i put this > rules at /etc/shorewall/init too, but still not work. >Forget the rules that you found at that site and rather follow the detailed instructions at http://shorewall.net/FAQ.htm#faq32. That FAQ covers configuration of two internet connections in Shorewall. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Tom Eastep wrote:> Muhammad Reza wrote: > >> Dear List. >> >> Previuosly i use shorewall for my firewall, nad it work good, >> recently i have to have multiple connection to internet from my >> firewall, >> Now multiple connection to internet work fine, but without any >> shorewall rules :( >> Guide form http://www.ssi.bg/~ja/ (nano.txt), must have this rule >> in firewall, how to translate this rule to my shorewall system ? i >> put this rules at /etc/shorewall/init too, but still not work. >> > > Forget the rules that you found at that site and rather follow the > detailed instructions at http://shorewall.net/FAQ.htm#faq32. That FAQ > covers configuration of two internet connections in Shorewall. > > -TomDear Tom. Thanks for the great response, i follow the detailed instructions at http://shorewall.net/FAQ.htm#faq32, but it''s still not work. Is this something deal with statefull inspection for nat table ? Please help me to debug and solve the problem. regards reza
Muhammad Reza wrote:> Thanks for the great response, i follow the detailed instructions at > http://shorewall.net/FAQ.htm#faq32, but it''s still not work. > Is this something deal with statefull inspection for nat table ?The FAQ gives you *EVERYTHING* that you need to do in Shorewall.> Please help me to debug and solve the problem.I publish a detailed guide of information that I require to solve problems (http://shorewall.net/support.htm). "It doesn''t work...." doesn''t deserve a response.... -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net