Hi, First, I am not listed in the mailing list. So, please reply respectively. Here is my problem. I was using shorewall at work and home place. Both was using 1.4.6 without problem as my settings are quite simple. Anyway, I have my work PC (running behind the firewall) setup to host PcAnywhere that need port 5631-5633 to be opened. I have the traffic DNAT to there from outside world. It was working fine until I upgraded. My problem is, I upgraded a few things before finding out I screwed up PcAnywhere. I upgraded my home firewall running fedora core1 to fedora core2 kernel 2.6.5-1. Work firewall remain the same running Redhat 7.2 with kernel 2.4.28. Then I upgraded both of the shorewall to 2.1.1 (home firewall) and 2.0.5 (work firewall). Now, I have a tough time trying to trace the problem. I did try using netstat on my home PC (windows client) to find out what''s the problem but failed. Anyone have any idea where I should start looking for the problem? Is it my home firewall or work firewall? My other settings seems to be running fine. I can use terminal service to connect to my work win2k servers without problems. Thanks in advance.
abubin hassan wrote:> Now, I have a tough time trying to trace the problem. I did try using > netstat on my home PC (windows client) to find out what''s the problem > but failed. Anyone have any idea where I should start looking for the > problem? Is it my home firewall or work firewall? > > My other settings seems to be running fine. I can use terminal service > to connect to my work win2k servers without problems.I would troubleshoot the problem as a DNAT problem on the work firewall using the tips in Shorewall FAQs 1a and 1b. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
abubin hassan wrote:> Hi, > > First, I am not listed in the mailing list. So, please reply > respectively. > > Here is my problem. I was using shorewall at work and home place. Both > was using 1.4.6 without problem as my settings are quite simple. Anyway, > I have my work PC (running behind the firewall) setup to host PcAnywhere > that need port 5631-5633 to be opened. I have the traffic DNAT to there > from outside world.Actually, PCAnywhere requires UDP port 5631 and TCP port 5632. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net