Hi,
Bellow it is my current network configuration, that are running without
any problems for some years.
So far it did not have any open port from outside, but now i''m trying
to
open an ssh port.
In the Draytek ADSL/Router i make a nat port redirection from 80.x.x.x to
the internal ip 192.168.1.200.
So, it will be necessary to do some thing from Shorewall side to make this
work?
I''ve another network working with ssh and other services using the same
Draytek device, but the diference is that don''t exist a Shorewall
Firewall/Router in the middle.
I''m not a network specialist and this setup was made reading the
excellent
Shorewall documentation.
Thank''s in advance
Paulo Almeida
Internet
|
| 80.x.x.x (public ip)
-------
| | Draytek 2500 ADSL/Router (w/ firewall)
-------
| 192.168.1.252
|
|
| 192.168.1.200
10.0.0.250 -----------
DMZ------------| | Shorewall Firewall/Gateway
-----------
| 10.20.115.252
|
|
LOCAL
Shorewall version: 2.4.7
OS: Suse 9.0
Iptables version: 1.2.8
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Paulo Almeida wrote:> Hi, > > Bellow it is my current network configuration, that are running without > any problems for some years. > So far it did not have any open port from outside, but now i''m trying to > open an ssh port. > In the Draytek ADSL/Router i make a nat port redirection from 80.x.x.x to > the internal ip 192.168.1.200. > So, it will be necessary to do some thing from Shorewall side to make this > work?You want to connect to SSHD on the Shorewall Firewall? If so, just add this rule: ACCEPT net $FW tcp 22 -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
>> So, it will be necessary to do some thing from Shorewall side to make >> this >> work? > > You want to connect to SSHD on the Shorewall Firewall? If so, just add > this rule: > > ACCEPT net $FW tcp 22 > > -Tom > --Thank''s Tom for your response, but that rule already it was there. The problem was that i put in interfaces file the norfc1918 option for net (eth0) definition. Already made my penance for this dullness :-) By the way, I want to give my recognition for the excelent work that has been made throughtout the last years for Shorewall. Best regards, Paulo ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
Paulo Almeida wrote:> By the way, I want to give my recognition for the excelent work that > has been made throughtout the last years for Shorewall.Thanks, Paulo! -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642