Shorewall version 4.0.14
Debian Etch
Webmin Version 1.441
eth0 -> connected to adsl bridged modem, working OK using RP-PPPoE, outputing
ppp0 with correct ip from TPG
eth1 -> 10.1.1.1 connected to a router, act as gateway for other hosts
eth2 -> 10.1.1.4 connected to wireless router
Problem 1
Ignoring the use of eth1, I install Debian with eth2 plugged
When Im using eth2, I can log in to my box (using webmin) to configure the
debian either using 10.1.1.1 or 10.1.1.4 address, I can ping other host (e.g
10.1.1.5). But when I use eth2, I cant ping or do anything, the ping result from
Debian: From 10.1.1.4 Host Unreachable
What mistake I did? Why I can''t use eth1 connected with other hosts?
Problem 2
PPPoE up and running, I can ping any web address from Debian (e.g.
www.yahoo.com)
But Im not able to make other host (e.g. 10.1.1.5) connect to internet via
gateway on eth1 nor eth2
Again, ignoring the use of eth2 and I can configure eth1 to talk with other
hosts, how I can make Shorewall working to share the internet?
Shorewall configuration
Interfaces
#ZONE INTERFACE BROADCAST OPTIONS
net ppp0 detect routefilter
loc eth0 detect
loc eth1 detect
Masq
#INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC MARK
ppp0 eth1
ppp0 eth0
Policy
$FW net ACCEPT
$FW loc ACCEPT
net $FW ACCEPT
net loc ACCEPT
loc $FW ACCEPT
loc net ACCEPT
Rules
ACCEPT loc net all
ACCEPT net loc all
ACCEPT $FW net all
Zones
fw firewall
net ipv4
loc ipv4
Any help would be much appreciated
Thanks in advance
Start your day with Yahoo!7 and win a Sony Bravia TV. Enter now
http://au.docs.yahoo.com/homepageset/?p1=other&p2=au&p3=tagline
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer''s
challenge
Build the coolest Linux based applications with Moblin SDK & win great
prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
Phillipus Gunawan wrote:> Shorewall version 4.0.14 > Debian Etch > Webmin Version 1.441 > > eth0 -> connected to adsl bridged modem, working OK using RP-PPPoE, outputing ppp0 with correct ip from TPG > eth1 -> 10.1.1.1 connected to a router, act as gateway for other hosts > eth2 -> 10.1.1.4 connected to wireless router >Problem 0 -- your IP configuration is unworkable. You need to configure different IP networks on eth1 and eth2. You have apparently configured 10.1.1.0/24 on both of them. Problem 0.5 -- you have not provided the information requested at http://www.shorewall.net/support.htm#Guidelines> > Problem 1 >... ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer''s challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
Phillipus Gunawan wrote:> Shorewall version 4.0.14 > Debian Etch > Webmin Version 1.441 > > eth0 -> connected to adsl bridged modem, working OK using RP-PPPoE, outputing ppp0 with correct ip from TPG > eth1 -> 10.1.1.1 connected to a router, act as gateway for other hosts > eth2 -> 10.1.1.4 connected to wireless router > > > Problem 1 > > Ignoring the use of eth1, I install Debian with eth2 plugged > > When Im using eth2, I can log in to my box (using webmin) to configure the debian either using 10.1.1.1 or 10.1.1.4 address, I can ping other host (e.g 10.1.1.5). But when I use eth2, I cant ping or do anything, the ping result from Debian: From 10.1.1.4 Host Unreachable > > What mistake I did? Why I can''t use eth1 connected with other hosts? > >Check the routing, I''ll bet that you only have a network route on eth2.> Problem 2 > > PPPoE up and running, I can ping any web address from Debian (e.g. www.yahoo.com) > But Im not able to make other host (e.g. 10.1.1.5) connect to internet via gateway on eth1 nor eth2 > > Again, ignoring the use of eth2 and I can configure eth1 to talk with other hosts, how I can make Shorewall working to share the internet? > > Shorewall configuration > > Interfaces > #ZONE INTERFACE BROADCAST OPTIONS > net ppp0 detect routefilter > loc eth0 detect > loc eth1 detect > > Masq > #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC MARK > ppp0 eth1 > ppp0 eth0 > > Policy > $FW net ACCEPT > $FW loc ACCEPT > net $FW ACCEPT > net loc ACCEPTnow your wide open....> loc $FW ACCEPT > loc net ACCEPT > > Rules > ACCEPT loc net all > ACCEPT net loc all > ACCEPT $FW net all >that is more of a policy....> Zones > fw firewall > net ipv4 > loc ipv4 > > > Any help would be much appreciated > Thanks in advance >Debian? check shorewall.conf for IP_FORWARDING=On, you may have "Keep" instead of "On" Jerry ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer''s challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/