OS: Debian Lenny (kernel 2.6.26-2-686 Shorewall: 4.0.15 (installed from Debian repository) I have an FTP server behind Debian system I am using for a firewall and I am wanting to use Shorewall on it (the Debian firewall). Following the instructions for configuring FTP (at <http://www.shorewall.net/FTP.html>), I have the following rule in my /etc/shorewall/rules file: FTP(DNAT) net loc:192.168.9.10 However when I run "shorewall check", it fails with the following error: ERROR: Invalid Action in rule "FTP(DNAT) net loc:192.168.9.10 " I can''t see what I am doing wrong? Thanks! :-) -Alan ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/
On 02/11/2012 04:27 AM, Lists wrote:> OS: Debian Lenny (kernel 2.6.26-2-686 > Shorewall: 4.0.15 (installed from Debian repository) > > I have an FTP server behind Debian system I am using for a firewall and > I am wanting to use Shorewall on it (the Debian firewall). Following > the instructions for configuring FTP (at > <http://www.shorewall.net/FTP.html>), I have the following rule in my > /etc/shorewall/rules file: > > FTP(DNAT) net loc:192.168.9.10 > > However when I run "shorewall check", it fails with the following error: > > ERROR: Invalid Action in rule "FTP(DNAT) net loc:192.168.9.10 " > > I can''t see what I am doing wrong? Thanks! :-)You are trying to use Shorewall 4.4 documentation to configure Shorewall 4.0. In Shorewall 4.0, the syntax is: FTP/DNAT net loc:192.168.9.10 Hint -- the Shorewall 4.0-4.2 documentation may be found at http://www.shorewall.net/4.2/Documentation_Index.html -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/
Den 2012-02-11 13:27, Lists skrev:> FTP(DNAT) net loc:192.168.9.10DNAT net loc:192.168.9.10:21 tcp 21> I can''t see what I am doing wrong? Thanks! :-)stop sending html to maillists :=) ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/
Den 2012-02-11 14:42, Tom Eastep skrev:> FTP/DNAT net loc:192.168.9.10so its now restricted to 1 to 1 port mapping ? wan port must now be lan port aswell ? with version of webmin does work with shorewall when changes is happend randomly, any webmin works with postfix since changes is persistense in postfix, maybe postfix is not shorewall :) ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/
On 2/11/12 8:48 AM, Benny Pedersen wrote:> Den 2012-02-11 14:42, Tom Eastep skrev: > >> FTP/DNAT net loc:192.168.9.10 > so its now restricted to 1 to 1 port mapping ? > > wan port must now be lan port aswell ?No.> > with version of webmin does work with shorewall when changes is happend > randomly, any webmin works with postfix since changes is persistense in > postfix, maybe postfix is not shorewall :)The current (4.4 and 4.5) versions of Shorewall still support the old syntax. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/
On 12-02-11 05:42 AM, Tom Eastep wrote:> 4.0. In Shorewall 4.0, the syntax is: > > FTP/DNAT net loc:192.168.9.10That seems to work :-) Thanks!> Hint -- the Shorewall 4.0-4.2 documentation may be found at > http://www.shorewall.net/4.2/Documentation_Index.htmlThe "FTP.html" docs at the above URL show the same syntax for FTP that I was trying to use, not the syntax you showed me above. -Alan ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/
On 2/11/12 9:53 AM, Alan Murrell wrote:> > The "FTP.html" docs at the above URL show the same syntax for FTP that I > was trying to use, not the syntax you showed me above.Yeah, the syntax changed in Shorewall 4.2.6 or there abouts and I apparently updated those examples at that time. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/