On 09/27/2012 09:06 AM, Nathan Kennedy wrote:> I have been trying to figure out a problem with a server we have that
> hosts wordpress and it cannot get the wordpress updates from
> wordpress.org. The only thing I can see shorewall wise is this error:
> Shorewall:FORWARD:REJECT:IN=eth1 OUT=eth1 SRC=192.168.111.23
> DST=192.168.111.23 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=13717 DF
> PROTO=TCP SPT=49106 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
>
> This server is setup for SNAT, this is the line in the nat file:
> 208.120.234.54 eth0:3 192.168.111.23 yes yes
>
That log message looks like 192.168.111.23 is trying to connect to
208.120.234.54; that of course results in 192.168.111.23 connecting to
itself through the firewall. The reason that connection doesn''t work is
that eth1 doesn''t have the ''routeback'' option in
/etc/shorewall/interfaces.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://ad.doubleclick.net/clk;258768047;13503038;j?
http://info.appdynamics.com/FreeJavaPerformanceDownload.html