similar to: Port forwarding on Shorewall box behind NAT ADSL router

Hello! So i got this problem. I have a debian sarge (with 2.6 kernel) box with shorewall up and network something like this: (net-ip)adsl-router(10.0.0.2)->(10.0.0.5)debian(192.168.0.1)->(192.168.0.x)lan-machines Everything works just great but i cant get port forwarding to work. shorewall show nat shows the traffic (to port 2002) but the machine (192.168.0.3) isnt getting it.. I have

I''m attempting to setup Squid as shown on: http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat 7.2 on the server in the DMZ. I''m not seeing the requests come in to the server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the firewall, the local traffic I''m trying to

Good day to all. I don''t like to Post unless I am really stuck. Guess what? Redhat with Shorewall. Been using this for years. I have a new client that we have setup with Redhat and Shorewall. The problem is that his outside address (ETH0 = NET) is dynamic (i.e. DHCP enabled). All the rules work fine when we use a STATIC address on Eth0, so we know the rules, filters, tos etc work fine

I''m seeing what may be sort of strange behavior - My machine is behind a Shorewall firewall, which, in the rules section, includes: AllowBitTorrent, any source, any dest I''m wondering - how is my machine behind the firewall able to upload, since no port forwarding related to bittorrent is taking place? (Just to clarify - it IS uploading) I looked at the AllowBitTorrent

hi, I have a debian system with shorewall acting as a router between my adsl line and my local network. One of the things on that local network is my playstation, and I''m having trouble playing an online game with it - the game tries to access the internet, and then fails at the stage where it tries to find the game servers. The debian machine is 192.168.0.3, and the playstation is

I apologize for the first message. :) --------------------------------------- I have an FTP server running in the DMZ section of my home network. It uses port 23000 for connection and ports 19990 to 19994 for data transfer. I have setup the following rule for outside people to connect to it: DNAT net dmz:192.168.2.2 tcp 23000 I''m at work right now and I can''t use

I have searched your FAQ''s and read the documentation on your site as well as googling. I am not able to figure this out. If you have any ideas can you please help. I am using the linux-ha failover with redundant firewalls. As part of the function of the linux-ha software consists a service called heartbeat which is a connection from each failover node through a serial cable or ethernet.

I have an ADSL router, a linux box with two NICS connected to the router and another PC connected to the router. I installed shorewall using the two interface method. I can ping and see the webserver on the linux box from the local network, but not from the internet. Sys info as follows: [root@wilma root]# shorewall version 1.4.6b [root@wilma root]# ip addr show 1: lo: <LOOPBACK,UP> mtu

I''ve had some issues with my network, and I''ve had to reconfigure my Gibraltar CD. It runs shorewall 1.4.8, and I have a 2-interface setup, so I downloaded the relevant files from the install page. Masq and such works, but I''m having a problem with my port forwarding. It works for port 22, but it doesn''t seem to work for any other port. I''ve turned

Hello Shorewall users, I have some questions I am hoping someone can answer. I have searched around the archives but so far I have been unable to find answers. I am trying to configure traffic shaping on my router/firewall box running Shorewall 3.0.5/kernel 2.4.31 and have run into some problems/questions. My basic set up is: 1500/256kbit ADSL (PPPoE/ppp0) -> Shorewall box

I have wondershaper to limit my upload at 400kilobits (my line is 600kbps). I do a lot of torrent seeding and I dont want my pings killed when I''m uploading so I set low prority source ports as follows (by the way, I have bittornet to only use ports 6881-6910): NOPRIOPORTSRC="6881 6882 6883 6884 6885 6886 6887 6888 6889 6890 6891 6892 6893 6894 6895 6896 6897 6898 6899 6900 6901

Hello, You will find in attachment the layout of my current physical configuration. For now, the Cable ISP is not used. Since it is a dynamic ISP, my mailserver is rejected and my domain name registers on blacklists like ORDB and al. I want it to be used as a default gateway except for my mail server that would be seen as coming from my "honest" ADSL ISP. Here is

Hi, I''ve installed Emule (p2p program) on my client box but I can''t access the servers due to the firewall. I''m getting this blocking errors: Jan 22 01:26:07 servidor kernel: Shorewall:net2all:DROP:IN=eth1 OUT=eth0 SRC=213.22.49.86 DST=192.168.0.3 LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=50538 DF PROTO=TCP SPT=46408 DPT=4662 WINDOW=5840 RES=0x00 SYN URGP=0 My rules file

Hi, i have a huge problem ;] I have redirected port 69 from NET (internet) IP 212.122.68.129 to the local network (masq) 192.168.0.3, that all queries from internet goes to local network PC. ACCEPT net masq tcp 69 - DNAT net masq:192.168.0.3 tcp 69 - everything works fine from the internet, but now I cannot access this port from other local PC`s. i have to access it locally, when i

(Sorry, my previous post was sent in HTML format) I am having a hell of a time with shorewall... I have a Dlink DCM202 Cable modem with the Ethernet connected directly to eth0 on the linux box. Then I have a second nic on the linux box connected to a hub for the internal network. I am trying to allow traffic from the internet connect to my FTP and WEB servers on my Winbloze box on the lan.

Hey all, A while ago today I posted about not being able to get my two interface setup working with a router (di 652 wireless/wired). I recieved help from Tom and got everything in the router turned off and set it up as a switch rather then a rouiter, this still never corrected my problems. Use tcpdump I see there is alot of traffic, but as soon as I dhcpcd eth1 (local) I loose all outside access

Hi i have a debian box working as a router.. it works quite well, now i want to give more than 1 ip.. is it possible to do it? some of them must be an open ip.. i mean.. all ports opened is it possible? how should i do it? Here is my nat.sh script just in case someone wants it.. (comments r in spanish.. and not right) Thanks in advance, #!/bin/sh echo "AthoS LaN Generando

I've got a test lab set up and im having problems connecting. The first problem is that it takes it a couple of tries before it actually connects the two machines. It complains about bogus data and after trying for a minute or so it connects. kill -USR1 shows that they are connected kill -USR2 only shows the local subnet, not the remote I've tried these versions without any luck: cvs

I''m having a problem with the Shorewall firewall and CUPS printing interfering with each other. My Linux firewall machine is acting as both a CUPS server and client for all of my tests. Shorewall 2.0.13 CUPS 1.1.22-2 Linux kernel 2.6.9 CUPS was working fine to print to my Epson C84 (network connected via a Netgear PS101 print server using lpd://PS101.IP.address/raw ) until I

Hi, Trying to figure out why I cannot get access to dell.com Their site is up because I can browse using a different firewall. Trying to find out where the logs are located and what log files it would write to if it were to deny browsing to a website. I can see the [UNREPLIED] when using the shorewall status. Was hoping to know what logfile it is writing it to. Thanks in advance, Elmer